VOTE Apply PR#9084 reverting DEVRANDOM_WAIT
Viktor Dukhovni
openssl-users at dukhovni.org
Fri Jun 7 17:28:30 UTC 2019
On Fri, Jun 07, 2019 at 11:09:45AM +0200, Matthias St. Pierre wrote:
> See the discussion on openssl-users:
>
> https://mta.openssl.org/pipermail/openssl-users/2019-May/010585.html
> https://mta.openssl.org/pipermail/openssl-users/2019-May/010593.html
> https://mta.openssl.org/pipermail/openssl-users/2019-May/010595.html
>
> If desired, I can provide an alternative (competing) pull request which
> makes the DEVRANDOM_WAIT feature configurable in a proper and
> reasonable way. The default will be whatever the OMC decides.
I think that having the RNG behaviour capriciously different on
different systems based on the whims of whoever built the library
for that system is not a good idea. OpenSSL should provide an RNG
that does not block "unexpectedly", indefinitely, and unpredictably.
Where "unexpectedly", means except possibly early at boot time, but
ideally waiting for boot-time entropoy is something that systemd
and the like take care of, and application start scripts can just
register a dependency on some sort of "entropy" service, whose
successful initialization is sufficient to ensure adequately secure
non-blocking seeding of applications via one of getentropy(),
getrandom(), /dev/urandom...
That is, I'd expect most of the work for ensuring adequate entropy
to happen outside libcrypto, except for perhaps enabling some
additional sources that may be available on various systems.
--
Viktor.
More information about the openssl-project
mailing list