On Fri, Jun 30, 2000, Louis LeBlanc wrote:
> RAND_bytes(entropy, 4000);
> RAND_seed(entropy, 3000);
> /* just giving myself some room until the code is working */
>
> And everything works.
No, nothing works, as you would have noticed, had you checked the RAND_bytes()
return value. You still haven't grasped the concept: The "PRNG not seeded"
error is not a bug in OpenSSL, it is a safety measure. OpenSSL stops when
it detects that you are operating on an insecure PRNG state. Your task is
not to trick OpenSSL into not noticing the insecurity, it is to provide
sufficient randomness.
The above code might win you a citation in future versions of Peter's paper
on PRNG design, but it will not secure your data. Why don't you read the
randomness manpages and use EGD?
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
