Sorry for not being clear. Essentially, I'm looking for good ways to seed the PRNG since I have no control over my users systems. Using time() seems like a bad idea since it isn't really random and it doesn't provide the 128 bits needed. However, if that's the normal practice, so be it. Does everyone else expect their users to have a good /dev/random or install edg?
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]On Behalf Of Layla
Sent: Wednesday, April 06, 2005 1:25 PM
To: openssl-users@openssl.org
Subject: Re: RAND_seed()Ok I don't know if I understood your problem correctly, but if you're looking for ways for seeding you can always use current system time, I believe this is pretty much available on all systems.Hope that helps.
"Bibbs, Christopher" <[EMAIL PROTECTED]> wrote:Ok, here's my problem. I'm using OpenSSL as part of my application, but not
all users have /dev/random (or /dev/urandom) so what's a developer to do? I
don't really want to seed with a constant string as the test apps do, but I
need a source I can count on. Asking my users aren't system administrators
so asking them to install additional software or make system modifications
is out of the question.
Thoughts?
The contents of this e-mail are intended for the named addressee only. It
contains information that may be confidential. Unless you are the named
addressee or an authorized designee, you may not copy or use it, or disclose
it to anyone else. If you received it in error please notify us immediately
and then destroy it.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
Yahoo! Messenger
Show us what our next emoticon should look like. Join the fun.
The contents of this e-mail are intended for the named addressee only. It contains information that may be confidential. Unless you are the named addressee or an authorized designee, you may not copy or use it, or disclose it to anyone else. If you received it in error please notify us immediately and then destroy it.
