On Sat, Nov 22, 2003, Geoff Thorpe wrote: > > BTW: are you sure that it's not just a question of the ncipher RAND_METHOD > implementation being over-enthusiastic? I'm looking at "hwcrhk_rand" > right now, and I see that the "bytes()" and "pseudorand()" handlers are > linked to the same hwcrhk_rand_bytes() function. Presumably only > "bytes()" *needs* to come from the hardware/driver - and "pseudorand()" > could perhaps be generated in software from hardware/driver seeding? >
Interesting point. For the usual static RSA modes only the RSA premaster secret uses RAND_bytes() and that's done on the client side. The server only calls RAND_pseudo_bytes() because all its random data gets sent (at least for an initial handshake) in plain text anyway. EDH ciphersuites (which few browsers use) would use RAND_bytes() for the ephemeral DH key generation but that wouldn't happen for a resumed client connection. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
