[openssl-users] PEM_write_bio_RSAPrivateKey assure Randomness of PK

Michael Wojcik Michael.Wojcik at microfocus.com
Wed May 23 21:54:41 UTC 2018


> From: openssl-users [mailto:openssl-users-bounces at openssl.org] On Behalf
> Of redpath
> Sent: Wednesday, May 23, 2018 16:02
> To: openssl-users at openssl.org
> Subject: Re: [openssl-users] PEM_write_bio_RSAPrivateKey assure
> Randomness of PK
>
> Oh I am using         openssl-1.0.2o just for development
>
> But I certainly will take a recommendation of version.

1.0.2 is currently a Long-Term Support (LTS) release, but support ends at the end of 2019. 1.1.1 is the new LTS release, and since 1.1 introduced a number of API changes and new features, I think it's worthwhile moving to 1.1.1 (at the latest fix level) as soon as is convenient.

That said, 1.0.2o is fine as well - just keep in mind that at some point you'll need to change to the 1.1 API, and you may need to move sooner to get features you want. As Rich mentioned, 1.1 has some improvements regarding random seeding, so it may be worth doing that now.

--
Michael Wojcik
Distinguished Engineer, Micro Focus





More information about the openssl-users mailing list