[openssl-dev] [openssl.org #4227] openssl rand 10000000000 does not produce 10000000000 random bytes

Ole Tange via RT rt at openssl.org
Wed Jan 13 00:27:22 UTC 2016


On Tue, Jan 12, 2016 at 6:06 PM, Salz, Rich via RT <rt at openssl.org> wrote:
>> May I suggest the bug also becomes a wish for support for > 2GB numbers,
>> as that is what the user originally wanted?
>
> Unlikely to happen in 1.1 because of portability issues.
> Call it multiple times or, better, write a small program to generate a PRNG stream.

Great. But the normal user does not know this. Why not just use
`openssl rand` as the wrapper that does the above? No need to change
the interface for the functions - simply put the wrapper in `openssl
rand` with a counter and then generate 2 GB at a time (like now) until
enough has been generated.

In other words: Why not change `openssl rand` to run what you would
recommend people run anyway?


/Ole




More information about the openssl-dev mailing list