[openssl-users] conversion of RAND_bytes to rand in fips apporved way
sudarshan12s at gmail.com
Thu Jul 26 18:00:01 UTC 2018
Thanks very much for valuable suggestions.
Few applciations like RADIUS/TACACS+/snmp protocol (IV generation for AES)
are using rand functions. As they are related to security, i am changing the
rand function used by them.
>>>> and as long as the 15 least-significant bits of the output of
>>>> RAND_bytes are unbiased
the above input might cause FIPS compliance issues as RAND_bytes doesnt
guarantee the biasing after we truncate one bit. I shall check this once.
Sent from: http://openssl.6102.n7.nabble.com/OpenSSL-User-f3.html
More information about the openssl-users