>>Hmm, I doubt very much that running RAND_poll() multiple times on top
of itself gives that much more entropy.
Concerning this, RAND_poll() behaves as follows on Windows systems:
- call to NetStatisticsGet for LanManWorkstation and
LanManServer services;
- call to CryptGenRandom to poll the CryptoAPI PRNG and the
Pentium PRG;
- call to GlobalMemoryStatus;
- call to GetCurrentProcessId;
- call to GetForegroundWindow;
- call to GetCursorInfo;
- call to GetQueueStatus;
- call to thread, process, module and heap polling function.
Don't you think that entropy given is sufficient each time RAND_poll()
is called ?
>>The most common form is by loading a file of randomness, but I
udnerstand that's not a option for you.
What actually bothers me with a file containing randomness is that its
contents must be changed quite often, otherwise it's predictable. But
maybe the following solution is not a sin (I hope so!) :
///////////////////////////////////////
if (!RAND_status())
{
/* If RAND_poll() is not sufficient, then load randomness file
*/
RAND_load_file(g_szFileName,-1);
}
/* Rewrite the randomness file so that its contents changes often */
RAND_write_file(g_szFileName);
///////////////////////////////////////
What about this ?
Marc Gaudichet
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
