Re: Doubt about OpenSSL library initialization in an HTTP client application

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Thanks for sharing the links, I'm going to check them.

The original code call RAND_screen() only once in the app initialization, so can I replace it by RAND_add()? (I'm newbie on SSL)

I've noticed the application is just a HTTP client consuming some web services via HTTPS. It doesn't call explicitly any OpenSSL random function, so I think it uses the default OpenSSL configurations.

On Sat, Dec 3, 2016 at 3:42 PM, Jeffrey Walton <noloader@xxxxxxxxx> wrote:
[...]
Also see https://wiki.openssl.org/index.php/Library_Initialization and
https://wiki.openssl.org/index.php/Random_Numbers#Windows_Issues.

The short of it is, you should stop relying on auto-initialization of
the RNG, and seed it yourself with a call to `RAND_add`.

Jeff

--
Silvio Clécio
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux