On Fri, Oct 18, 2002 at 02:23:29PM +0200, Gerd Schering wrote:
> 1. I think on systems which have /dev/urandom, this one is used to seed
> the PRNG. What happens if the environment variable RANDFILE is set and
> points to another file or device? Are both used (ORed?) or only
> RANDFILE? (in addition: what happens when using -rand in genrsa?)
/dev/urandom is queried regardless whether other sources were specified
or not. All sources are mixed into the pool (with "mixed" meaning that
they are hashed into the pool using SHA-1, not just simply ORed).
>
> 2. When RANDFILE is pointing to a plain file, I notice that after each
> use, data is written back and the file gets larger and larger.
> I understand, that it is necessary to save a new seed for the PRNG, but
> why is the file not simply overwritten?
I cannot reproduce this behaviour. In my case it is overwritten.
> 3. How many bits of random data are used for seeding, when generating
> for instance a 2048 bit RSA key?
I don't know :-)
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetsplatz 3-4, D-03044 Cottbus
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
