[openssl-users] openssl-users Digest, Vol 25, Issue 8
gev6 liu
liugev6 at gmail.com
Mon Dec 12 19:29:55 UTC 2016
text / plain的;字符集=“utf-8”
liuge
2016-12-13 2:45 GMT+08:00 <openssl-users-request at openssl.org>:
> Send openssl-users mailing list submissions to
> openssl-users at openssl.org
>
> To subscribe or unsubscribe via the World Wide Web, visit
> https://mta.openssl.org/mailman/listinfo/openssl-users
> or, via email, send a message with subject or body 'help' to
> openssl-users-request at openssl.org
>
> You can reach the person managing the list at
> openssl-users-owner at openssl.org
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of openssl-users digest..."
>
>
> Today's Topics:
>
> 1. Re: Doubt about OpenSSL library initialization in an HTTP
> client application (silvioprog)
> 2. Re: Doubt about OpenSSL library initialization in an HTTP
> client application (Salz, Rich)
> 3. Re: Doubt about OpenSSL library initialization in an HTTP
> client application (silvioprog)
> 4. Re: Doubt about OpenSSL library initialization in an HTTP
> client application (Salz, Rich)
> 5. Re: Doubt about OpenSSL library initialization in an HTTP
> client application (silvioprog)
> 6. Re: Doubt about OpenSSL library initialization in an HTTP
> client application (silvioprog)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Mon, 12 Dec 2016 14:48:18 -0300
> From: silvioprog <silvioprog at gmail.com>
> To: openssl-users at openssl.org
> Subject: Re: [openssl-users] Doubt about OpenSSL library
> initialization in an HTTP client application
> Message-ID:
> <CAKq_V2+U4SyY6pAmoqwhfzuRn4T_2O3+v11E93x65sZ_MbVzJA at mail.
> gmail.com>
> Content-Type: text/plain; charset="utf-8"
>
> Oops,
>
> I meant:
>
> "In short, I just replaced the RAND_screen() call to the RAND_poll(),
> generated a random buffer using RAND_bytes() (based on
> https://wiki.openssl.org/index.php/Random_Numbers#Software) seeding it via
> RAND_add()"
>
> On Mon, Dec 12, 2016 at 2:46 PM, silvioprog <silvioprog at gmail.com> wrote:
> [...]
>
> > In short, I just removed the RAND_screen() call, generated a random
> buffer
> > using RAND_bytes() (based on https://wiki.openssl.org/
> > index.php/Random_Numbers#Software) seeding via RAND_add().
> >
>
> --
> Silvio Cl?cio
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <http://mta.openssl.org/pipermail/openssl-users/
> attachments/20161212/dd45a901/attachment-0001.html>
>
> ------------------------------
>
> Message: 2
> Date: Mon, 12 Dec 2016 18:04:17 +0000
> From: "Salz, Rich" <rsalz at akamai.com>
> To: "openssl-users at openssl.org" <openssl-users at openssl.org>
> Subject: Re: [openssl-users] Doubt about OpenSSL library
> initialization in an HTTP client application
> Message-ID:
> <d5e08b9fe75842f993a6888bc67de621 at usma1ex-dag1mb1.msg.corp.
> akamai.com>
> Content-Type: text/plain; charset="utf-8"
>
> > "In short, I just replaced the RAND_screen() call to the RAND_poll(),
> generated a random buffer using RAND_bytes()?(based on?
> https://wiki.openssl.org/index.php/Random_Numbers#Software) seeding it
> via RAND_add()"
>
> You fed RAND_bytes output back into RAND_add? That's silly.
>
> ------------------------------
>
> Message: 3
> Date: Mon, 12 Dec 2016 15:24:23 -0300
> From: silvioprog <silvioprog at gmail.com>
> To: openssl-users at openssl.org
> Subject: Re: [openssl-users] Doubt about OpenSSL library
> initialization in an HTTP client application
> Message-ID:
> <CAKq_V2KEJktX==qTtfQ1QpCYdH3=HDQ-svFWxu6Be+oKUW_C_g at mail.
