Issue is fixed.
So long as it's OK to generate the same random bytes at each power-on.
This is quite a common problem with embedded devices: even after boot it
can be hard to find entropy with which to seed the PRNG. The usual
sources which are used in a PC environment (keystrokes, ethernet activity,
...) are often absent.
The best solution is always hardware. If you wire up a digital i/o in such
a way that reading it produces an unpredictable series of 0's and 1's[1]
then at least you have some genuine entropy to work with. It doesn't have
to be ERNIE[2] to be better than nothing.
[1] Exactly how to do this is off-topic for this list. Quaerendo invenietis.
[2] For non-Brits: http://en.wikipedia.org/wiki/Premium_Bond#ERNIE.
FYI-
As I am working on pre-boot, no OS is present. Which was resulting in no
seeding.
RAND_seed() has been called before using RAND_bytes().
Here is the code snippet.
static const char rnd_seed[] = string to make the random number generator
think it has entropy;
RAND_seed(rnd_seed, sizeof rnd_seed);
On Tue, Aug 13, 2013 at 6:16 PM, baban devkate baban...@gmail.com wrote:
FYI -
RAND_bytes(buf, bytes) receives correct parameters as bytes=256 for
SHA256.
int RAND_bytes(unsigned char *buf, int num)
{
const RAND_METHOD *meth = RAND_get_rand_method();
if (meth meth-bytes)
{
Print(L control is here\n);/---controll is here
return meth-bytes(buf,num);
}
Print(L RAND_bytes fails\n);
return(-1);
}
On Tue, Aug 13, 2013 at 3:35 PM, baban devkate baban...@gmail.com
wrote:
Hello,
RAND_bytes() will use the proper OS-provided RNG e.g. /dev/urandom or
/dev/randomon Linux and CryptGenRandom() on Windows.
I want to know how it works in Pre-boot environement?
In pre-boot environment, if RAND_bytes() returns zero then what does it
mean?
Is it because PRNG is not properly seeded? If yes, how to resolve it?
~Baban
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager majord...@openssl.org
