Rich - I am not sure I understand what you are saying; currently rand_win.c calles CryptGenRandom (CryptoAPI) and the "INTEL_DEF_PROV " to acquire input to the entropy functions in OpenSSL. /* poll the Pentium PRG with CryptoAPI */ if (acquire(&hProvider, 0, INTEL_DEF_PROV, PROV_INTEL_SEC, 0)) { if (gen(hProvider, sizeof(buf), buf) != 0) { RAND_add(buf, sizeof(buf), sizeof(buf)); #ifdef DEBUG printf("randomness from PROV_INTEL_SEC\n"); #endif } release(hProvider, 0); } } This seems like a logical way to do this so that the code across platforms is consistent; what would be nice is a linux/*bsd interface to the Intel rng device. Rya -----Original Message----- From: Rich Salz [mailto:[EMAIL PROTECTED]] Sent: Saturday, September 08, 2001 1:38 PM To: Ryan Hurst Cc: Openssl-Dev ([EMAIL PROTECTED]); Openssl-Users ([EMAIL PROTECTED]) Subject: Re: OpemSSL Hardware Random Number Generator (RNG) for Intel Chipsets . >excellent source of random data available to you I thought consensus was that since it was a closed system, whiten it or use it as input to entropy. /r$ -- Zolera Systems, Securing web services (XML, SOAP, Signatures, Encryption) http://www.zolera.com ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]