RAND_status() returns to few info.

2001-11-20 Thread Götz Babin-Ebell 

Hello,

is there a way to ask the random engine about how much randomness
it contains ?
RAND_status() returns 1 if the random pool contains at least
20 bytes (ENTROPY_NEEDED in rand_lcl.h).

That is OK for SSL handshake, but for asymetric key generation
we need a lot of more entropy.

Something like RAND_status1(size_t needed) would be better...

eg:
  ...
  if (RAND_status1(key_length) = 0)
  { /* this part never reached if we have a crypto device... */
RAND_load_file(...); /* load some additional ramdom data */
  }
  ...

Bye

Goetz

-- 
Goetz Babin-Ebell, TC TrustCenter AG, http://www.trustcenter.de
Sonninstr. 24-28, 20097 Hamburg, Germany
Tel.: +49-(0)40 80 80 26 -0,  Fax: +49-(0)40 80 80 26 -126


smime.p7s
Description: S/MIME Cryptographic Signature

Re: RAND_status() returns to few info.

2001-11-20 Thread Richard Levitte - VMS Whacker 

From: Götz Babin-Ebell [EMAIL PROTECTED]

babinebell is there a way to ask the random engine about how much randomness
babinebell it contains ?
babinebell RAND_status() returns 1 if the random pool contains at least
babinebell 20 bytes (ENTROPY_NEEDED in rand_lcl.h).
babinebell 
babinebell That is OK for SSL handshake, but for asymetric key generation
babinebell we need a lot of more entropy.

The 20 bytes minimum is the needed amount of seeding to get secure
enough random numbers from the pool.  Each time you fetch random
bytes, the pool is remixed, thus providing for more random bytes.

Unless you find it worrying that we ask of only 20 bytes minimum of
seeding, you should be without problems.

-- 
Richard Levitte   \ Spannvägen 38, II \ [EMAIL PROTECTED]
Redakteur@Stacken  \ S-168 35  BROMMA  \ T: +46-8-26 52 47
\  SWEDEN   \ or +46-733-72 88 11
Procurator Odiosus Ex Infernis-- [EMAIL PROTECTED]
Member of the OpenSSL development team: http://www.openssl.org/
Software Engineer, GemPlus: http://www.gemplus.com/

Unsolicited commercial email is subject to an archival fee of $400.
See http://www.stacken.kth.se/~levitte/mail/ for more info.
__
OpenSSL Project http://www.openssl.org
Development Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: RAND_status() returns to few info.

2001-11-20 Thread Allen Smith 

On Nov 20,  3:03pm, Richard Levitte - VMS Whacker wrote:
 From: Gotz Babin-Ebell [EMAIL PROTECTED]
 
 babinebell is there a way to ask the random engine about how much
 babinebell randomness it contains ? RAND_status() returns 1 if the
 babinebell random pool contains at least 20 bytes (ENTROPY_NEEDED
 babinebell in rand_lcl.h).
 babinebell 
 babinebell That is OK for SSL handshake, but for asymetric key
 babinebell generation we need a lot of more entropy.
 
 The 20 bytes minimum is the needed amount of seeding to get secure
 enough random numbers from the pool.  Each time you fetch random
 bytes, the pool is remixed, thus providing for more random bytes.

However, it would also be helpful for randomness _sources_ to know how 
much more randomness is needed. It can be a scarce resource, after
all.

 Unless you find it worrying that we ask of only 20 bytes minimum of
 seeding, you should be without problems.

Being able to check exactly how much has been seeded would also be
helpful for applications for which one does _not_ regard 20 bytes as
sufficient (e.g., key generation for large, long-term-used keys).

-Allen

-- 
Allen Smith [EMAIL PROTECTED]
September 11, 2001  A Day That Shall Live In Infamy II
They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety. - Benjamin Franklin
__
OpenSSL Project http://www.openssl.org
Development Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: RAND_status() returns to few info.

2001-11-20 Thread Richard Levitte - VMS Whacker 

From: Allen Smith [EMAIL PROTECTED]

easmith  The 20 bytes minimum is the needed amount of seeding to get secure
easmith  enough random numbers from the pool.  Each time you fetch random
easmith  bytes, the pool is remixed, thus providing for more random bytes.
easmith 
easmith However, it would also be helpful for randomness _sources_ to
easmith know how much more randomness is needed. It can be a scarce
easmith resource, after all.

Uhmm, an exactly how should OpenSSL tell the sources how much more
seeding it needs, except for actually reading that many bytes?

easmith  Unless you find it worrying that we ask of only 20 bytes minimum of
easmith  seeding, you should be without problems.
easmith 
easmith Being able to check exactly how much has been seeded would also be
easmith helpful for applications for which one does _not_ regard 20 bytes as
easmith sufficient (e.g., key generation for large, long-term-used keys).

That's what the Unless ... was about, I guess :-).

-- 
Richard Levitte   \ Spannvägen 38, II \ [EMAIL PROTECTED]
Redakteur@Stacken  \ S-168 35  BROMMA  \ T: +46-8-26 52 47
\  SWEDEN   \ or +46-733-72 88 11
Procurator Odiosus Ex Infernis-- [EMAIL PROTECTED]
Member of the OpenSSL development team: http://www.openssl.org/
Software Engineer, GemPlus: http://www.gemplus.com/

Unsolicited commercial email is subject to an archival fee of $400.
See http://www.stacken.kth.se/~levitte/mail/ for more info.
__
OpenSSL Project http://www.openssl.org
Development Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]