[openssl-project] FW: [openssl/openssl] VMS: lower the entropy demand for this platform specifically (#5904)

Salz, Rich rsalz at akamai.com
Sat Apr 7 17:55:14 UTC 2018

    > Because
    > 	- It is not clear we need to do so
>    That we need to do what?

Do FIPS compliant random numbers in this release.

    > 	- We are not required to do FIPS level DRBG/CSPRNG this release
 >   It's not because we don't have a requirement that it can be
    validated, that we should only implement it half. There are
    reasons for those requirements, and they are valid even if you
    don't validate it.
Everything is a trade-off.  Please explain why you want AES256-CTR with a nonce, and why AES128-CTR with personalization (and/or a DF) is not sufficient.

> But I think there is at least
    enough code in there that you can write something so that the DRBG
    can be validated.
But that wasn't a goal.  It *is* a goal of our next release.
    > 	- It is probably not appropriate in an API/ABI compatible release
    > 	- It is not appropriate for a "silent change"
    I'm not sure what you're talking about with the last 2 items. What
    changes are you talking about?

The fact that 384 bits of seed are needed, when before it was 128.

>    getrandom() when available avoids this a little. But glibc in
    Debian stable is only at glibc 2.24 while 2.25 is needed. I think
    we should consider having support for the syscall ourself. We
    should probably also add support for such functions on *BSD.
So this is now a break change for debian stable?  All the more reason to revert it.

In going from 1.1.0 to 1.1.1, breaking platforms that used to work is just plain wrong.

More information about the openssl-project mailing list