[openssl-users] Seeding before RSA key generation
Matt Caswell
matt at openssl.org
Thu Oct 4 15:47:39 UTC 2018
On 04/10/18 16:14, Salz, Rich via openssl-users wrote:
> Which version of OpenSSL are you using?
>
> 1.0.2 and 1.1.0 have a bad random number generator and must be explicitly seeded.
This is not correct. The RNG in 1.0.2 and 1.1.0 automatically seeds.
There is no need to explicitly seed it. I also wouldn't describe it as
"bad". 1.1.1 has a much better RNG, but there is no reason not to trust
and use the 1.0.2 and 1.1.0 RNG.
> 1.1.1 has a good random number generator and auto-seeds.
>
1.0.2 and 1.1.0 auto seed. 1.1.1 additionally auto-*re*seeds.
Matt
More information about the openssl-users
mailing list