Hi there,
At 03:38 PM 4/4/00 +0200, you wrote:
>When I try to use "SSL_connect", I get also the error message "PRNG not
>seeded". I have read the old messages about the problem. But it seems that
>all the messages are about Unix/Linux, but not Windows.
>Someone said that with RAND_egd() can solve the problem. I have checked the
>code and find the following code in rand_egd.c:
>#if defined(WIN32) || defined(VMS) || defined(__VMS)
>int RAND_egd(const char *path)
> {
> return(-1);
> }
>#else
>...
>What can I do in Windows NT?
There's a function called RAND_screen() that is only implemented on WIN32
and uses the current screen contents as random seed. Not terribly good at
the best of times, especially if your program runs as an NT service and the
screen consists of the same log-in prompt (assuming RAND_screen() can
obtain the screen context in such a circumstance, I have no idea).
The other thing is wiggle the mouse a lot, handle mouse-movement events,
and pipe that (and any other randomness information you can find) into;
void RAND_seed(const void *buf, int num);
:-)
I'd advise trying to find a lot though ... perhaps kernel stats, file-IO
information, network stats, etc etc. OpenSSL can only be as secure as its
random-number generator, which can only be as secure as the random seed you
give it. (Note, you can't replace those "can only be" phrases with "is"!
:-> ).
Cheers,
Geoff
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
