Using RAND_status()

Tomas Mraz tomas at openssl.org
Wed Feb 15 04:57:54 UTC 2023


I assume you're getting a failure. If so, it is because you did 
not load the default provider in addition to the legacy one.

Otherwise your code is OK, although these days the RAND_seed() call
should not be needed at all, the RNG should be seeded by itself unless
there is something wrong with your build configuration of the OpenSSL
or your OS is some awkward legacy one.

Tomas Mraz, OpenSSL

On Wed, 2023-02-15 at 12:00 +0800, Jayme Mikko Ancla wrote:
> Hello Openssl-Users,
> 
> I would like to know if my use of RAND_status() like below is
> correct:
> 
> int MyInitFunc(void) {
> 
>   char* pathOfProviders;
>   pathOfProviders = getenv("PATH_OF_PROVIDERS");
>   DbgMsg("MyInitFunc() START\n");
>   OSSL_PROVIDER_set_default_search_path (NULL, pathOfProviders);
>   provider_legacy = OSSL_PROVIDER_load(NULL, "legacy");
>   if (NULL == provider_legacy) {
>      DbgMsg("MyInitFunc() provider_legacy is NULL\n");
>   }
>   if (RAND_status() != 1) {
>     RAND_seed(rnd_seed, sizeof rnd_seed);
>   }
> 
>   DbgMsg("MyInitFunc() END\n");
>   return CRY_OK;
> }
> 
> I called RAND_status immediately after OSSL_PROVIDER_load.
> Is there anything I have to do before calling RAND_status()?
> 
> Thank you for your time.
> Regards,
> Jayme

-- 
Tomáš Mráz, OpenSSL



More information about the openssl-users mailing list