Re: [openssl-users] Signing an XML file

On Wed, Dec 14, 2016 at 11:47 AM, Anibal F. Martinez Cortina < linuxkid.z...@gmail.com> wrote: [...] > As a matter of facts, you're indeed right. I was daunted by the idea of > going through PHP's source myself.. > Thanks for the pointers, guys. > I'll report back as soon as I get some progress.

Re: [openssl-users] Doubt about OpenSSL library initialization in an HTTP client application

On Mon, Dec 12, 2016 at 3:53 PM, Jeffrey Walton wrote: > > So what is the correct way, 1 or 2? > > > > 1) > > > > RAND_poll() > > /* RAND_bytes is unnecessary */ > > /* RAND_add is unnecessary */ > > > > 2) > > > > RAND_poll() > > RAND_bytes(buf, 128); > > /* RAND_add is

Re: [openssl-users] Doubt about OpenSSL library initialization in an HTTP client application

On Mon, Dec 12, 2016 at 3:33 PM, silvioprog <silviop...@gmail.com> wrote: [...] > So what is the correct way, 1 or 2? > *"which is ..." -- Silvio Clécio -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Doubt about OpenSSL library initialization in an HTTP client application

On Mon, Dec 12, 2016 at 3:28 PM, Salz, Rich wrote: > > > You fed RAND_bytes output back into RAND_add? That's silly. > > Yes. Is it unnecessary? My steps are: > > It is a bad idea. It is pointless. Don't do it. So what is the correct way, 1 or 2? 1) RAND_poll() /*

Re: [openssl-users] Doubt about OpenSSL library initialization in an HTTP client application

On Mon, Dec 12, 2016 at 3:04 PM, Salz, Rich wrote: > > "In short, I just replaced the RAND_screen() call to the RAND_poll(), > generated a random buffer using RAND_bytes() (based on > https://wiki.openssl.org/index.php/Random_Numbers#Software) seeding it > via RAND_add()" > >

Re: [openssl-users] Doubt about OpenSSL library initialization in an HTTP client application

Oops, I meant: "In short, I just replaced the RAND_screen() call to the RAND_poll(), generated a random buffer using RAND_bytes() (based on https://wiki.openssl.org/index.php/Random_Numbers#Software) seeding it via RAND_add()" On Mon, Dec 12, 2016 at 2:46 PM, silvioprog <silviop

Re: [openssl-users] Doubt about OpenSSL library initialization in an HTTP client application

/Random_Numbers#Software) seeding via RAND_add(). Thanks a lot for the help, dudes! :-) On Sun, Dec 4, 2016 at 12:01 AM, silvioprog <silviop...@gmail.com> wrote: > Thanks for sharing the links, I'm going to check them. > > The original code call RAND_screen() only once in the app initializat

Re: [openssl-users] Doubt about OpenSSL library initialization in an HTTP client application

Thanks for sharing the links, I'm going to check them. The original code call RAND_screen() only once in the app initialization, so can I replace it by RAND_add()? (I'm newbie on SSL) I've noticed the application is just a HTTP client consuming some web services via HTTPS. It doesn't call

Re: [openssl-users] Doubt about OpenSSL library initialization in an HTTP client application

Thanks for replying! I found two libraries at application's directory: libeay32.dll and ssleay32.dll, both with file version 0.9.8.14 and product version 0.9.8n. I totally agree about properly initializing the random number generator, however I don't know how to do that yet. That code I'm using

[openssl-users] Doubt about OpenSSL library initialization in an HTTP client application

Hello all, I'm trying to speed up the initialization of a legacy HTTP client application. Debugging that code, I found the following functions being called each application startup: initialization SSL_library_init() SSL_load_error_strings() OpenSSL_add_all_algorithms()