Lutz Jaenicke wrote:
Gerd Schering wrote:
Hello,
we purchased a hrng for the generation of RSA keys for instance.
It is an USB device an shows up as /dev/qrandom.
So, in order to generate rsa keys, is it sufficient to use it as a
replacement for /dev/urandom and to call genrsa as
openssl genrsa -rand /dev/qrandom 2048 ?
Yes, it is sufficient. Please note that a source not having a definite
EOF (End Of File) will lead to an infinite loop reading from the source.
It may therefore be necessary to read a specified amount of entropy
first into an intermediate file to be fed via "-rand".
So , if I get it right: we have a "true" random source to seed the PRNG
and this produces "true" random numbers?
regards,
Gerd
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]