Obviously I have misunderstood the manpage for RAND_bytes. What is says
is:
int RAND_bytes(unsigned char *buf, int num);
int RAND_pseudo_bytes(unsigned char *buf, int num);
DESCRIPTION
RAND_bytes() puts num cryptographically strong pseudo-random
bytes into buf. An error occurs if the PRNG has not been
seeded with enough randomness to ensure an unpredictable
byte sequence.
. . .
This implied to me that it did in fact check the randomness. I already
admitted to being a little thick at times, so go easy on me :).
I now realize that this is not a bug, but a way to keep thick heads like
mine from resting on false security - good going guys. Now, how to
generate a 'good' seed for the PRNG.
My problem here is that this code will be installed on a large number of
systems which do not have the /dev/urandom device, and installing egd
may not be an option for so many machines . . .
I will download it anyway and check it out, but if anyone has some
reasonable way to do this from within the application, . . .
As for checking the return values of these calls, this is what I came up
with earlier:
while ( !RAND_status() )
{
bzero(entropy, CRYPT_RAND);
if (RAND_bytes(entropy, CRYPT_RAND -1) == 0)
{
ERROR("%s:%d - %s", __FILE__, __LINE__,
ERR_error_string(ERR_get_error(), err_buf) );
exit(0);
}
RAND_seed(entropy, CRYPT_RAND-1);
}
Notice that I do quit if the PRNG is under populated here. I was in the
process of finding the flaws here when I came back to find the fires
burning again on the issue.
Thanks everyone. Maybe I understand it now.
Lou
Richard Levitte - VMS Whacker wrote:
> From: Louis LeBlanc <[EMAIL PROTECTED]>
>
> leblanc> Anyway, this is what I did:
> leblanc> unsigned char entropy[4096];
> [...]
> leblanc> RAND_bytes(entropy, 4000);
> leblanc> RAND_seed(entropy, 3000);
>
> And what do you think this gives you? Have you actually thought of
> checking the returned status code? This is what I would call a
> blatant chicken-and-egg problem.
>
> --
> Richard Levitte \ Spannvägen 38, II \ [EMAIL PROTECTED]
> Chairman@Stacken \ S-168 35 BROMMA \ T: +46-8-26 52 47
> Redakteur@Stacken \ SWEDEN \ or +46-709-50 36 10
> Procurator Odiosus Ex Infernis -- [EMAIL PROTECTED]
> Member of the OpenSSL development team: http://www.openssl.org/
> Software Engineer, Celo Communications: http://www.celocom.com/
>
> Unsolicited commercial email is subject to an archival fee of $400.
> See <http://www.stacken.kth.se/~levitte/mail/> for more info.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
