Thanks, I'd missed/forgotten that comment. I've also seen crashes in
single-threaded applications due to RAND_poll. One that immediately comes
to mind is when the performance counters in the registry are accessed which
cause hook DLLS to be loaded and called. I've come across a machine that
appeared to be poorly configured due to an unclean Lotus Notes uninstall --
there were some Lotus Notes performance counter hooks left behind when the
referenced DLLs had been removed. Actually, I can't recall whether it was
an immediate crash or an indefinite hang, but the point is that some of the
stuff done in RAND_poll is fairly exotic and can behave irradically
depending on the dynamic state of the environment at runtime. Sure, a
poorly configured system is hard to work with but when poorly configured
systems are easy to come across the applications have to be a bit more
robust. I've found at times that I've had little choice other than to
disable the portion of RAND_poll that is causing a problem on a particular
system. Moving such functionality out-of-process would improve stability,
and this is obviously where prngd/egd comes in, but if these are seen as
useful for more secure applications then it seems that a default OpenSSL
install could settle for CryptoAPI's PRNG.

-----Original Message-----
From: owner-openssl-dev@openssl.org [mailtowner-openssl-dev@openssl.org]
On Behalf Of Ferdinand Prantl
Sent: Monday, 4 April 2005 3:59 PM
To: openssl-dev@openssl.org
Subject: RE: How good a random source is Crypto API?

You may want to see the threads:

BUG: CreateToolhelp32Snapshot
First (initializing) call to RAND_status() very slow on Win32

An excerpt:

------------
Jeffrey Altman
Thu, 14 Aug 2003 11:23:38 -0700

The reason that we go to all this trouble to examine alternative sources of
randomness other than CryptGetRandom() is that Microsoft has refused to
publish the sources of randomness which are used. Therefore, we have no
ability to know whether or not the randomness reported by Windows is in fact
random.
------------

However, it does not mean, that the method should be thread-unsafe and
extremely slow under some circumstances...

Ferda

________________________________

From: owner-openssl-dev@openssl.org
[mailtowner-openssl-dev@openssl.org] On Behalf Of Steven Reddie
Sent: Monday, April 04, 2005 7:45 AM
To: openssl-dev@openssl.org
Subject: How good a random source is Crypto API?


The non-thread-safe nature of RAND_poll for Win32 is something I
need to address as it's impossible given the use of my library to expect
RAND_poll to be called before other threads exist. This leads me to the
question of how good a random source is the CryptGenRandom function on
Windows. If it is a good enough source, then why bother with everything
else that is done inside RAND_poll? The MSDN documentation makes it sound
like similar things are being done for their random number seeding as is
done in RAND_poll.

Regards,

Steven

__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majordomo@openssl.org

__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majordomo@openssl.org