> I get a PRNG_NOT_SEEDED error even after i call > RAND_add() function. I am calling the function at the > begining before SSL initialization.
... > unsigned long Time=time(NULL); > > RAND_add(&Time,sizeof(Time),0); You should call RAND_status which returns true/false to tell you if you have enough entropy. Your code is bad for several reasons: Assuming an unsigned long is 4 bytes on your system, you're adding 32 bits of entropy, which is very very low. (You'd want to give at least 40 bits to properly use 40 bit crypto, etc.) Secondly, time(NULL) is not providing 32 full bits of entropy. In an entire day time(NULL) will produce only 86400 different values, which has 17 bits total. The actual entropy of those bits is still damned low. Lastly, RAND_add expects the last arg to be the expected entropy of your system. Now here you've done a fairly accurate assesment in saying that even though an unsigned long is 32 bits the amount of entropy being supplied by your unsigned long (initialized from time(NULL) ) is low (you said 0 bytes). Try getting a better source of random data and then use RAND_add with a non-zero final value, where that value accurately defines how much randomness you expect in the data. You might want to read the RAND_add man page. -- Brian Hatch "Don't give Systems and away the homeworld." Security Engineer http://www.ifokr.org/bri/ Every message PGP signed
pgp00000.pgp
Description: PGP signature
