Re: "PRNG not seeded" in Window NT

Tue, 04 Apr 2000 08:49:30 -0700 



Geoff Thorpe wrote:
> 

> 
> I'd advise trying to find a lot though ... perhaps kernel stats, file-IO
> information, network stats, etc etc. OpenSSL can only be as secure as its
> random-number generator, which can only be as secure as the random seed you
> give it. (Note, you can't replace those "can only be" phrases with "is"!
> :-> ).
> 


with much respect to Per Nilsson for supplying this.....

should/can be used in addition to suitable hardware

// Random seeding modeled after Netscapes SEC package
// but keeps looping, sampling the high resolution timer
// and the cursor position periodically. This should be
// truly random if there is any load at all on the machine.
unsigned long WINAPI RandomThread(PVOID dummy)
{
        UUID uuid;
        POINT pt;
        LARGE_INTEGER ci;
        MEMORYSTATUS mem;
        DWORD dw1,dw2,dw3,dw4;
        char vol[128],fs[128];
        void *p;

        dw1=GetTickCount();
        RAND_seed((unsigned char *)&dw1,sizeof(dw1));
        p=GetCurrentProcess();
        RAND_seed((unsigned char *)&p,sizeof(p));
        dw1=GetCurrentProcessId();
        RAND_seed((unsigned char *)&dw1,sizeof(dw1));
        p=GetCurrentThread();
        RAND_seed((unsigned char *)&p,sizeof(p));
        dw1=GetCurrentThreadId();
        RAND_seed((unsigned char *)&dw1,sizeof(dw1));
        dw1=GetLogicalDrives();
        RAND_seed((unsigned char *)&dw1,sizeof(dw1));
        GetVolumeInformation(0,vol,sizeof(vol),&dw1,&dw2,&dw3,fs,sizeof(fs));
        RAND_seed(vol,strlen(vol));
        RAND_seed(fs,strlen(fs));
        RAND_seed((unsigned char *)&dw1,sizeof(dw1));
        RAND_seed((unsigned char *)&dw2,sizeof(dw2));
        RAND_seed((unsigned char *)&dw3,sizeof(dw3));
        GetDiskFreeSpace(0,&dw1,&dw2,&dw3,&dw4);
        RAND_seed((unsigned char *)&dw1,sizeof(dw1));
        RAND_seed((unsigned char *)&dw2,sizeof(dw2));
        RAND_seed((unsigned char *)&dw3,sizeof(dw3));
        RAND_seed((unsigned char *)&dw4,sizeof(dw4));
        mem.dwLength=sizeof(mem);
        GlobalMemoryStatus(&mem);
        RAND_seed((unsigned char *)&mem,sizeof(mem));
        dw1=sizeof(vol);
        GetComputerName(vol,&dw1);
        RAND_seed(vol,dw1);
        memset(&uuid,0,sizeof(uuid));
        UuidCreate(&uuid);
        RAND_seed((unsigned char *)&uuid,sizeof(uuid));

        for(;;)
        {
                QueryPerformanceCounter(&ci);
                RAND_seed((unsigned char *)&ci,sizeof(ci));
                GetCursorPos(&pt);
                RAND_seed((unsigned char *)&pt,sizeof(pt));
                Sleep(1000);
                //rand_cb(gCtx);
        }

        return 0; // unreachable. but the fuction should have a return value !
}



Regards
Neil Costigan
begin:vcard 
n:Costigan;Neil
tel;cell:us: 650 787 7603 euro: +46.708.977.482
tel;work:us: 650 938 7600 x 204 euro: +46.8.5872.8822
x-mozilla-html:FALSE
url:www.celocom.com
org:<A HREF="http://www.celocom.com">Celo Communications</A><br>c�lo, �vi, �tum, (latin) 1,v.a. to hide something from one, to keep secret, to conceal.
adr:;;444 Castro Street, Suite 1001;Mountain View;California;94041;USA
version:2.1
email;internet:[EMAIL PROTECTED]
note;quoted-printable:=0D=0AAlternative .... =0D=0A=0D=0ACelo Communications Ltd. =0D=0A5 Westland Square=0D=0ADublin 2=0D=0AIreland =0D=0A=0D=0ATel: +353 1 670 9238 =0D=0AFax: +353 1 602 3983
fn:Neil Costigan
end:vcard

S/MIME Cryptographic Signature

Reply via email to