default or fips from [provider_sect] then
>> > RAND_status() returns 1. If I leave them both specified there,
>> > RAND_status() always returns 0. Is this the expected behavior or
>> am I
>> > doing something wrong? I understand that I must specify
&g
On 03/11/2020 18:03, Tomas Mraz wrote:
> On Tue, 2020-11-03 at 15:13 +, Matt Caswell wrote:
>>
>> The reasons are a little complicated (see below) but the TL;DR
>> summary
>> is that there is an error in your config file. The ".include" line
>> should specify a config file relative to
t; > RAND_status() always returns 0. Is this the expected behavior or am I
> > doing something wrong? I understand that I must specify properties when
> > fetching algorithms in order to get deterministic behavior with multiple
> > providers loaded. Is there an analogous API fo
> Ah ha! This explanation makes sense to me and indeed pointed me at the real
> problem. I had recompiled OpenSSL but I forgot to update the hmac in fips.cnf
> via fipsinstall. So yes, the fips provider was failing to activate because of
> that. As soon I fixed the hmac RAND_status() started
this the expected behavior or am I
> > doing something wrong? I understand that I must specify properties when
> > fetching algorithms in order to get deterministic behavior with multiple
> > providers loaded. Is there an analogous API for the PRNG that I'm
> > overlooking?
>
On Tue, 2020-11-03 at 15:13 +, Matt Caswell wrote:
>
> The reasons are a little complicated (see below) but the TL;DR
> summary
> is that there is an error in your config file. The ".include" line
> should specify a config file relative to OPENSSLDIR (or
> OPENSSL_CONF_INCLUDE if it is set).
On 03/11/2020 15:13, Matt Caswell wrote:
> I've seen this error a few times now so I'm thinking that we should
> perhaps allow absolute paths. I'm not sure what the reason for
> disallowing them was.
I raised this issue about this:
https://github.com/openssl/openssl/issues/13302
> We really
behavior with multiple
> providers loaded. Is there an analogous API for the PRNG that I'm
> overlooking?
>
> Interestingly, setting activate=0 for either provider is not sufficient
> to work around this issue.
I tested this out and was able to replicate your behaviour.
The reasons
behavior or am I doing something wrong? I
understand that I must specify properties when fetching algorithms in order
to get deterministic behavior with multiple providers loaded. Is there an
analogous API for the PRNG that I'm overlooking?
Interestingly, setting activate=0 for either provider
& Encryption
Phone +61 7 3031 7217
Oracle Australia
-Original Message-
From: Cipher [mailto:dhanukumar1...@gmail.com]
Sent: Wednesday, 12 September 2018 7:24 PM
To: openssl-users@openssl.org
Subject: [openssl-users] /dev/random in FIPS mode Error: PRNG not seeded
Hello,
We have a cu
andom"
Now we see that openssl is using /dev/random, but the problem is openssl
operations randomly fail when run multiple times with "PRNG not seeded"
error. This is in-spite of having rngd installed to boost entropy.
[root@debian ~]# OPENSSL_FIPS=1 openssl version
FIPS mode ON.
Open
> Of course people have been harvesting entropy, or trying to, from network
> sources for decades. There's a famous paragraph regarding it in RFC 4086,
> which is an expanded version of a similar statement from RFC 1750 (1994):
>
> Other external events, such as network packet arrival times
On 06/06/2018 09:12 PM, openssl-users-requ...@openssl.org digestributed:
> Date: Wed, 6 Jun 2018 16:12:59 +
> From: Michael Wojcik
>
>> Hence my solution of using a hardware TRNG shared over the
>> network with devices that lack the ability to have one added
>> locally.
>
> Yes, I think
> From: openssl-users on behalf of Jakob
> Bohm
> Sent: Tuesday, June 5, 2018 02:46
> Hence my solution of using a hardware TRNG shared over the
> network with devices that lack the ability to have one added
> locally.
