Hello,
> I’m upgrading my system from Openssl version 9.6.d to Openssl version
9.8.a.
> I’m experiencing some problems when I’m “playing” server, For example
accepting an
> incoming call or even accessing my system via HTTPS causes the system to
get stuck.
> After some investigation I figured out that I get stuck in
RAND_status(). It never returns.
> I saw that there is a basic difference between Openssl version 9.6.d and
Openssl version
> 9.8.a. regarding blinding, such that in 9.6.d blinding is disabled by
default and in 9.
> 8.a it is enabled by default.
> (I’m running on embedded Linux)
> Initially I’d like to ask in anyone has encountered such problems and if
so, how did he
> solve them.
> Then I’d like to try, both enabling blinding on 9.6.d and disabling
blinding on 9.8.a
> I read that one should use the RSA_blinding_off and RSA_blinding_on
functions, but I
> really don’t know where they should be called.
Maybe better solution then disable blinding is to seed PRNG with something
like:
RAND_load_file("/dev/urandom", 1024);
For test purpose you may create some "random" file and use it in this
function instead
of /dev/urandom.
This should be done at the beginning of your application.
Best regards,
--
Marek Marcola <[EMAIL PROTECTED]>
