Edward Chan wrote:
Thanks. I guess I should have did that first. My apologies. But I
couldn't find the answer to my next question. If the PRNG is already seeded
using the Crypto API, how many bits of entropy are used to seed it?
The following code is in crypto/rand/rand_win.c:
>>>>>>>>>>>>>>>>>>>>>>
BYTE buf[64];
.
.
.
if (acquire(&hProvider, 0, 0, PROV_RSA_FULL,
CRYPT_VERIFYCONTEXT))
{
if (gen(hProvider, sizeof(buf), buf) != 0)
{
RAND_add(buf, sizeof(buf), 0);
#if 0
printf("randomness from PROV_RSA_FULL\n");
#endif
}
release(hProvider, 0);
}
<<<<<<<<<<<<<<<<<<<<<<<<So IMHO there are at least 64 Bytes (or 512 Bits) of added entropy on each call of RAND_poll.
In adition some network statistics as well as memory status, current cursor position and several other things are added to the random pool if they can be acquired (which should be the case on a Win2000+ machine). Hard to guess the entropy from that, but I think it might be an additional 32 to 64 Bytes.
Note that on Windows CE it might be considerably less since I do not know if the Crypto API is available on every platform.
So the added entropy per call is fix, if you need more you can use additional calls to RAND_poll. And of course you can still use RAND_add yourself if you have a reliable source of randomness.
It sounds correct, but my knowledge in this area on Linux is considerably lower... ;)On linux, I make it configurable thru a call to
RAND_load_file("/dev/random/", iEntropy); // iEntroy = # bytes of entropy to use
Is this correct for linux?
Thanks,
Ed
Ted ;)
-- PGP Public Key Information Download complete Key from http://www.convey.de/ted/tedkey_convey.asc Key fingerprint = 31B0 E029 BCF9 6605 DAC1 B2E1 0CC8 70F4 7AFB 8D26
smime.p7s
Description: S/MIME Cryptographic Signature
