Thanks for the info. I'm glad it is done automatically.
:-)
Mike
Bernhard Froehlich wrote:
Michael D'Errico wrote:
I need to seed the random number generator on Windows and can't rely on a service such as EGADS being installed and running. What would you recommend I do to gather random bytes for the seed?
Which versions of Windows are you referring to? On 2k and upwards (maybe also on NT4 with current Service Packs, but I'm not sure there) the RNG should be automatically seeded quite fine using MS Crypto API.
Windows XP. I'm referring to the use of RAND_add to seed OpenSSL's random number generator. It's my understanding that I need to do this manually. Does the MS Crypto API have a function to gather entropy?
Windows Crypro API exports the function "CryptGenRandom" (http://msdn.microsoft.com/library/default.asp?url=/library/en-us/seccrypto/security/cryptgenrandom.asp) to generate "cryptographically random" bytes. Of course I don't know how good this random is in fact, but I think you'll have a hard time generating better... ;)
The seeding is done (automatically) in the OpenSSL-Source file rand_win.c, if you want to have a look yourself. If you want to be sure, you can do the same thing using the following piece of code:
HCRYPTPROV hProvider = 0; BYTE buf[64];
if (CryptAcquireContext(&hProvider, 0, 0, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT))
{
if (CryptGenRandom(hProvider, sizeof(buf), buf))
RAND_add(buf, sizeof(buf), sizeof(buf));
CryptReleaseContext(hProvider, 0);
}
Hope it helps, Ted ;)
______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