Yes, I think that's a good approach. It reduces the attack surface, since
On 04/06/2018 15:56, Michael Wojcik wrote:
Of course people have been harvesting entropy, or trying to, from network
sources for decades. There's a famous paragraph regarding it in RFC 4086, which
is an expanded version of a similar statement from RFC 1750 (1994):
Other external events,
Of course people have been harvesting entropy, or trying to, from network
sources for decades. There's a famous paragraph regarding it in RFC 4086, which
is an expanded version of a similar statement from RFC 1750 (1994):
Other external events, such as network packet arrival times and
On 31/05/2018 19:14, Jochen Bern wrote:
On 05/31/2018 03:03 PM, openssl-users-requ...@openssl.org distributed:
Date: Thu, 31 May 2018 18:45:02 +1000
From: FooCrypt
Place a teaspoon of fine grade white sand onto the skin of a snare drum
Macroscopic hardware TRNGs are a *tad* yesteryear
As it happens I am the proud owner of a made-in-UK Mathmos Lava Lamp and a
couple of their Space Projectors : however I don't use them as a RNG.
I am thinking more about the fact that there are a lot of devices which
* have no hardware TRNG on board
* do have one or more connections to wired or
On 05/31/2018 03:03 PM, openssl-users-requ...@openssl.org distributed:
> Date: Thu, 31 May 2018 18:45:02 +1000
> From: FooCrypt
>
> Place a teaspoon of fine grade white sand onto the skin of a snare drum
Macroscopic hardware TRNGs are a *tad* yesteryear
https://en.wikipedia.org/wiki/Lavarand
evice ?
>>
>>
>>
>>> On 30 May 2018, at 8:58 AM, Scott Neugroschl wrote:
>>>
>>> Hi,
>>>
>>> Iâm using PRNGD to seed my random numbers (Iâm on a system without
>>> /dev/random and /dev/urandom). I occasionally g
;
>> On 30 May 2018, at 8:58 AM, Scott Neugroschl wrote:
>>
>> Hi,
>>
>> Iâm using PRNGD to seed my random numbers (Iâm on a system without
>> /dev/random and /dev/urandom). I occasionally get the dreaded âPRNG
>> is not seededâ error.
>>
>&
> Either way, trying to use OpenSSL's PRNGD to seed OpenSSL's PRNGD is an
> exercise in futility.
Oh, I agree on that.
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
In message
on Wed, 30 May 2018 15:37:47 +, Scott Neugroschl said:
scott_n> The platform in question is an HPE NonStop.
NonStop isn't the only platform with this sort of problem... I'd
suggest asking in places dedicated to NonStop if they know of good
enough ways to gather enough entropy,
> On 31 May 2018, at 1:35 AM, Michael Wojcik
> wrote:
>
>> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf
>> Of FooCrypt
>> Sent: Wednesday, May 30, 2018 10:46
>> To: openssl-users@openssl.org
>> Subject: Re: [openssl-users] PR
>>> I’m using PRNGD to seed my random numbers (I’m on a system without
>>> /dev/random and /dev/urandom). I occasionally get the dreaded “PRNG is
>>> not seeded” error.
>>
>> I don’t know your OS or environment, have you tried the ‘openssl rand’
>>
> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf
> Of FooCrypt
> Sent: Wednesday, May 30, 2018 10:46
> To: openssl-users@openssl.org
> Subject: Re: [openssl-users] PRNG is not seeded
>
> > On 30 May 2018, at 11:55 PM, Michael Wojcik
> wrote:
> On 30 May 2018, at 11:55 PM, Michael Wojcik
> wrote:
>
>> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf
>> Of FooCrypt
>> Sent: Tuesday, May 29, 2018 21:41
>> To: openssl-users@openssl.org
>> Subject: Re: [openssl-users] PR
> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf
> Of FooCrypt
> Sent: Tuesday, May 29, 2018 21:41
> To: openssl-users@openssl.org
> Subject: Re: [openssl-users] PRNG is not seeded
>
> > On 30 May 2018, at 8:58 AM, Scott Neugroschl
> wro
ice ?
