[openssl-users] Doubt about OpenSSL library initialization in an HTTP client application

silvioprog silvioprog at gmail.com
Mon Dec 12 18:24:23 UTC 2016


On Mon, Dec 12, 2016 at 3:04 PM, Salz, Rich <rsalz at akamai.com> wrote:

> > "In short, I just replaced the RAND_screen() call to the RAND_poll(),
> generated a random buffer using RAND_bytes() (based on
> https://wiki.openssl.org/index.php/Random_Numbers#Software) seeding it
> via RAND_add()"
>
> You fed RAND_bytes output back into RAND_add?  That's silly.


Yes. Is it unnecessary? My steps are:

...
- RAND_scree()
+ RAND_poll()
+ RAND_bytes(buf, 128);
+ RAND_add(buf, length(buf), length(buf));
...

(I noticed I sent wrong patch, the correct one declare the RAND_bytes func
^^' )

-- 
Silvio Clécio
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20161212/2c812462/attachment.html>


More information about the openssl-users mailing list