[openssl-users] Doubt about OpenSSL library initialization in an HTTP client application

Salz, Rich rsalz at akamai.com
Mon Dec 12 18:04:17 UTC 2016

> "In short, I just replaced the RAND_screen() call to the RAND_poll(), generated a random buffer using RAND_bytes() (based on https://wiki.openssl.org/index.php/Random_Numbers#Software) seeding it via RAND_add()"

You fed RAND_bytes output back into RAND_add?  That's silly.

More information about the openssl-users mailing list