[openssl-dev] Work on a new RNG for OpenSSL

Steffen Nurpmeso steffen at sdaoden.eu
Sat Aug 19 14:31:07 UTC 2017


"Salz, Rich via openssl-dev" <openssl-dev at openssl.org> wrote:
 |➢ But I’d like the development team to comment on (and ideally – accept) \
 |my request to add RAND_add() method to the RNG that is used in generation \
 |of private keys.
 |
 |Well, I’ve been thinking about this for a bit, since you first raised \
 |it.  I am still not sure of the need.  And as the blog post says, we’re \
 |not convinced that the current DRBG arrangement is something that will \
 |never change.  But I think a new API, RAND_add_ex that took a flag \
 |that had values like RAND_ADD_GLOBAL, RAND_ADD_LOCAL, RAND_ADD_PRIVATE, \
 |RAND_LOCAL_PRIVATE indicating which to seed.     Thoughts?

Is this new RNG object available to user programs, or do they need
to reinvent the wheel even though they definitely link against the
OpenSSL library?

--steffen
|
|Der Kragenbaer,                The moon bear,
|der holt sich munter           he cheerfully and one by one
|einen nach dem anderen runter  wa.ks himself off
|(By Robert Gernhardt)


More information about the openssl-dev mailing list