[xmlsec] Why seeding the random generator in Example 1

Aleksey Sanin aleksey at aleksey.com
Mon Jul 8 07:55:27 PDT 2002


Random numbers are used by OpenSSL in many "hidden" places. For example,
you need random numbers to produce correct padding. So it's more simple to
initialize random numbers than investigate why the program does not work :)

Aleksey

Hans-Juergen.Heinrich at de.gi-de.com wrote:

>Hi,
>
>Unfortunately, I do not understand why the random generator
>of OpenSSL has to be seeded in Example 1 on the xmlsec website.
>The code is as follows:
>                                                                            
> int rnd_seed = 0;                                                          
>                                                                            
>     /**                                                                    
>      * Init OpenSSL:                                                       
>      * this is a BAD way to init random numbers                            
>      * generator                                                           
>      */                                                                    
>     while (RAND_status() != 1) {                                           
>     RAND_seed(&rnd_seed, sizeof(rnd_seed));                                
>     }                                                                      
>                                                                            
>
>
>
>
>Is this really necessary here, or is it just the default way
>to initialize OpenSSL? I can't see where the random generator is
>used in the example, and I just want to make sure I didn't miss
>anything important. If it was not necessary, one wouldn't need to
>include the openssl-headerfiles at all.
>
>Thank you for your help
>Hans-Juergen
>
>----------------------------------
>Dr. Hans-Jürgen Heinrich
>System engineer, 4TE3
>Giesecke & Devrient GmbH, Truderinger Straße 15, D-81607 München
>Phone:  +49 89 4119-2625, FAX:     +49 89 4119-1629
>mailto:hans-juergen.heinrich at de.gi-de.com
>http://www.gieseckedevrient.com
>
>_______________________________________________
>xmlsec mailing list
>xmlsec at aleksey.com
>http://www.aleksey.com/mailman/listinfo/xmlsec
>  
>





More information about the xmlsec mailing list