On Mon, Dec 12, 2016 at 3:28 PM, Salz, Rich <rsalz@xxxxxxxxxx> wrote:
> > You fed RAND_bytes output back into RAND_add? That's silly.
> Yes. Is it unnecessary? My steps are:
It is a bad idea. It is pointless. Don't do it.
So what is the correct way, 1 or 2?
1)
RAND_poll()
/* RAND_bytes is unnecessary */
/* RAND_add is unnecessary */
2)
RAND_poll()
RAND_bytes(buf, 128);
/* RAND_add is unnecessary */
:-S
Silvio Clécio
-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
