Akos Vandra wrote: > I see what the main misunderstanding is here.
> If the numbers are read from the file with no precautions whatsoever, > the same numbers will be read more than once (at every run) of course. > But I thought it was possible to have a set of random numbers saved in > a file, and it would be possible for openssl to save a "pointer", and > continue reading the file on the next run (not start from the beginning). > Of course this can be done by pipeing tha file to a FIFO buffer, and then > making openssl read from the pipe rather than the file (this solves the > problem with the same random sequence). Yes, exactly. > What my problem here is: I have a true random number generator, but it > is not linked to the computer, I get the numbers on a flash disk(as a > binary file). Because these are true random numbers (well at least as > far a quantum rng is random), they are safe to use for the prime > generation, and I would like to use these files, rather than the PRNG > of openssl (being on the safe side of a coding error in the PRNG, no > offence intended, we all make mistakes :). I would like to know if > this is possible What you need is a program that sucks in the files of random numbers and serves them to a pipe that OpenSSL (and other RNG clients) can read from. The program would need to ensure that each number is only written to the pipe once. It can keep the pipe 'full' and let you know when it's low on random numbers. This is a very simple program to write. (And I believe similar programs do already exist. Have a look at 'egd'.) However, it will not likely achieve your stated objective. Unless you vet your program to the same degree as OpenSSL's PRNG has been vetted, you will simply have replaced a solution with a less-reliable solution. As a general rule, in crytography, the worst thing you can do is cook up your own solution to a problem. DS ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [email protected] Automated List Manager [email protected]
