On Fri, Apr 06, 2001 at 11:34:48AM -0400, [EMAIL PROTECTED] wrote:
>
> Something like this may help you out:
>
> rand_buf = "0123456789ABCDEF0";
> RAND_seed(rand_buf, 17);
> /* One or the other will do */
> RAND_add(rand_buf, 17, 17);
First: fortunately it would not help out, since as of 0.9.6, 20 bytes
are needed.
Second: this is an extremely bad advice, as it would lead to weak keys.
If I can obtain knowledge about your init string, I can easily guess
all of your keys. (They may look different on the first glance, but
the seeding is only changed by the pid and time, so the search space
is negligible.)
Now: the reason of the failure is:
RANDFILE is a file that is used to read entropy from on startup and
to write seed back to on exit of the "openssl" application.
(RANDFILE does not apply to the library, only to the "openssl"
commandline application.)
RANDFILE is _not_ considered to be a EGD socket, so setting
RANDFILE to the egd-socket does not work.
The original other must explicitly use the "-rand" commandline option
to specify the EGD socket.
Maybe the documentation does not make this point clear enough...
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129
Universitaetsplatz 3-4, D-03044 Cottbus Fax. +49 355 69-4153
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
