At one point of time, we had used tt800.c random number generator (available on the net - a small file sized 2kB), and sha'd or md5'd the output into a stream. From the output, we filtered out weak keys, if any.
_____ From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Anthony Gabrielson Sent: Tuesday, March 30, 2010 5:24 PM To: openssl-users@openssl.org Subject: Random Numbers Hello, I've been searching around and I'm not finding much on OpenSSL and random numbers. I'm trying to figure out how to best use RAND_bytes and RAND_pseudo_bytes; do I still need to worry about entropy or does OpenSSL take care of it for me these days? If I do need to worry about it, does anyone have any suggestions on where I can look for pointers for use with windows? Thanks, Anthony