RAND_seed buffer freeing
Matthias St. Pierre
Matthias.St.Pierre at ncp-e.com
Thu Jul 11 12:31:31 UTC 2019
On 11.07.19 12:00, Tobias.Wolf at t-systems.com wrote:
>
> I`ve one question regarding RAND_seed, the first parameter refers to a buffer, who is freeing that buffer afterwards? Can I free it after the call to RAND_seed or is this done by openssl?
>
You own the buffer, OpenSSL only reads its contents. So you can free it immediately after the call.
Note that before freeing it, you should erase the buffer contents for security reasons.
Actually, since OpenSSL 1.1.1. most applications don't need to worry about manual seeding anymore,
because the OpenSSL CSPRNG does it automatically. For more details, see
https://www.openssl.org/docs/man1.1.1/man7/RAND.html <https://www.openssl.org/docs/man1.1.1/man7/RAND.html>
and
https://www.openssl.org/docs/man1.1.1/man7/RAND_DRBG.html <https://www.openssl.org/docs/man1.1.1/man7/RAND_DRBG.html>
HTH,
Matthias
More information about the openssl-users
mailing list