Yo Hal! On Sun, 29 Jan 2017 17:15:05 -0800 Hal Murray <[email protected]> wrote:
> [email protected] said: > > You can't run out of randomness with RAND_bytes(). > > Would you please say more. The man page says: > > RAND_bytes() puts num cryptographically strong pseudo-random > bytes into buf. An error occurs if the PRNG has not been seeded with > enough randomness to ensure an unpredictable byte sequence. Doesn't that say it? Once seeded it does not run out. > How can I be sure that it has "been seeded with enough"? Use RAND_status() or RAND_event() On Linux you can do: cat /proc/sys/kernel/random/entropy_avail Most sources say entropy past 128 is good enough. As a general rule, don't do important crypto things just after system boot. And be especially careful running in a VM. RGDS GARY --------------------------------------------------------------------------- Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97703 [email protected] Tel:+1 541 382 8588 Veritas liberabit vos. -- Quid est veritas? "If you can’t measure it, you can’t improve it." - Lord Kelvin
pgp8FlyktU20p.pgp
Description: OpenPGP digital signature
_______________________________________________ devel mailing list [email protected] http://lists.ntpsec.org/mailman/listinfo/devel
