Please give me some feedback.
Alessandro Pivi - GLOBALcom engineering ha scritto:
Hi,
I am making an application that makes SSL connections. The problem is
that my application will run in a chrooted environment, and will not
be able to access /dev/urandom, but I have a function available which
can read random values from a TRNG. I would like to know if my
approach to the random initialization is correct. I just write a file
with 1024 bytes of random data, call RAND_load_file passing that file,
and delete the file.
#define TMP_RAND_FILENAME "/tmp/aaa"
#define RANDOM_DATA_LEN 1024
static int seed_prng(void)
{
unsigned char trng_buff[RANDOM_DATA_LEN];
{
unsigned short count = 0;
while(count < RANDOM_DATA_LEN)
{ if(trng_read((unsigned int *)(trng_buff +
count))!=0)
return -1;
count += sizeof(unsigned int);
}
}
{
int fd;
fd = open(TMP_RAND_FILENAME, O_CREAT | O_TRUNC |
O_WRONLY, S_IRUSR | S_IWUSR);
if(fd < 0)
return -1;
if(write(fd, trng_buff, RANDOM_DATA_LEN) != RANDOM_DATA_LEN)
{
close(fd);
return -1;
}
close(fd);
}
if(RAND_load_file(TMP_RAND_FILENAME, RANDOM_DATA_LEN) <= 0)
return -1;
unlink(TMP_RAND_FILENAME);
return 0;
}
Thanks in advance.
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]