> So what is the correct way, 1 or 2? > > 1) > > RAND_poll() > /* RAND_bytes is unnecessary */ > /* RAND_add is unnecessary */ > > 2) > > RAND_poll() > RAND_bytes(buf, 128); > /* RAND_add is unnecessary */
On Windows, you call CryptGenRandom to obtain your seed for the OpenSSL PRNG. On Linux, you use one of the random devices, like /dev/srandom, /dev/random, or /dev/urandom. Windows Phone and Windows Store apps add a twist, like requiring calls to BCryptGenRandom. There's no way to wrote portable code when you factor in Windows Phone and Windows Store. It will be a #define mess. Jeff -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
