On Tue, Sep 12, 2000, Jeffrey Altman wrote:
> What you are saying is that RAND_status() is going to call RAND_poll()
> regardless of whether or not the PRNG has been seeded. In other
> words, you are saying that you do not trust (and I don't really blame
> you) the application author to know how to see the PRNG.
Unfortunately there is evidence (lots!) that application authors cannot
be trusted to seed the PRNG. I recommend reading Peter Gutmann's PRNG
paper for some examples. The algorithm used in RNAD_poll() also comes
from Peter's paper.
> I agree 100% with this. RAND_poll() should only be called if proper
> seeding has not been done. Perhaps you can add a function that allows
> the knowledgeable application designer to set the "initialized" flag
> when the work has been done.
That sounds reasonable.
> In the meantime, I suggest that the if (kernel) if (snap ...) section
> of RAND_poll() be rewritten to only read the first HEAPENTRY32 struct
> of each HEAPLIST32. And that a mechanism be provided for application
> developers to perform proper seeding prior to calling RAND_status().
> Also, I would suggest that RAND_screen() be changed to call
> ssleay_rand_bytes() instead of RAND_poll() since neither readscreen()
> nor RAND_poll() are capable of setting the 'initialized' flag which is
> a static in md_rand.c
Thanks for the suggestions. Right now it doesn't quite work the way it
was intended. I don't have much time at the moment, but if nobody else
does it, I'll try to fix it for beta2.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
