Richard Stoughton wrote:
On Tue, May 20, 2008 at 12:09 AM, Bodo Moeller <[EMAIL PROTECTED]> wrote:
As far as I can understand the code, the suggested usage pattern for
the RNG would be
ssleay_rand_bytes(ssleay_rand_add ^ n) with n > 0.
If consecutive calls to ssleay_rand_bytes without intermediate calls
to ssleay_rand_add are allowed, your objection is obviously more than
justified.
Many applications call ssleay_rand_add (or one of the wrapper functions)
only once at application startup with data for example from /dev/random.
People wearing both belt and suspenders may want to call
ssleay_rand_add periodically during application runtime, but that's not
necessary in the strict sense.
- do not mix bits of the given output buffer into the internal entropy pool.
Note that the second improvement may totally break already broken
client software.
Why would it?
Clients that do not call ssleay_rand_add at all would probably get a
random series with even less variance than the debianized one has.
Clients not calling ssleay_rand_add at all get *no* random series, but
an error code when calling ssleay_rand_bytes (and an error message
requesting to read the OpenSSL FAQ,
http://www.openssl.org/support/faq.html).
Ciao,
Richard
--
Dr. Richard W. Könning
Fujitsu Siemens Computers GmbH
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager [EMAIL PROTECTED]