Re: I'm writing a book...

2002-03-29 Thread Billy Shaw 

and perhaps you can share those 15 pages with the OpenSSL community
after being on this list for a while, it seems that some straight forward
references would be useful for a lot of newbies.

That would be great.
Billy-


Mike Schiffman wrote:

Hi.  I'm writing a book on open source network security tools and I'm
covering a portion of OpenSSL and I have a few questions for those of
you who are seasoned OpenSSL users / developers.  I'll ask them in
order of stupidity... ;)

1) The evp(3) interface (all of the EVP_ functions) refers to an
Envelope interface, right?

2) The _ex functions (such as EVP_CipherInit_ex(),
EVP_DigestInit_ex(), etc) appear to offer Engine arguments where
applicable.  Is this the only tangible benefit?  Is there any reason as
an application programmer using the default software engine to use these
_ex functions as opposed to the regular counterparts (which call the _ex
functions internally)?  What is the _ex supposed to canonically refer
to?

3) I will have this short 15 page chapter completed in a few days and I
would love to get someone from the OpenSSL project to give the once over
from a technical perspective (it shouldn't take more than an hour of
work for someone handy with the library).  The chapter consists of an
overview of a few of the finer points of the library and some very short
sample code that needs another set of eyes.  I can't offer any cash as
my publisher has not given me a budget for this, but I can get books for
the reviewer!  If anyone has any remote interest in helping me out,
getting your name in my up and coming book, and getting some free books
(technical or otherwise) from the world's largest book publisher, Wiley
and Sons, please let me know ASAP!


--
Mike Schiffman, CISSP
Director of Security Architecture
@stake, Inc
565 Commercial Street
San Francisco, CA 94111
415.572.6014

__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]





__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

RE: /dev/random on Solaris 8 (Sparc)

2001-10-31 Thread Billy Shaw 

I use prngd on Solaris 8.
http://www.aet.tu-cottbus.de/personen/jaenicke/postfix_tls/prngd.html
It compiled fine with gcc and gnu make. It works
like egd so you should be able to have it use
/dev/random. I currently use /var/run/egd-pool
and that works fine for my needs.

From the prngd home page:
Unlike EGD it does not generate a pool of random bits
that can be called from other software. Rather more it
feeds the bits gathered into the OpenSSL PRNG from which
the random bits are obtained when requested. This way,
PRNGD is never drained and can never block (unlike EGD),
so it is also suitable to seed inetd-started programs. It
also features a seed-save file, so that it is immediately
usable after system start.


Billy Shaw-

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Arin Komins
Sent: Wednesday, October 31, 2001 10:00 AM
To: [EMAIL PROTECTED]
Subject: Re: /dev/random on Solaris 8 (Sparc)


On Wed, 31 Oct 2001, Christopher Crowley wrote:

:Subject: /dev/random on Solaris 8 (Sparc)
:
:I am interested in providing a /dev/urandom for a Solaris 8 machine.  EGD
:doesn't provide sufficient randomness for sendmail 8.11.6, according to the
:system logs. However, the SUNWski package doesn't install properly on
:Solaris 8 (Sparc). What other  method do you suggest?
:
:Thank you in advance for the information.
:
:Chris

Chris,

You might want to try the Andirand package available at:

http://www.cosy.sbg.ac.at/~andi/

It provides both /dev/random and /dev/urandom for solaris.

Thanks,

Arin
--
--
Arin Komins   [EMAIL PROTECTED]
Manager of Web Systems Architecture
University of Chicago/NSIT  tel: (773)834-4087
1155 E. 60th St. #302B Chicago, IL 60637fax: (773)702-0559
--

__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]