I am trying to build and run the Mac version of OpenSSL, based on the Feb. 7
2000 snapshot. Connection fails, reasonably enough, because the random
number generator has not been seeded with enough entropy to generate a
random enough key. My questions are:
-- The definition of ENTROPY_NEEDED (md_rand.c line 59) should be 16, not
32, to correspond to 128 bits (16*8 = 128).
-- In md_rand.c the function ssleay_rand_bytes() returns an error if the
random number generator had been seeded with less than 128 bits. Where does
this number come from?
-- It isn't easy to generate 128 random bits on a typical desktop machine
without some explicit user input. What do commercial browsers (Netscape, IE)
supporting SSL do to initialize their random number generators? The example
given (Rand_screen) seems very slow and not very reliably random.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
