> In that test program, insert "ERR_print_errors_fp(stdout);" before the
> "return(0);" statement and recompile. Running the program then will
> output the notorious "prng not seeded" error message, which is
> discussed in the OpenSSL FAQ.
It needs a few more bits of glue to see it clearly, which become pretty
clear when I put your message together with the FAQ, and went back and
grepped the test sources to see what went on there. I re-cobbled together
the test program to read as such:
#include <openssl/rsa.h>
#include <openssl/bn.h>
#include <openssl/err.h>
#include <openssl/rand.h>
static const char rnd_seed[] = "string to make the random number generator
thin$
int main(void) {
RSA *key;
// RAND_seed(rnd_seed, sizeof rnd_seed); /* or OAEP may fail */
key=RSA_generate_key(32,3,NULL,NULL);
if(key==NULL) {
printf("NO RSA!\n\n");
ERR_load_crypto_strings();
ERR_print_errors_fp(stdout);
}
else
printf("RSA OK!\n");
return(0);
}
Leaving the RAND_seed() function commendted out, as above, causes the test
to fail, as it should, and it does return the correct error.
Guess this one goes back to openssh-dev...
Thank you very much for the help!
-David Hesprich
--
David G. Hesprich, CISSP
Technical Solutions Consultant
Sprint Enterprise Network Services
Numeric Pager:800-724-3329 PIN 382-8387
Alpha Pager: [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