> On 30 May 2018, at 8:58 AM, Scott Neugroschl wrote:
>
> Hi,
>
> I’m using PRNGD to seed my random numbers (I’m on a system without
> /dev/random and /dev/urandom). I occasionally get the dreaded “PRNG is not
> seeded” error.
>
> I know this is caused
>I know this is caused by a lack of available entropy in the system; but what
>can I do to address this? Is it just a matter of waiting until enough entropy
>has been collected? Is there any kind of workaround?
Assuming you don’t have another source of randomness that you can add in, then
Hi,
I'm using PRNGD to seed my random numbers (I'm on a system without /dev/random
and /dev/urandom). I occasionally get the dreaded "PRNG is not seeded" error.
I know this is caused by a lack of available entropy in the system; but what
can I do to address this? Is it jus
Ya me too did you ever get the info on this?
--
Sent from: http://openssl.6102.n7.nabble.com/OpenSSL-User-f3.html
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Hi,
I saw an advisory on exploiting a PRNG weakness in OpenSSL versions up to
0.9.6a by using several short PRNG requests. It looks interesting. Do you have
any idea for the details of the attacking technique?
Thanks in advance!
Regards,Alan
not present. Not sure if this is causing
the seeding to fail.
If this device needs to be setup, can you please point me to where I can
find some info on how to set this up.
--
View this message in context:
http://openssl.6102.n7.nabble.com/Seeding-the-PRNG-failed-tp47193p47215.html
Sent from
the PRNG failed, most likely because the system
does not have /dev/random.
[infasvp] /home/infa/infasvp $
The random files are present and with appropriate permissions.
[infasvp] /home/infa/infasvp $ ls -ltr /dev/*random
crw-r--r--1 root system 33, 0 Nov 4 13:22 /dev/random
crw-r--r
Seeding the PRNG failed
I support an ETL integration platform running on AIX 6100-07-06-1241 64 Bit.
We connect to SQL Server database using Data Direct SQL Server driver.
The setup that we have is as below:
[EJ_Voyager]
QEWSD=2456231
Driver=/opt/sw/infasvp/ODBC6.0/lib/DWsqls24.so
Hello All,
I am getting below error when trying to create a connection
Seeding the PRNG failed, most likely because the system does not have
/dev/random.
Any inputs why this error pops up?
FYI.. i am working on AIX - 64 bit platform.
On Mon, Mar 25, 2013 at 9:50 PM, Mithun Kumar mithunsi...@gmail.com wrote:
Hello All,
I am getting below error when trying to create a connection
Seeding the PRNG failed, most likely because the system does not have
/dev/random.
Any inputs
Hi,
Thanks for the help, it resolved my problem.
Regards,
Alok
On Fri, Sep 23, 2011 at 5:59 PM, Dr. Stephen Henson st...@openssl.orgwrote:
On Fri, Sep 23, 2011, alok sharma wrote:
Hi,
Ok I got your point. I think it will be helpful.Do you have any link
or
precedure to setup
wrote:
Hi Jacob,
Thanks for such a detailed reply. But I am having one concern that
how
an application can know whether it si secure or not. Fips uses
GetSystemTimeAsFileTime() for PRNG test which is having granuality of 1
ns,
but my application is running even at faster rate so
() for PRNG test which is having granuality of 1
ns,
but my application is running even at faster rate so same value is being
generated for current as well as for last request. Is there any
provision
inside Openssl which ensures that unique randon numbers will be
generated or
application need
On Fri, Sep 23, 2011, alok sharma wrote:
Hi,
So is there any method on Windows to generate non-predictable
randomnumbers. I think mostly FileSytem time is used to seed randomness
which is failing in my case.
