1. Why do I get a "PRNG not seeded" error message?

Cryptographic software needs a source of unpredictable data to work correctly. Many open source operating systems provide a "randomness device" (/dev/urandom or /dev/random) that serves this purpose. All OpenSSL versions try to use /dev/urandom by default; starting with version 0.9.7, OpenSSL also tries /dev/random if /dev/urandom is not available.

On other systems, applications have to call the RAND_add() or RAND_seed() function with appropriate data before generating keys or performing public key encryption. (These functions initialize the pseudo-random number generator, PRNG.) Some broken applications do not do this. As of version 0.9.5, the OpenSSL functions that need randomness report an error if the random number generator has not been seeded with at least 128 bits of randomness. If this error occurs and is not discussed in the documentation of the application you are using, please contact the author of that application; it is likely that it never worked correctly. OpenSSL 0.9.5 and later make the error visible by refusing to perform potentially insecure encryption.

If you are using Solaris 8, you can add /dev/urandom and /dev/random devices by installing patch 112438 (Sparc) or 112439 (x86), which are available via the Patchfinder at http://sunsolve.sun.com (Solaris 9 includes these devices by default). For /dev/random support for earlier Solaris versions, see Sun's statement at http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsrdb/27606&zone_32=SUNWski (the SUNWski package is available in patch 105710).

On systems without /dev/urandom and /dev/random, it is a good idea to use the Entropy Gathering Demon (EGD); see the RAND_egd() manpage for details. Starting with version 0.9.7, OpenSSL will automatically look for an EGD socket at /var/run/egd-pool, /dev/egd-pool, /etc/egd-pool and /etc/entropy.

Most components of the openssl command line utility automatically try to seed the random number generator from a file. The name of the default seeding file is determined as follows: If environment variable RANDFILE is set, then it names the seeding file. Otherwise if environment variable HOME is set, then the seeding file is $HOME/.rnd. If neither RANDFILE nor HOME is set, versions up to OpenSSL 0.9.6 will use file .rnd in the current directory while OpenSSL 0.9.6a uses no default seeding file at all. OpenSSL 0.9.6b and later will behave similarly to 0.9.6a, but will use a default of "C:\" for HOME on Windows systems if the environment variable has not been set.

If the default seeding file does not exist or is too short, the "PRNG not seeded" error message may occur.

The openssl command line utility will write back a new state to the default seeding file (and create this file if necessary) unless there was no sufficient seeding.

Pointing $RANDFILE to an Entropy Gathering Daemon socket does not work. Use the "-rand" option of the OpenSSL command line tools instead. The $RANDFILE environment variable and $HOME/.rnd are only used by the OpenSSL command line tools. Applications using the OpenSSL library provide their own configuration options to specify the entropy source, please check out the documentation coming the with application.

Class pair_int_char{
 public:
  int first;
  char second;
  pair_int_char(int x,char y) : first(x), second(y) {}
};

pair_int_char pair(13,'a');
cout << pair1.first << endl;
cout << pair1.second << endl;

Class pair_bool_double{
 public:
  int first;
  char second;
  pair_bool_double(bool x,double y) : first(x), second(y) {}
};

pair_bool_double pair(true,0.1);
cout << pair2.first << endl;
cout << pair2.second << endl;

->

using STL Class Template

template <typename T1, typename T2>
class pair {
 public:
  T1 first;
  T2 second;
  pair(T1 x, T2 y) : first(x), second(y) {}
};
pair<int,char> pair3(13,'a);
pair<bool,double> pair4(true,0.1); ...

using STL Class Template reference parameters
template <typename T1, typename T2>
class pair {
 public:
  T1 first;
  T2 second;
  pair() : first(T1()),second(T2()) {}
  pair(const T1* x,const T2& y) : first(x), second(y) {}
};

위에 같은 결과값의 두개 코드를 비교...

#include <openssl/asn1.h>
#include <openssl/sha.h>
#include <openssl/rsa.h>
#include <openssl/x509.h>

BIO *mem = BIO_new( BIO_s_mem() );
 if ( !ASN1_parse(mem, (unsigned char*) strData.c_str(), strData.length(), 3) )
  return -1;

 BUF_MEM *bptr;
 BIO_get_mem_ptr ( mem, &bptr );
 BIO_set_close ( mem, BIO_NOCLOSE ); /* So BIO_free() leaves BUF_MEM alone */

 string strParseRtn = "";
 strParseRtn.append( bptr->data );

 BUF_MEM_free( bptr );
 BIO_free(mem);

 strParseRtn 파싱된 값이 일정한 형식대로 파싱됨...그걸 스트링 구분해서 값을 가져오면 됨

/*Base64.h*/
#ifndef __BASE64_H
#define __BASE64_H

#if _MSC_VER > 1000
#pragma once
#endif // _MSC_VER > 1000

#include <string>

class CBase64
{
public:
 CBase64(void);
 ~CBase64(void);
 
 static std::string Decode( const std::string& data );
 static std::string Encode( const std::string& data );
};
#endif // __BASE64_H


