Hello, > The man page clearly mentions that. > > Add RAND_seed() or RAND_add() with the required > entropy required before calling RAND_bytes(). In a > pseudorandom number generator the seed uniquely > determines the random sequence. So you might want to > vary the seed somehow using getpid() or gettimeofday() > or better, using /dev/random or /dev/urandom. RAND_bytes() internally checks if it has enough entropy and if you call this function without initialization it initializes internal structures and entropy itself. If return code is 1 this means that there is enough entropy and random bytes are "cryptography secure". If return code is 0 this means that internal structures are not seeded and "self" seeding was not possible. (For example there was no source of entropy)
Best regards, -- Marek Marcola <[EMAIL PROTECTED]> ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
