[openssl-users] Custom Random number generation while in Fips mode
pratyush parimal
pratyush.parimal at gmail.com
Thu Jul 28 00:18:21 UTC 2016
Hi all,
I work on a consumer application which is striving to be fips-140-2
compliant.
I'm using OpenSSL as recommended in the fips guide by invoking
fips_mode_set(). However, in certain parts of the same application, I'm
using my own non-OpenSSL random number generator to generate salts for
hashing passwords for the app user accounts(I'm not using RAND_bytes).
Does anyone know if using my custom random number generator in this way
violates the app's fips compliance? Am I really supposed to be using
RAND_bytes for compliance reasons?
Thanks in advance!
Pratyush.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20160727/431a350e/attachment.html>
More information about the openssl-users
mailing list