Thanks all for your valuable comments,
Erik Leunissen.
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager
Apparently, there are some situations where there is no entropy source
to seed the OpenSSL PRNG.
Is there a uniform way to detect that the OpenSSL PRNG has not been
seeded? Uniform is uniform over the various platforms because I want
to prevent that I need to check on a per platform basis
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Erik Leunissen
Sent: Thursday, September 28, 2006 10:25 AM
To: openssl-users@openssl.org
Subject: Re: Seeding the OpenSSL PRNG (continued ...)
Apparently, there are some situations where
Erik Leunissen wrote:
Is there a uniform way to detect that the OpenSSL PRNG has not been
seeded? Uniform is uniform over the various platforms because I want
Call RAND_status() (see http://www.openssl.org/docs/crypto/RAND_add.html#).
Ciao,
Richard
--
Dr. Richard W. Könning
Fujitsu Siemens
Richard Koenning wrote:
Call RAND_status() (see http://www.openssl.org/docs/crypto/RAND_add.html#).
Right. I overlooked that one.
Thanks,
Erik.
__
OpenSSL Project http://www.openssl.org
User
On Wed, Sep 27, 2006, Erik Leunissen wrote:
This makes me think that:
- either there has been some other call into the OpenSSL library that
implicitly seeded the PRNG without my noticing it (perhaps
DSA_generate_parameters() or DSA_new() ), or
- the warning mechanism doesn't work
Dr. Stephen Henson wrote:
OpenSSL makes use of some standard sources of entropy on various platforms to
seed the PRNG automatically. On linux this includes the /dev/urandom device
and on Windows various things including the CryptoAPI PRNG.
OK, that explains, thanks.
The program is going to
CryptoAPI is a standard component that you can expect to have on any
machine which has IE5 or later installed. You can also expect it to
be on Windows 2000+ as a default, as well as NT4SP3 or higher.
It uses the same mechanisms that the various /dev/urandom|/dev/random
implementations use,
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Erik Leunissen
Sent: Wednesday, September 27, 2006 4:53 PM
To: openssl-users@openssl.org
Subject: Re: Seeding the OpenSSL PRNG
Dr. Stephen Henson wrote:
OpenSSL makes use of some standard
Check this:
http://www.counterpane.com/yarrow.html
It's a try icon application for Windows, but you can change it to be a
service.
- Original Message -
From: Edward Chan [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Thursday, October 03, 2002 1:47 AM
Subject: Seeding the OpenSSL
10 matches
Mail list logo