As I indicated this shouldn't be happening if you've set up locking callbacks
);
for (i = 0; i AES_BLOCK_LENGTH; i++)
tmp[i] = R[i] ^ I[i];
AES_encrypt(tmp, ctx-V, ctx-ks);
/* Continuous PRNG test */
if (ctx-second)
{
if (fips_prng_fail){
memcpy(ctx-last, R, AES_BLOCK_LENGTH
On Fri, Sep 23, 2011, alok sharma wrote:
I am using the openssl fips version for my application.So, I have not made
any change in openssl or Fips code. Just enabling fips and using SSL API
exposed for client server model. But through debugger I have found that my
application is crashing
of this is how the FIPS PRNG behaves.
For more details see the archives and documentation. For example: the
threads manual page.
Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
: one
symptom
of this is how the FIPS PRNG behaves.
For more details see the archives and documentation. For example: the
threads manual page.
Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
On Fri, Sep 23, 2011, alok sharma wrote:
Hi,
Ok I got your point. I think it will be helpful.Do you have any link or
precedure to setup these call backs or these are just function pointers
which needs to be initialized at ssl initialization time.
See the FAQ:
Hi Jacob,
Thanks for such a detailed reply. But I am having one concern that how
an application can know whether it si secure or not. Fips uses
GetSystemTimeAsFileTime() for PRNG test which is having granuality of 1 ns,
but my application is running even at faster rate so same value is being
On 9/19/2011 8:49 AM, alok sharma wrote:
Hi Jacob,
Thanks for such a detailed reply. But I am having one concern that
how an application can know whether it si secure or not. Fips uses
GetSystemTimeAsFileTime() for PRNG test which is having granuality of
1 ns, but my application
On Mon, Sep 19, 2011, alok sharma wrote:
Hi Jacob,
Thanks for such a detailed reply. But I am having one concern that how
an application can know whether it si secure or not. Fips uses
GetSystemTimeAsFileTime() for PRNG test which is having granuality of 1 ns,
but my application
,ctx-ks);
for (i = 0; i AES_BLOCK_LENGTH; i++)
tmp[i] = R[i] ^ I[i];
AES_encrypt(tmp, ctx-V,ctx-ks);
/* Continuous PRNG test */
if (ctx-second)
{
if (fips_prng_fail){
memcpy(ctx-last, R, AES_BLOCK_LENGTH
++)
tmp[i] = R[i] ^ I[i];
AES_encrypt(tmp, ctx-V, ctx-ks);
/* Continuous PRNG test */
if (ctx-second)
{
if (fips_prng_fail){
memcpy(ctx-last, R, AES_BLOCK_LENGTH);
RANDerr(RAND_F_FIPS_RAND,RAND_
R_PRNG_STUCK
Hello.
I'll collect entropy(random bytes) myself on Windows. How many random
bytes I must give for function RAND_seed to seed PRNG properly in two cases:
1) Generating RSA keys.
2) Programming SSL-TLS. And where I must call RAND_seed during SSL-TLS
programming?
I think internal
On Fri, Jul 1, 2011 at 1:14 PM, Vladimir Belov ml.vladimbe...@gmail.com wrote:
Hello.
I'll collect entropy(random bytes) myself on Windows. How many random
bytes I must give for function RAND_seed to seed PRNG properly in two cases:
Why not allow OpenSSL to auto seed itself? If you have
Thanks for answers, Jeff. But I still have questions:
Why not allow OpenSSL to auto seed itself?
Because on Windows we have not /dev/random and that's why I think that auto
seed will be worse. But if OpenSSL seed PRNG automatically and I must not do
anything else, why in FAQ I see: On other
First off, yes, I did read the FAQ.
I am trying to build 9.8.0r on an old Dec Unix (aka tru64 Alpha) machine,
specifically OSF1 V4.0. I'm getting the PRNG not seeded error when running the
tests. Yes, I did read the FAQ.
Now this machine is pretty old, and AFAIK, has no random device. I
You don't need to call RAND_write_file. RAND_load_file(/dev/random,bytes )
will seed the PRNG with whatever is the value of bytes variable.
