Re: openssl-users Digest, Vol 25, Issue 8

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

Re: openssl-users Digest, Vol 25, Issue 8

gev6 liu
text / plain的;字符集=“utf-8” 

liuge



2016-12-13 2:45 GMT+08:00 <[hidden email]>:
Send openssl-users mailing list submissions to
        [hidden email]

To subscribe or unsubscribe via the World Wide Web, visit
        https://mta.openssl.org/mailman/listinfo/openssl-users
or, via email, send a message with subject or body 'help' to
        [hidden email]

You can reach the person managing the list at
        [hidden email]

When replying, please edit your Subject line so it is more specific
than "Re: Contents of openssl-users digest..."


Today's Topics:

   1. Re: Doubt about OpenSSL library initialization in an HTTP
      client application (silvioprog)
   2. Re: Doubt about OpenSSL library initialization in an HTTP
      client application (Salz, Rich)
   3. Re: Doubt about OpenSSL library initialization in an HTTP
      client application (silvioprog)
   4. Re: Doubt about OpenSSL library initialization in an HTTP
      client application (Salz, Rich)
   5. Re: Doubt about OpenSSL library initialization in an HTTP
      client application (silvioprog)
   6. Re: Doubt about OpenSSL library initialization in an HTTP
      client application (silvioprog)


----------------------------------------------------------------------

Message: 1
Date: Mon, 12 Dec 2016 14:48:18 -0300
From: silvioprog <[hidden email]>
To: [hidden email]
Subject: Re: [openssl-users] Doubt about OpenSSL library
        initialization in an HTTP client application
Message-ID:
        <[hidden email]>
Content-Type: text/plain; charset="utf-8"

Oops,

I meant:

"In short, I just replaced the RAND_screen() call to the RAND_poll(),
generated a random buffer using RAND_bytes() (based on
https://wiki.openssl.org/index.php/Random_Numbers#Software) seeding it via
RAND_add()"

On Mon, Dec 12, 2016 at 2:46 PM, silvioprog <[hidden email]> wrote:
[...]

> In short, I just removed the RAND_screen() call, generated a random buffer
> using RAND_bytes() (based on https://wiki.openssl.org/
> index.php/Random_Numbers#Software) seeding via RAND_add().
>

--
Silvio Cl?cio
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20161212/dd45a901/attachment-0001.html>

------------------------------

Message: 2
Date: Mon, 12 Dec 2016 18:04:17 +0000
From: "Salz, Rich" <[hidden email]>
To: "[hidden email]" <[hidden email]>
Subject: Re: [openssl-users] Doubt about OpenSSL library
        initialization in an HTTP client application
Message-ID:
        <[hidden email]>
Content-Type: text/plain; charset="utf-8"

> "In short, I just replaced the RAND_screen() call to the RAND_poll(), generated a random buffer using RAND_bytes()?(based on?https://wiki.openssl.org/index.php/Random_Numbers#Software) seeding it via RAND_add()"

You fed RAND_bytes output back into RAND_add?  That's silly.

------------------------------

Message: 3
Date: Mon, 12 Dec 2016 15:24:23 -0300
From: silvioprog <[hidden email]>
To: [hidden email]
Subject: Re: [openssl-users] Doubt about OpenSSL library
        initialization in an HTTP client application
Message-ID:
        <CAKq_V2KEJktX==qTtfQ1QpCYdH3=[hidden email]>
Content-Type: text/plain; charset="utf-8"

On Mon, Dec 12, 2016 at 3:04 PM, Salz, Rich <[hidden email]> wrote:

> > "In short, I just replaced the RAND_screen() call to the RAND_poll(),
> generated a random buffer using RAND_bytes() (based on
> https://wiki.openssl.org/index.php/Random_Numbers#Software) seeding it
> via RAND_add()"
>
> You fed RAND_bytes output back into RAND_add?  That's silly.


Yes. Is it unnecessary? My steps are:

...
- RAND_scree()
+ RAND_poll()
+ RAND_bytes(buf, 128);
+ RAND_add(buf, length(buf), length(buf));
...

(I noticed I sent wrong patch, the correct one declare the RAND_bytes func
^^' )

--
Silvio Cl?cio
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20161212/2c812462/attachment-0001.html>

------------------------------

Message: 4
Date: Mon, 12 Dec 2016 18:28:04 +0000
From: "Salz, Rich" <[hidden email]>
To: "[hidden email]" <[hidden email]>
Subject: Re: [openssl-users] Doubt about OpenSSL library
        initialization in an HTTP client application
Message-ID:
        <[hidden email]>
Content-Type: text/plain; charset="utf-8"

> > You fed RAND_bytes output back into RAND_add?? That's silly.

> Yes. Is it unnecessary? My steps are:

It is a bad idea.  It is pointless.  Don't do it.



------------------------------

Message: 5
Date: Mon, 12 Dec 2016 15:33:34 -0300
From: silvioprog <[hidden email]>
To: [hidden email]
Subject: Re: [openssl-users] Doubt about OpenSSL library
        initialization in an HTTP client application
Message-ID:
        <CAKq_V2K_gMX=[hidden email]>
Content-Type: text/plain; charset="utf-8"

On Mon, Dec 12, 2016 at 3:28 PM, Salz, Rich <[hidden email]> wrote:

> > > You fed RAND_bytes output back into RAND_add?  That's silly.
> > Yes. Is it unnecessary? My steps are:
>
> It is a bad idea.  It is pointless.  Don't do it.


So what is the correct way, 1 or 2?

1)

RAND_poll()
/* RAND_bytes is unnecessary */
/* RAND_add is unnecessary */

2)

RAND_poll()
RAND_bytes(buf, 128);
/* RAND_add is unnecessary */

:-S

--
Silvio Cl?cio
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20161212/2a763b1a/attachment-0001.html>

------------------------------

Message: 6
Date: Mon, 12 Dec 2016 15:44:19 -0300
From: silvioprog <[hidden email]>
To: [hidden email]
Subject: Re: [openssl-users] Doubt about OpenSSL library
        initialization in an HTTP client application
Message-ID:
        <[hidden email]>
Content-Type: text/plain; charset="utf-8"

On Mon, Dec 12, 2016 at 3:33 PM, silvioprog <[hidden email]> wrote:
[...]

> So what is the correct way, 1 or 2?
>

*"which is ..."

--
Silvio Cl?cio
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20161212/a77612b1/attachment.html>

------------------------------

Subject: Digest Footer

_______________________________________________
openssl-users mailing list
[hidden email]
https://mta.openssl.org/mailman/listinfo/openssl-users


------------------------------

End of openssl-users Digest, Vol 25, Issue 8
********************************************


--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users