Dr. Stephen Henson wrote:
> OpenSSL makes use of some standard sources of entropy on various platforms to
> seed the PRNG automatically. On linux this includes the /dev/urandom device
> and on Windows various things including the CryptoAPI PRNG.

OK, that explains, thanks.

The program is going to be distributed to clients who run a Windows
variant (2000, XP) or a unix-like OS (*BSD, Solaris, Linux, ...).

I reckon that /dev/urandom is present on most unices, so I can count on
the automatic PRNG seeding. However, on the Windows platforms I question
whether that is the case. Is CryptoAPI PRNG a standard component of the
OS which I can presume to be present?

("Network security with OpenSSL" mentions several times that Windows has
no built-in entropy-gathering mechanism that seeds a standard PRNG,
which is why the egads program was written.)

If not, I want to be able to detect whether the PRNG has been seeded
before OpenSSL complains. How would I do that?


Erik Leunissen
__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majordomo@openssl.org