Greetings! I have a question on RAND_pseudo_bytes() semantics.
We've written an engine with our own RAND_METHOD. Our random number generator is able to return both cryptographically strong data and cryptographically weak data. Our RNG is able to provide cryptographically weak data much more faster. So when we call RAND_pseudo_bytes(), it always returns 0 (according to man). In libssl I've found about 20 calls to RAND_pseudo_bytes() when 0 is treated as an error. But if we need cryptographically strong data, it seems to be more correctly to call RAND_bytes(). So am I wrong in my understanding of RAND_pseudo_bytes() semantics, or there is an error in OpenSSL? Thank you! -- SY, Dmitry Belyavsky (ICQ UIN 11116575) ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
