Re: "PRNG_NOT_SEEDED", Even after calling RAND_add() in client
> Thanks for your response. > Here is how i use RAND_seed in my client : > > while (RAND_status() == 0) { > int rnd = rand(); > RAND_seed(&rnd, sizeof(rnd)); > } Ungh. Now you're seeding your random number generator with... a random number generator. And I bet you never called srand() which is needed to seed it, which means you're always getting the same random numbers. And if you did seed it, did you seed it with something random? And even if you did, it's no use, because there are only (unsigned int) possible seeds to srand, so there are only that many possible random strings you could be getting so you can only be seeding the OpenSSL PRNG with that many possible inputs. You're still way low on entropy. from "man rand" DESCRIPTION The rand() function returns a pseudo-random integer between 0 and RAND_MAX. The srand() function sets its argument as the seed for a new sequence of pseudo-random integers to be returned by rand(). These sequences are repeatable by calling srand() with the same seed value. If no seed value is provided, the rand() function is auto matically seeded with a value of 1. ... So I'd *SERIOUSLY* consider some better random sources. > Now Serverhello and certificate is accepted but when > the client tries to generate a RSA key, the control > does not seem to be coming out of while (*p == '\0') > in rsa_pk1.c (code below)as buffer is all initilized > to '\0'.I dont see any data in p being filled when > RAND_bytes(p,j) is called. So your code tries to make j bytes of non \0 chars in p, yes? Seems to work for me, actually. I just copy/pasted it and slapped a for loop to print at the end and it worked fine. -- Brian Hatch C:\WINDOWS Systems and C:\WINDOWS\GO Security Engineer C:\PC\CRAWL http://www.ifokr.org/bri/ Every message PGP signed pgp0.pgp Description: PGP signature
Re: "PRNG_NOT_SEEDED", Even after calling RAND_add() in client
hi brian, Thanks for your response. Here is how i use RAND_seed in my client : while (RAND_status() == 0) { int rnd = rand(); RAND_seed(&rnd, sizeof(rnd)); } Now Serverhello and certificate is accepted but when the client tries to generate a RSA key, the control does not seem to be coming out of while (*p == '\0') in rsa_pk1.c (code below)as buffer is all initilized to '\0'.I dont see any data in p being filled when RAND_bytes(p,j) is called. REL openssl-0.9.7 Can anyone help me please!! ssl3_send_client_key_exchange(SSL *s) RSA_public_encrypt(..) if (RAND_bytes(p,j) <= 0) return(0); for (i=0; i wrote: > > > > I get a PRNG_NOT_SEEDED error even after i call > > RAND_add() function. I am calling the function at > the > > begining before SSL initialization. > > ... > > > unsigned long Time=time(NULL); > > > > RAND_add(&Time,sizeof(Time),0); > > You should call RAND_status which returns true/false > to tell you > if you have enough entropy. Your code is bad for > several reasons: > > > Assuming an unsigned long is 4 bytes on your > system, you're adding > 32 bits of entropy, which is very very low. > (You'd want to give at > least 40 bits to properly use 40 bit crypto, etc.) > > Secondly, time(NULL) is not providing 32 full bits > of entropy. In > an entire day time(NULL) will produce only 86400 > different values, > which has 17 bits total. The actual entropy of > those bits is still > damned low. > > Lastly, RAND_add expects the last arg to be the > expected entropy of > your system. Now here you've done a fairly > accurate assesment in > saying that even though an unsigned long is 32 > bits the amount of > entropy being supplied by your unsigned long > (initialized from > time(NULL) ) is low (you said 0 bytes). > > Try getting a better source of random data and then > use RAND_add > with a non-zero final value, where that value > accurately defines > how much randomness you expect in the data. > > You might want to read the RAND_add man page. > > -- > Brian Hatch "Don't give >Systems andaway the homeworld." >Security Engineer > http://www.ifokr.org/bri/ > > Every message PGP signed > > ATTACHMENT part 2 application/pgp-signature __ Do you Yahoo!? Yahoo! Platinum - Watch CBS' NCAA March Madness, live on your desktop! http://platinum.yahoo.com __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: "PRNG_NOT_SEEDED", Even after calling RAND_add() in client
> I get a PRNG_NOT_SEEDED error even after i call > RAND_add() function. I am calling the function at the > begining before SSL initialization. ... > unsigned long Time=time(NULL); > > RAND_add(&Time,sizeof(Time),0); You should call RAND_status which returns true/false to tell you if you have enough entropy. Your code is bad for several reasons: Assuming an unsigned long is 4 bytes on your system, you're adding 32 bits of entropy, which is very very low. (You'd want to give at least 40 bits to properly use 40 bit crypto, etc.) Secondly, time(NULL) is not providing 32 full bits of entropy. In an entire day time(NULL) will produce only 86400 different values, which has 17 bits total. The actual entropy of those bits is still damned low. Lastly, RAND_add expects the last arg to be the expected entropy of your system. Now here you've done a fairly accurate assesment in saying that even though an unsigned long is 32 bits the amount of entropy being supplied by your unsigned long (initialized from time(NULL) ) is low (you said 0 bytes). Try getting a better source of random data and then use RAND_add with a non-zero final value, where that value accurately defines how much randomness you expect in the data. You might want to read the RAND_add man page. -- Brian Hatch "Don't give Systems andaway the homeworld." Security Engineer http://www.ifokr.org/bri/ Every message PGP signed pgp0.pgp Description: PGP signature