============================================================================


/*Base64.cpp*/
#include "Base64.h"
#include <stdio.h>

using namespace std;

static const char           fillchar = '=';
static const string::size_type  np = string::npos;
static const string   Base64Table("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/");         
 // Decode Table gives the index of any valid base64 character in the Base64 table]
 // 65 == A, 97 == a, 48 == 0, 43 == +, 47 == /

                                                // 0  1  2  3  4  5  6  7  8  9
const string::size_type DecodeTable[] =       {np,np,np,np,np,np,np,np,np,np,  // 0 - 9
                                               np,np,np,np,np,np,np,np,np,np,  //10 -19
                                               np,np,np,np,np,np,np,np,np,np,  //20 -29
                                               np,np,np,np,np,np,np,np,np,np,  //30 -39
                                               np,np,np,62,np,np,np,63,52,53,  //40 -49
                                               54,55,56,57,58,59,60,61,np,np,  //50 -59
                                               np,np,np,np,np, 0, 1, 2, 3, 4,  //60 -69
                                               5, 6, 7, 8, 9,10,11,12,13,14,  //70 -79
                                               15,16,17,18,19,20,21,22,23,24,  //80 -89
                                               25,np,np,np,np,np,np,26,27,28,  //90 -99
                                               29,30,31,32,33,34,35,36,37,38,  //100 -109
                                               39,40,41,42,43,44,45,46,47,48,  //110 -119
                                               49,50,51,np,np,np,np,np,np,np,  //120 -129
                                               np,np,np,np,np,np,np,np,np,np,  //130 -139
                                               np,np,np,np,np,np,np,np,np,np,  //140 -149
                                               np,np,np,np,np,np,np,np,np,np,  //150 -159
                                               np,np,np,np,np,np,np,np,np,np,  //160 -169
                                               np,np,np,np,np,np,np,np,np,np,  //170 -179
                                               np,np,np,np,np,np,np,np,np,np,  //180 -189
                                               np,np,np,np,np,np,np,np,np,np,  //190 -199
                                               np,np,np,np,np,np,np,np,np,np,  //200 -209
                                               np,np,np,np,np,np,np,np,np,np,  //210 -219
                                               np,np,np,np,np,np,np,np,np,np,  //220 -229
                                               np,np,np,np,np,np,np,np,np,np,  //230 -239
                                               np,np,np,np,np,np,np,np,np,np,  //240 -249
                                               np,np,np,np,np,np};             //250 -256

CBase64::CBase64(void)
{
}

CBase64::~CBase64(void)
{
}

string CBase64::Encode(const string& data)
{
 string::size_type  i;
 char               c;
 string::size_type  len = data.length();
 string             ret;
 
 ret.reserve(len * 2);
 
 for (i = 0; i < len; ++i)
 {
   c = (data[i] >> 2) & 0x3f;
   ret.append(1, Base64Table[c]);
   c = (data[i] << 4) & 0x3f;
   if (++i < len)
       c |= (data[i] >> 4) & 0x0f;
  
   ret.append(1, Base64Table[c]);
   if (i < len)
   {
       c = (data[i] << 2) & 0x3f;
       if (++i < len)
           c |= (data[i] >> 6) & 0x03;
  
       ret.append(1, Base64Table[c]);
   }
   else
   {
       ++i;
       ret.append(1, fillchar);
   }
  
   if (i < len)
   {
       c = data[i] & 0x3f;
       ret.append(1, Base64Table[c]);
   }
   else
   {
       ret.append(1, fillchar);
   }
 }
 
 return(ret);
}

string CBase64::Decode(const string& data)
{
 string::size_type  i;
 char               c;
 char                c1;
 string::size_type  len = data.length();
 string             ret;
 
 ret.reserve(len);
 
 for (i = 0; i < len; ++i)
 {
   c = (char) DecodeTable[(unsigned char)data[i]];
   ++i;
   c1 = (char) DecodeTable[(unsigned char)data[i]];
   c = (c << 2) | ((c1 >> 4) & 0x3);
   ret.append(1, c);
   if (++i < len)
   {
       c = data[i];
       if (fillchar == c)
           break;
  
       c = (char) DecodeTable[(unsigned char)data[i]];
       c1 = ((c1 << 4) & 0xf0) | ((c >> 2) & 0xf);
       ret.append(1, c1);
   }
  
   if (++i < len)
   {
       c1 = data[i];
       if (fillchar == c1)
           break;
  
       c1 = (char) DecodeTable[(unsigned char)data[i]];
       c = ((c << 6) & 0xc0) | c1;
       ret.append(1, c);
   }
 }
 
 return(ret);
}