[openssl-users] Doubt about OpenSSL library initialization in an HTTP client application
silvioprog
silvioprog at gmail.com
Mon Dec 12 18:24:23 UTC 2016
On Mon, Dec 12, 2016 at 3:04 PM, Salz, Rich <rsalz at akamai.com> wrote:
> > "In short, I just replaced the RAND_screen() call to the RAND_poll(),
> generated a random buffer using RAND_bytes() (based on
> https://wiki.openssl.org/index.php/Random_Numbers#Software) seeding it
> via RAND_add()"
>
> You fed RAND_bytes output back into RAND_add? That's silly.
Yes. Is it unnecessary? My steps are:
...
- RAND_scree()
+ RAND_poll()
+ RAND_bytes(buf, 128);
+ RAND_add(buf, length(buf), length(buf));
...
(I noticed I sent wrong patch, the correct one declare the RAND_bytes func
^^' )
--
Silvio Clécio
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20161212/2c812462/attachment.html>
More information about the openssl-users
mailing list