Steffen DETTMER wrote:
> * Lutz Jaenicke wrote on Fri, Sep 19, 2008 at 14:22 +0200:
>
>>> we purchased a hrng for the generation of RSA keys for instance.
>>> It is an USB device an shows up as /dev/qrandom.
>>>
>>>
>> Note: if /dev/urandom is available, OpenSSL will read an additional amount
>> of random bytes from it whether an explicit seed source is available or
>> not. This however does not reduce the quality of the entropy provided
>> by your source.
>>
>>
>>> I am not shure about the role of /dev/urandom: does it deliver a
>>> (pseudo) random number or the salt for the PRNG?
>>>
>> It is used to seed OpenSSL's internal PRNG.
>>
>
> This means the internal PRNG is seeded with /dev/urandom data,
> but it is not used at all
> and /dev/urandom is not used elsewhere (if external entropy source is used)
> -- is this correct?
>
All "random" values used by OpenSSL like keys generated with genrsa
are generated using OpenSSL's internal PRNG. This internal PRNG is
seeded from different sources. These external sources can be provided
explicitly (as with the "-rand" option of genrsa) or via RAND_add() within
an application. As on several occasions people were given bad advice to
abuse "-rand" or RAND_add() with bad entropy sources we have decided
to always add additional bytes from /dev/urandom if available on the
system.
OpenSSL's internal PRNG uses a 1024 byte pool mixing entropy with
SHA-1 so the more bytes a mixed in, the better. At least it cannot hurt
to add any input to it as the entropy in the pool can never decrease
by mixing in more bytes.
Best regards,
Lutz
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
