[openssl-dev] PRNG function
Vadiim Lebedev
vadim at mbdsys.com
Mon Jul 20 14:09:50 UTC 2015
Hello,
I'am attaching patch for crypto/rand/rnd_lcl.h which configures openssl to
use SHA256 as hash function for PRNG....
This is a requirement form french "Agence nationale de securité de services
d'informtion" (ANSSI. I hope it will be accepted.
=============================================================
--- /home/vadim/Downloads/openssl-1.0.1h/crypto/rand/rand_lcl.h 2014-06-05
11:41:30.000000000 +0200
+++ /tmp/new/rand_lcl.h 2015-07-20 16:07:58.513282954 +0200
@@ -115,7 +115,9 @@
#define ENTROPY_NEEDED 32 /* require 256 bits = 32 bytes of randomness */
-#if !defined(USE_MD5_RAND) && !defined(USE_SHA1_RAND) &&
!defined(USE_MDC2_RAND) && !defined(USE_MD2_RAND)
+#if !defined(USE_MD5_RAND) && !defined(USE_SHA1_RAND) &&
!defined(USE_MDC2_RAND) && !defined(USE_MD2_RAND) &&
!defined(USE_SHA256_RAND)
+#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA256)
+#define USE_SHA256_RAND
#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1)
#define USE_SHA1_RAND
#elif !defined(OPENSSL_NO_MD5)
@@ -142,6 +144,11 @@
#define MD_DIGEST_LENGTH SHA_DIGEST_LENGTH
#define MD_Init(a) EVP_DigestInit_ex(a,EVP_sha1(), NULL)
#define MD(a,b,c) EVP_Digest(a,b,c,NULL,EVP_sha1(),
NULL)
+#elif defined(USE_SHA256_RAND)
+#include <openssl/sha.h>
+#define MD_DIGEST_LENGTH SHA256_DIGEST_LENGTH
+#define MD_Init(a) EVP_DigestInit_ex(a,EVP_sha256(), NULL)
+#define MD(a,b,c) EVP_Digest(a,b,c,NULL,EVP_sha256(), NULL)
#elif defined(USE_MDC2_RAND)
#include <openssl/mdc2.h>
#define MD_DIGEST_LENGTH MDC2_DIGEST_LENGTH
More information about the openssl-dev
mailing list