In my case, I'm trying to support various versions of Linux, AIX, Solaris, HP-UX, Windows, and something running on OS/360 when the details finally filter back to me. I had assumed up until a few days ago that all of the UNIX folks had one of the /dev/random variants or that OpenSSL would fully seed itself like my previous toolkit. Oh how wrong I was.
Fortunately, I've found enough inside rand_lib.c and rand_wind.c that I think what I've ended up with is good enough. Christopher Bibbs > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of Edward Chan > Sent: Thursday, April 07, 2005 11:36 AM > To: 'Egon Andersen '; 'openssl-users@openssl.org ' > Subject: RE: RAND_seed() > > > I don't know if /dev/random is available on all linux > machines. But I think > it is. But as for Windows, which does not have /dev/random, I believe > OpenSSL seeds the PRNG on Windows automatically using a > variety of clever > ideas and sources of entropy. It is probably better than > what you could > come up with on your own (I would guess). For details, > either dig into the > OpenSSL src, or maybe one of the OpenSSL gurus can elaborate > more on what is > done on Win32. > > BTW, I experimented with EGADS at one point...it's a total > memory hog. And > since I only need it once (when my app starts up) to seed the > OpenSSL PRNG, > I'd have to install the EGADS service, start it, seed the > PRNG, then stop it > (because it was hogging to much memory if I left it running). > Too much work > and not very elegant if you ask me. Then I found out that I > didn't have to > do anything on Win32 because OpenSSL did it for me. > > I hope I'm correct in my statements. I'm also a relative > newbie to OpenSSL. > > Ed The contents of this e-mail are intended for the named addressee only. It contains information that may be confidential. Unless you are the named addressee or an authorized designee, you may not copy or use it, or disclose it to anyone else. If you received it in error please notify us immediately and then destroy it. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