-Sandeep
On Sun, Sep 19, 2010 at 3:59 AM, krishnamurthy santhanam
krishnamurth...@gmail.com wrote:
Hi,
I need to seed PRNG of 128 bytes. in the below
Hi,
I need to seed PRNG of 128 bytes. in the below program is seeding 1024
byte.
is it possible seed 128 bytes of data using RAND_seed(). Any example should
be helpful for me.
#includestring.h
#includeopenssl/rand.h
#includeopenssl/bn.h
main()
{
/*int nb,l;
l=RAND_load_file(/dev
Hi ,
I am writing a program to generate RSA key and able to generate also.
But in the document I read, The pseudo-random number generator(PRNG)
must be seeded prior to calling RSA_generate_key().
How to seed the PRNG using ?
Thanks for your time,
Krishnaurthy
Hi,
I am using OpenSSL 0.9.8e-fips-rhel on Linux.
I am generating RSA Key using RSA_generate_key(). I am able to success
on that part.
On reading the OpenSSL faq, found that the function 'RAND_egd()' needs
to be
called before generating the key.
Is it mandatory to seed before generating
Hello,
I am using OpenSSL 0.9.8l on windows that is built according to FIPS user
guide. And I would like to understand what is the strength in terms of random
of the random data that is gathered by OpenSSL built in functions that poll for
random data on OpenSSL startup (rand_poll function).
Hi,
I am using the openSSl 9.8i on a chorus operating system. When I tried
to use the funciton
srand(time(NULL));
RSA* rsa = RSA_generate_key(512, 65537, NULL, NULL) ;
I get the error the random number generator:SSLEAY_RAND_BYTES:PRNG not
seeded .
Does srand() seed PRNG?
How can i work around
you should try http://openssl.org/docs/crypto/RAND_add.html#
_
Windows Live™: E-mail. Chat. Share. Get more ways to connect.
See the OpenSSL FAQ:
http://www.openssl.org/support/faq.html#USER1
srand/rand/etc. have nothing to do with the cryptographically strong
PRNG inside OpenSSL as srand/rand et al are not meant to be used for
cryptographic purposes anyway. Read books such as published by Bruce
Schneier, etc. about
);
from here I am getting the error message PRNG not seeded.
This function calls the function 'generate_key' of OpenSSL and from here
'BN_rand' returns failure with this error code.
On reading the OpenSSL faq, found that the function 'RAND_egd()' needs to be
called before this.
I tried calling
getting the error message PRNG not seeded.
This function calls the function 'generate_key' of OpenSSL and from here
'BN_rand' returns failure with this error code.
On reading the OpenSSL faq, found that the function 'RAND_egd()' needs to be
called before this.
I tried calling this function also
The Lavarnd project shows some weakness (vs NIST 800-22 testing) for both
/dev/urandom, and /dev/random.
Does anyone know of a project for software RNG that is high quality? The
/dev/random project is close - but fails the NSIT test for DFT Spectral
(uniformity)?
I'm using ssl (openssl-0.9.7m) as part of AXIS C++. I just spent a week trying
to figure out why I couldn't use https (via openssl) to connect on only some of
our systems. After rebuilding our copy of OpenSSL for debug and trapping
through it, I found that ssleay_rand_bytes() was setting the
OpenSSL 0.9.8a Non-FIPs PRNG:
I am trying to determine if the PRNG does a Continuous Random Number
Generator Test (CRNGT). I looked in crypto/rand/md_rand.c but I do not see
specifically a CRNGT?
Thank you
__
OpenSSL Project
Hello,
OpenSSL 0.9.8a Non-FIPs PRNG:
I am trying to determine if the PRNG does a Continuous Random Number
Generator Test (CRNGT). I looked in crypto/rand/md_rand.c but I do not see
specifically a CRNGT?
No, but you may test PRNG with FIPS140-1 tests
with crypto/rand/randtest.c
Best regards
Thanks all for your valuable comments,
Erik Leunissen.
