> From: Jeffrey Walton [mailto:noloa...@gmail.com] > > On Thu, Nov 15, 2012 at 6:03 AM, Pravesh Rai <pravesh....@gmail.com> > wrote: > >... > > #define SEED_SIZE 128 > >... > > //RAND_seed(buf, SEED_SIZE); > > RAND_add(buf, SEED_SIZE, (20/100) * SEED_SIZE); > > > > k = RAND_status(); > > > > } > I'm not sure 20% effective entropy is a good estimate here. If its > coming from the OS, its likely higher. If its coming from an Entrop > Key or other hardware device, I would estimate it nearly 100% (if not > 100%) > > Plus, there may be a bug there. Perform a cast to a double before the > divide: > ((double)20/100) * SEED_SIZE
Good catch, definitely a bug - '(20/100) * SEED_SIZE' is just a long-winded way of saying '0'. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
