[openssl-dev] Work on a new RNG for OpenSSL
Salz, Rich
rsalz at akamai.com
Fri Aug 18 23:42:07 UTC 2017
➢ But I’d like the development team to comment on (and ideally – accept) my request to add RAND_add() method to the RNG that is used in generation of private keys.
Well, I’ve been thinking about this for a bit, since you first raised it. I am still not sure of the need. And as the blog post says, we’re not convinced that the current DRBG arrangement is something that will never change. But I think a new API, RAND_add_ex that took a flag that had values like RAND_ADD_GLOBAL, RAND_ADD_LOCAL, RAND_ADD_PRIVATE, RAND_LOCAL_PRIVATE indicating which to seed. Thoughts?
More information about the openssl-dev
mailing list