I mean the following: RAND_poll is called only once and stirring of the pool is made only once. After these operations
no more data is adding to the global state buffer. Global state buffer is only 1023 bytes long, and although data is
always mixing by md5 and xored we have only 1023 bytes of real random data, nothing more.
For example, I have a server application that accepts SSL connections and works very long time(24/7). I think that after
getting tens of thousands of random bytes with RAND_bytes, data will be too worse, not cryptographically secure. That's
why what is the number of bytes we can safely get with RAND_bytes before it will give already not cryptographically
secure data?
Knowing this number we can call RAND_poll once again or RAND_seed with our good random data and also maybe we must stir
the pool again.
I will be very grateful for the responses and further discussion.
Regards,
Vladimir.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [email protected]
Automated List Manager [email protected]
