> On 30 May 2018, at 11:55 PM, Michael Wojcik <michael.woj...@microfocus.com> > wrote: > >> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf >> Of FooCrypt >> Sent: Tuesday, May 29, 2018 21:41 >> To: openssl-users@openssl.org >> Subject: Re: [openssl-users] PRNG is not seeded >> >>> On 30 May 2018, at 8:58 AM, Scott Neugroschl <scot...@xypro.com> >> wrote: >>> >>> I’m using PRNGD to seed my random numbers (I’m on a system without >>> /dev/random and /dev/urandom). I occasionally get the dreaded “PRNG is >>> not seeded” error. >> >> I don’t know your OS or environment, have you tried the ‘openssl rand’ >> functionality as a random source to seed your entropy issues ? > > Where would openssl rand be getting its entropy from, in this case? You have > a circular dependency: openssl needs entropy, so it tries to get it from > PRNGD; and you're asking openssl to put entropy into PRNGD. >
Usage: rand [options] num where options are -out file - write to file -engine e - use engine e, possibly a hardware device. -rand file:file:... - seed PRNG from files -base64 - base64 encode output -hex - hex encode output RAND(1) describes the multiplicity of sources that can all be used together in some detail. DESCRIPTION The rand command outputs num pseudo-random bytes after seeding the random number generator once. As in other openssl command line tools, PRNG seeding uses the file $HOME/.rnd or .rnd in addition to the files given in the -rand option. A new $HOME/.rnd or .rnd file will be written back if enough seeding was obtained from these sources. ls -la ~/.rnd -rw------- 1 XXXXX XXXXX 1024 30 May 10:45 .rnd Make some .rnd’s dd if=/dev/[SOMEDEVICE] of=~/.rnd bs=1 count=1024 Make an engine Microphones work wonders and you can play with the sound, count, etc….etc….etc... >> perhaps rather than pseudo random, try a hardware device ? > > Now, this is a case where you might use openssl rand, in conjunction with > engine, to get entropy from another source. That could be a useful hack if > you can't easily change PRNGD or the application to read entropy from the > device. > > For example, I think I successfully used openssl with the pkcs11 engine to > get entropy from a NitroKey device a couple of years back, when I was playing > around with cheap HSMs. > > Whether something like the NitroKey (which is an inexpensive USB-attached HSM > in a thumbdrive form factor) would be useful in this case is something Scott > would have to determine. > > If it is, it'd be cleaner if he could change the application to load the > pkcs11 engine and use its RNG directly, or at least get entropy from it to > seed OpenSSL's PRNG. > >>> I know this is caused by a lack of available entropy in the system; but what >>> can I do to address this? Is it just a matter of waiting until enough >>> entropy >>> has been collected? Is there any kind of workaround? > > Depends on what sources PRNGD uses (I haven't looked), what the device is, > what the application is... If the device has sensors you can read, you might > be able to gather some entropy by reading noise from them (though this is > somewhat fraught - you don't want to overestimate the amount of entropy, and > both sensors and sensor APIs are often vulnerable to attack). > > Sometimes applications ask users to generate some entropy by asking them to > bang on the keyboard or wiggle the mouse, or that sort of thing. Again, it > really depends on what your device and application are. > > This topic is discussed at some length in the technical literature; see for > example section 3 of RFC 4086. > > -- > Michael Wojcik > Distinguished Engineer, Micro Focus > > > > -- > openssl-users mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users