From 96c930dd2fae0645aded269ff950c05515596bff Mon Sep 17 00:00:00 2001 From: =?utf8?q?Lutz=20J=C3=A4nicke?= Date: Mon, 11 Nov 2002 08:33:10 +0000 Subject: [PATCH 1/1] More information to the important issue of seeding the PRNG Submitted by: Reviewed by: PR: 285 --- FAQ | 2 ++ INSTALL | 12 ++++++++++++ 2 files changed, 14 insertions(+) diff --git a/FAQ b/FAQ index 28027fdcac..9998821fde 100644 --- a/FAQ +++ b/FAQ @@ -226,6 +226,8 @@ support can be found at http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsrdb/27606&zone_32=SUNWski However, be warned that /dev/random is usually a blocking device, which may have some effects on OpenSSL. +A third party /dev/random solution for Solaris is available at + http://www.cosy.sbg.ac.at/~andi/ * Why do I get an "unable to write 'random state'" error message? diff --git a/INSTALL b/INSTALL index af86485e00..63c88523c3 100644 --- a/INSTALL +++ b/INSTALL @@ -296,3 +296,15 @@ targets for shared library creation, like linux-shared. Those targets can currently be used on their own just as well, but this is expected to change in future versions of OpenSSL. + + Note on random number generation + -------------------------------- + + Availability of cryptographically secure random numbers is required for + secret key generation. OpenSSL provides several options to seed the + internal PRNG. If not properly seeded, the internal PRNG will refuse + to deliver random bytes and a "PRNG not seeded error" will occur. + On systems without /dev/urandom (or similar) device, it may be necessary + to install additional support software to obtain random seed. + Please check out the manual pages for RAND_add(), RAND_bytes(), RAND_egd(), + and the FAQ for more information. -- 2.34.1