On Wed, Apr 07, 2010, Sad Clouds wrote: > On Tue, 6 Apr 2010 21:17:01 +0200 > "Dr. Stephen Henson" <st...@openssl.org> wrote: > > > Well that actual manual page is rather old and it still talks about > > PRNG initialisation which dates from the time OpenSSL didn't handle > > that automatically on many platforms. > > So are you saying there is no need to seed PRNG? Is there a way to > check on a given platform if OpenSSL initialised PRNG?
I'm saying that many platforms (Windows, those with /dev/urandom or /dev/random) no longer need to seed the PRNG. Some others may need to add an entropy daemon such as EGD. You can check with RAND_status() (see manual page). Also any attempt to use an unseeded PRNG will fail with an error code. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
