On Fri, Sep 23, 2011 at 4:59 AM, alok sharma <[email protected]> wrote: > So is there any method on Windows to generate non-predictable > randomnumbers. I think mostly FileSytem time is used to seed randomness > which is failing in my case. One typically uses CryptGenRandom.
Jeff > On Mon, Sep 19, 2011 at 4:52 PM, Dr. Stephen Henson <[email protected]> > wrote: >> >> On Mon, Sep 19, 2011, alok sharma wrote: >> >> > Hi Jacob, >> > Thanks for such a detailed reply. But I am having one concern that >> > how >> > an application can know whether it si secure or not. Fips uses >> > GetSystemTimeAsFileTime() for PRNG test which is having granuality of 1 >> > ns, >> > but my application is running even at faster rate so same value is being >> > generated for current as well as for last request. Is there any >> > provision >> > inside Openssl which ensures that unique randon numbers will be >> > generated or >> > application need to add some delay for each new connection request. >> > Regards, >> > >> >> OpenSSL uses more than just GetSystemTimeAsFileTime it also makes use of a >> counter value which is incremented on each use. This is all done under a >> lock >> so the values should never repeat even if the time value does. >> >> If you are getting continuous PRNG test failures then I suspect your >> locking >> callbacks aren't functioning correctly and you are getting race >> conditions. >> >> Steve. >> -- >> Dr Stephen N. Henson. OpenSSL project core developer. >> Commercial tech support now available see: http://www.openssl.org >> ______________________________________________________________________ >> OpenSSL Project http://www.openssl.org >> User Support Mailing List [email protected] >> Automated List Manager [email protected] > > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [email protected] Automated List Manager [email protected]