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager
Apparently, there are some situations where there is no entropy source
to seed the OpenSSL PRNG.
Is there a uniform way to detect that the OpenSSL PRNG has not been
seeded? Uniform is uniform over the various platforms because I want
to prevent that I need to check on a per platform basis
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Erik Leunissen
Sent: Thursday, September 28, 2006 10:25 AM
To: openssl-users@openssl.org
Subject: Re: Seeding the OpenSSL PRNG (continued ...)
Apparently, there are some situations where
Erik Leunissen wrote:
Is there a uniform way to detect that the OpenSSL PRNG has not been
seeded? Uniform is uniform over the various platforms because I want
Call RAND_status() (see http://www.openssl.org/docs/crypto/RAND_add.html#).
Ciao,
Richard
--
Dr. Richard W. Könning
Fujitsu Siemens
Richard Koenning wrote:
Call RAND_status() (see http://www.openssl.org/docs/crypto/RAND_add.html#).
Right. I overlooked that one.
Thanks,
Erik.
__
OpenSSL Project http://www.openssl.org
User
The book Network security with OpenSSL says about seeding the OpenSSL
PRNG (on page 19):
If you try to use OpenSSL without bothering to seed the random number
generator, the library will complain.
I recently discovered that I have been using DSA_generate_key() and
DSA_sign() without having
On Wed, Sep 27, 2006, Erik Leunissen wrote:
This makes me think that:
- either there has been some other call into the OpenSSL library that
implicitly seeded the PRNG without my noticing it (perhaps
DSA_generate_parameters() or DSA_new() ), or
- the warning mechanism doesn't work
Dr. Stephen Henson wrote:
OpenSSL makes use of some standard sources of entropy on various platforms to
seed the PRNG automatically. On linux this includes the /dev/urandom device
and on Windows various things including the CryptoAPI PRNG.
OK, that explains, thanks.
The program is going
use of some standard sources of entropy on various platforms to
seed the PRNG automatically. On linux this includes the /dev/urandom device
and on Windows various things including the CryptoAPI PRNG.
OK, that explains, thanks.
The program is going to be distributed to clients who run a Windows
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Erik Leunissen
Sent: Wednesday, September 27, 2006 4:53 PM
To: openssl-users@openssl.org
Subject: Re: Seeding the OpenSSL PRNG
Dr. Stephen Henson wrote:
OpenSSL makes use of some standard
Hello. There appears to be an issue with the FIPS-approved version of PRNG.
Specifically, fips_rand_bytes(), which is the RAND_bytes() for the FIPS rand
method, checks whether the key pid and the seed pid (both are static
variables set by FIPS_set_prng_key() and FIPS_rand_seed() respectively
Dmitriy Khodos wrote:
The function fails if the PID does not match. However,
since PID is obtained by calling getpid(2), under Linux it is going to be
different in different threads.
It depends which version of Linux you are running and which thread
implementation you have at runtime. The
with FIPS PRNG in multi-threaded program under Linux
Dmitriy Khodos wrote:
The function fails if the PID does not match. However,
since PID is obtained by calling getpid(2), under Linux it is going to be
different in different threads.
It depends which version of Linux you are running
then check if the random seed file is created in $HOME/.rnd. If it is not created set you environment variable $HOME or set the RANDFILE variable in the openssl.cnf to an existing location.
Thanks,
PrakashRobert Zilbauer [EMAIL PROTECTED] wrote:
Hello. I ran into some odd PRNG related errors after
Hello. I ran into some odd PRNG related errors after switching from OpenSSL
0.9.7g to 0.9.8 on Solaris 2.7 today. I checked through the archives of this
mailing list that I could find and I didn't see an answer in the FAQ, but if
there's a place I missed please let me know. I'd happily RTFM
Hello:
I need initialize the PRNG to can generate keys and performing public key
encryption.
