[erlang-questions] SSL RNG seeding

Robert Schonberger rschonberger@REDACTED
Fri Jul 10 11:34:06 CEST 2009


did you look at crypto:rand_bytes/1 ?

2009/6/1 Greg Perry <Greg.Perry@REDACTED>

> Ugh.  From the ssl module documentation:
>
> ----------
>
> seed(Data) -> ok | {error, Reason}
>
> Types:
>
> Data = iolist() | binary()
>
> Seeds the ssl random generator.
>
> It is strongly advised to seed the random generator after the ssl
> application has been started, and before any connections are
> established. Although the port program interfacing to the OpenSSL
> libraries does a "random" seeding of its own in order to make everything
> work properly, that seeding is by no means random for the world since it
> has a constant value which is known to everyone reading the source code
> of the seeding.
>
> A notable return value is {error, edata}} indicating that Data was not a
> binary nor an iolist.
>
> ----------
>
> So SSL uses a hardcoded seed value within the source code, is this
> standard across all of the Erland cryto libraries?
>
> Regards
>
> Greg
>
>
>
> ________________________________________________________________
> erlang-questions mailing list. See http://www.erlang.org/faq.html
> erlang-questions (at) erlang.org
>



-- 
Robert Schonberger
rschonberger@REDACTED


More information about the erlang-questions mailing list