Hello Mailinglist,

in the OpenSSL documentation is written that I should initialize with RAND_seed() before using RSA_public_encrypt() and RSA_generate_key_ex(). But I havent found any good examples that show how to do this. (For Windows)

I found this example in the test folder over and over again. But it seems that this is only a dummy.
static const char rnd_seed[] = "string to make the random number generator think it has entropy";
RAND_seed(rnd_seed, sizeof rnd_seed); /* or OAEP may fail */

What do you think if I use rand() from cstdlib.h to create a char* string and put it into RAND_seed():

const int SeedLen=100;
char RandSeed[SeedLen];
for (int i=0; i RandSeed[i] = rand() % 256;

Or is there a better way to set rand_seed? I cannot bother a user with key input or else.
In some test applications I havent seen any rand_seed calls. So maybe it is not so important?


GMX FreeMail: 1 GB Postfach, 5 E-Mail-Adressen, 10 Free SMS.
Alle Infos und kostenlose Anmeldung: http://www.gmx.net/de/go/freemail
__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majordomo@openssl.org