[openssl-users] conversion of RAND_bytes to rand in fips apporved way

pavan sudarshan12s at gmail.com
Thu Jul 26 18:00:01 UTC 2018

Thanks very much for valuable suggestions. 

Few applciations like RADIUS/TACACS+/snmp protocol (IV generation for AES)
are using rand functions. As they are related to security, i am changing the
rand function used by them. 

>>>> and as long as the 15 least-significant bits of the output of
>>>> RAND_bytes are unbiased

the above input might cause FIPS compliance issues as RAND_bytes doesnt
guarantee the biasing after we truncate one bit.  I shall check this once. 


Sent from: http://openssl.6102.n7.nabble.com/OpenSSL-User-f3.html

More information about the openssl-users mailing list