I want use one of this functions:
void RAND_seed(const void *buf, int num);
void RAND_add(const void *buf, int num, double entropy);
But I don´t know what parameters I have to use. Somebody can
Angel Martinez Gonzalez wrote:
Hello:
I need initialize the PRNG to can generate keys and performing public key
encryption.
I want use one of this functions:
void RAND_seed(const void *buf, int num);
void RAND_add(const void *buf, int num, double entropy);
But I don´t know what
PROTECTED]
To: openssl-users@openssl.org
Sent: Thursday, June 23, 2005 10:17 AM
Subject: Re: How initialize the PRNG using RAND_seed ?
Angel Martinez Gonzalez wrote:
Hello:
I need initialize the PRNG to can generate keys and performing public key
encryption.
I want use one of this functions
Just use FreeBSD 5.X as your operating system, the random device
on it has been completely rewritten to be self-seeding with
high quality random numbers. It harvests from a number of interrupts and
if you don't turn those on it uses the Yarrow PRNG code. And it
also uses the hardware random
.
There is a long way between Windows 2.0 and Windows Server 2003... ;)
If you are using reasonable current versions of Windows (like 2000 or
XP) the PRNG should be seeded automatically using MS Crypto API. You
could check if the PRNG is seeded sufficiently by calling RAND_status.
I once again
PRNG). As
we also know, to get the precise execution timings of applications we
need to minimize interrupts, context-switches, et.al.
Now the problem is: PRNG needs enough entropy and it is generally
gathered from mouse movements et.al. Having PRNG wait for enough
entroy and at the same time
Thanks. I guess I should have did that first. My apologies. But I
couldn't find the answer to my next question. If the PRNG is already seeded
using the Crypto API, how many bits of entropy are used to seed it?
On linux, I make it configurable thru a call to
RAND_load_file(/dev/random
Edward Chan wrote:
Thanks. I guess I should have did that first. My apologies. But I
couldn't find the answer to my next question. If the PRNG is already seeded
using the Crypto API, how many bits of entropy are used to seed it?
The following code is in crypto/rand/rand_win.c:
BYTE buf
Great. Thanks for the info.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
Bernhard Froehlich
Sent: Monday, January 31, 2005 11:39 PM
To: openssl-users@openssl.org
Subject: Re: Seed PRNG on Windows
Edward Chan wrote:
Thanks. I guess I
Edward Chan wrote:
Hi there,
Just wondering what people typically use to seed the PRNG on Windows.
On linux, there is /dev/random. But there is no such device for
Windows. I've heard of EGADS, but when I installed the EGADS service,
I found it to be a huge memory hog. Are there any other
Title: Seed PRNG on Windows
Hi there,
Just wondering what people typically use to seed the PRNG on Windows. On linux, there is /dev/random. But there is no such device for Windows. I've heard of EGADS, but when I installed the EGADS service, I found it to be a huge memory hog. Are there any
hi!
i posted earlier about an error when running OpenSSL on WinCE
random number generator:SSLEAY_RAND_BYTES:PRNG not seeded.
what is the random number generator used for? is it possible not
to use the
random number generator, or provide your own random number?
Secure random
hi!
i posted earlier about an error when running OpenSSL on WinCE
random number generator:SSLEAY_RAND_BYTES:PRNG not seeded.
what is the random number generator used for? is it possible not to use the
random number generator, or provide your own random number?
thanks
cheers
Hi,
I've been using OpenSSL for a while on Linux, and now ported some
application to Windowsxx, where xx should indicate any of the
MSWindows systems from 98 and newer.
I've read the FAQ which indicates that I need to seed the PRNG on
Windows systems (as opposed to Linux).
On my Windows XP
On Thu, Sep 16, 2004, Egon Andersen wrote:
Hi,
I've been using OpenSSL for a while on Linux, and now ported some
application to Windowsxx, where xx should indicate any of the
MSWindows systems from 98 and newer.
I've read the FAQ which indicates that I need to seed the PRNG
1 - 100 of 190 matches
Mail list logo