> gmail.com>
> Content-Type: text/plain; charset="utf-8"
>
> On Mon, Dec 12, 2016 at 3:04 PM, Salz, Rich <rsalz at akamai.com> wrote:
>
> > > "In short, I just replaced the RAND_screen() call to the RAND_poll(),
> > generated a random buffer using RAND_bytes() (based on
> > https://wiki.openssl.org/index.php/Random_Numbers#Software) seeding it
> > via RAND_add()"
> >
> > You fed RAND_bytes output back into RAND_add? That's silly.
>
>
> Yes. Is it unnecessary? My steps are:
>
> ...
> - RAND_scree()
> + RAND_poll()
> + RAND_bytes(buf, 128);
> + RAND_add(buf, length(buf), length(buf));
> ...
>
> (I noticed I sent wrong patch, the correct one declare the RAND_bytes func
> ^^' )
>
> --
> Silvio Cl?cio
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <http://mta.openssl.org/pipermail/openssl-users/
> attachments/20161212/2c812462/attachment-0001.html>
>
> ------------------------------
>
> Message: 4
> Date: Mon, 12 Dec 2016 18:28:04 +0000
> From: "Salz, Rich" <rsalz at akamai.com>
> To: "openssl-users at openssl.org" <openssl-users at openssl.org>
> Subject: Re: [openssl-users] Doubt about OpenSSL library
> initialization in an HTTP client application
> Message-ID:
> <f18fd8acb47f4d8ab03387b51ebe9482 at usma1ex-dag1mb1.msg.corp.
> akamai.com>
> Content-Type: text/plain; charset="utf-8"
>
> > > You fed RAND_bytes output back into RAND_add?? That's silly.
>
> > Yes. Is it unnecessary? My steps are:
>
> It is a bad idea. It is pointless. Don't do it.
>
>
>
> ------------------------------
>
> Message: 5
> Date: Mon, 12 Dec 2016 15:33:34 -0300
> From: silvioprog <silvioprog at gmail.com>
> To: openssl-users at openssl.org
> Subject: Re: [openssl-users] Doubt about OpenSSL library
> initialization in an HTTP client application
> Message-ID:
> <CAKq_V2K_gMX=gHs9HZDq--bO7GD7z1X-nmUKXwkL6Ud5vVASCQ@
> mail.gmail.com>
> Content-Type: text/plain; charset="utf-8"
>
> On Mon, Dec 12, 2016 at 3:28 PM, Salz, Rich <rsalz at akamai.com> wrote:
>
> > > > You fed RAND_bytes output back into RAND_add? That's silly.
> > > Yes. Is it unnecessary? My steps are:
> >
> > It is a bad idea. It is pointless. Don't do it.
>
>
> So what is the correct way, 1 or 2?
>
> 1)
>
> RAND_poll()
> /* RAND_bytes is unnecessary */
> /* RAND_add is unnecessary */
>
> 2)
>
> RAND_poll()
> RAND_bytes(buf, 128);
> /* RAND_add is unnecessary */
>
> :-S
>
> --
> Silvio Cl?cio
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <http://mta.openssl.org/pipermail/openssl-users/
> attachments/20161212/2a763b1a/attachment-0001.html>
>
> ------------------------------
>
> Message: 6
> Date: Mon, 12 Dec 2016 15:44:19 -0300
> From: silvioprog <silvioprog at gmail.com>
> To: openssl-users at openssl.org
> Subject: Re: [openssl-users] Doubt about OpenSSL library
> initialization in an HTTP client application
> Message-ID:
> <CAKq_V2+wfnRfAx29i_6ESBj06Qh+UBkq4FZD6ZT7xcY-KFJ95w at mail.
> gmail.com>
> Content-Type: text/plain; charset="utf-8"
>
> On Mon, Dec 12, 2016 at 3:33 PM, silvioprog <silvioprog at gmail.com> wrote:
> [...]
>
> > So what is the correct way, 1 or 2?
> >
>
> *"which is ..."
>
> --
> Silvio Cl?cio
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <http://mta.openssl.org/pipermail/openssl-users/
> attachments/20161212/a77612b1/attachment.html>
>
> ------------------------------
>
> Subject: Digest Footer
>
> _______________________________________________
> openssl-users mailing list
> openssl-users at openssl.org
> https://mta.openssl.org/mailman/listinfo/openssl-users
>
>
> ------------------------------
>
> End of openssl-users Digest, Vol 25, Issue 8
> ********************************************
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20161213/8399fff1/attachment-0001.html>
More information about the openssl-users
mailing list