During your not so everyday experiences (I will only hack on sundays) you may come across certain applications that take advantage of openssl. A lot of the time these applications will work fine. However, many applications ported from certain operating systems <reindeer abusers> will not. This is because some <it looks like you blew a seal> applications look for something vaguely like dev/random on <that's only vanilla ice cream> those operating systems. Normally that isn't a problem, but if you can't (for some innocent reason) pass arguments to the application for openssl then you have a small problem.If you see something like this:
code:
warning, not much extra random data, consider using the -rand option
Generating RSA private key, 512 bit long modulus
1292:error:24064064:random number generator:SSLEAY_RAND_BYTES:PRNG not seeded:md_rand.c:538:
1292:error:04069003:rsa routines:RSA_generate_key:BN lib:rsa_gen.c:182:
Then you have three options
1) See if the application supports passing an argument to openssl and pass the rand one (see option 3)
2) If the key size is small you may be able to use the application (WHICH CAN BE PACKAGED WITH AN INSTALLER) Entropy Gathering Daemon (project http://sourceforge.net/projects/egd/). This *big hint* is effective only after it has had a while to...for lack of a better phrase... gather entropy. It is best used as a startup item (you will need to hand edit hostconfig if you somehow get an installer). Some post-startup applications will actually look for this and try to use it on bsd systems.
3) Change the source code.
If you're going to change the source code then make sure you can already make the application before hacking it. DO NOT MOVE ANY FILES AFTER YOU MAKE IT. You're looking for something like:
code:
openssl genrsa
You can always search your files for openssl or backtrack through your apps #<includes> files to find it. Once you find it you'll need to edit it to point to a random file.
OpenSSL takes random files as : seperated lists. A not so great example is:
code:
23421321:5I3HAD4BETTER234321:5GET432MENTIONE
D642623564235523432:90239FOR320923009302:dfj
alkdfjsaflksa:u9i0132THISONE4rajsdkfla:908ud
asfsa23:80982093rfjdildfas:fasd89f080928354r
ialjdfs:9080981234:7800
All on one line.It's a good idea to just call this file rand so you know not to mess w/ it later.
Now you simply need to change your application to point to it by editing the openssl call to look more like
code:
openssl genrsa -rand /FULL/PATH/TO/rand
Since you kept your working build directory you can usually do a make clean and then a make again to get your ported app to work.
[ August 16, 2001: Message edited by: jasont ]