Rich -
I am not sure I understand what you are saying; currently rand_win.c
calles CryptGenRandom (CryptoAPI) and the "INTEL_DEF_PROV " to acquire input
to the entropy functions in OpenSSL.
/* poll the Pentium PRG with CryptoAPI */
if (acquire(&hProvider, 0, INTEL_DEF_PROV, PROV_INTEL_SEC,
0))
{
if (gen(hProvider, sizeof(buf), buf) != 0)
{
RAND_add(buf, sizeof(buf), sizeof(buf));
#ifdef DEBUG
printf("randomness from PROV_INTEL_SEC\n");
#endif
}
release(hProvider, 0);
}
}
This seems like a logical way to do this so that the code across platforms
is consistent; what would be nice is a linux/*bsd interface to the Intel rng
device.
Rya
-----Original Message-----
From: Rich Salz [mailto:[EMAIL PROTECTED]]
Sent: Saturday, September 08, 2001 1:38 PM
To: Ryan Hurst
Cc: Openssl-Dev ([EMAIL PROTECTED]); Openssl-Users
([EMAIL PROTECTED])
Subject: Re: OpemSSL Hardware Random Number Generator (RNG) for Intel
Chipsets .
>excellent source of random data available to you
I thought consensus was that since it was a closed system, whiten it or
use it as input to entropy.
/r$
--
Zolera Systems, Securing web services (XML, SOAP, Signatures,
Encryption)
http://www.zolera.com
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
