[openssl-users] RDRAND and engine (was: how to generate EC public key from EC private key)

Jeffrey Walton noloader at gmail.com
Tue Mar 22 22:54:21 UTC 2016


> Now one small question: how do I ensure that ‎RAND_engine (and therefore Intel RDRAND output) is being used for the key generation in
>    EVP_PKEY_keygen(ctx, &newkey);
>
> Is just loading RAND_engine enough for that?‎
>
To verify it, I think you need to inspect the default RAND method. Its
going to look something like:

  RAND_METHOD* rm = RAND_get_rand_method();
  if(rm == RAND_SSLeay())
  {
      printf("Using default generator\n");
  }

Also see https://wiki.openssl.org/index.php/Random_Numbers#Generators.
RDRAND is discussed there, too. But I don't recall how much detail is
provided.

Jeff


More information about the openssl-users mailing list