On Tue, May 16, 2000 at 09:05:16AM +0200, Lutz Jaenicke wrote:
> The absolut minimum amount of seed is 16 bytes. If EGD is not drained, one
> call to RAND_egd() will give you 255 bytes.
> So depending on your environment you can use RAND_egd() as a replacement
> for RAND_seed() or you can use both to collect even more entropy.
> [The PRNG has 8192 state bits (1024 bytes), all calls to RAND_seed/egd()
> or whatever functions will increase the entropy in the pool, so adding to
> much never harms :-)]
After the initial minimum seeding, one should always add at least 1024
seed bytes (possibly of worse quality) so that the randomness pool
gets completele 'stirred'. Use RAND_add with zero entropy count if
your randomness source is particularly suspicious (e.g. a fixed
'randomness' file created at program installation).
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
