rand interface while upgrading openssl
Chitrang Srivastava
chitrang.srivastava at gmail.com
Wed Apr 17 10:54:11 UTC 2019
Thanks Michael,
I am using *ssleay_rand_add* function which was present in earlier version
of openssl
https://code.woboq.org/crypto/openssl/crypto/rand/md_rand.c.html#ssleay_rand_add
I don't find this file or function in latest version of openssl.
As I understood recommended way is to use engine method but on embedded
system we compile everything in a single elf binary.
No concept of dynamic shared object or engine , so i defined
OPENSSL_NO_ENGINE to compile engine thing out.
Is there any default random number like md_rand.c in this version of
openssl.
For entropy we will be providing SHA1/SHA2 of a mix of CPU clock and
various other thing(serial #, mac, ) to seed.
-Thanks,
On Wed, Apr 17, 2019 at 1:23 AM Michael Wojcik <
Michael.Wojcik at microfocus.com> wrote:
> > From: openssl-users [mailto:openssl-users-bounces at openssl.org] On
> Behalf Of Chitrang Srivastava
> > Sent: Tuesday, April 16, 2019 08:24
>
> > I need suggestion regarding random number interface , earlier we were
> using RAND_METHOD.
>
> That's a mechanism for telling OpenSSL what mechanism to use for its
> cryptographically-strong pseudorandom number generator (CPRNG).
>
> > Can I still use the same mechanism? Because I see new code rand folder
> contains OS specific
> > implementation of
> >
> > rand_pool_acquire_entropy
> > rand_pool_add_nonce_data
> > rand_pool_add_additional_data
>
> That's part of OpenSSL's mechanism for getting entropy for the CPRNG. The
> CPRNG needs this, but they are not the same thing.
>
> > As I understand , above function also needs to be ported?
>
> I believe you'll need some implementation of them, but I haven't poked
> around this corner of the OpenSSL 1.1 sources.
>
> > Any document to start with porting random number to any platform.
>
> The CPRNG seeding mechanism is cryptographically sensitive, and should not
> be implemented by a non-expert. What does your existing implementation do
> to provide entropy for the OpenSSL CPRNG? If the answer is "nothing" (or
> something that's not adequately opaque to an attacker), then your product
> has seriously flawed security. An attacker who can guess the entropy for
> the CPRNG pool can break your encryption.
>
> It will also be platform-specific (though some mechanisms will exist on
> multiple platforms), so there can't be much guidance on doing it for "any
> platform".
>
> The literature on seeding CPRNGs is fairly extensive. It's often a
> challenge for embedded applications, particularly SOC-based ones which may
> not have much in the way of internal noise sources such as clock skew. Some
> CPUs have entropy sources, such as Intel's RDRAND; if you trust them (and
> in an embedded application you may not have much choice) you can use that.
>
> --
> Michael Wojcik
> Distinguished Engineer, Micro Focus
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20190417/c5b14fa9/attachment.html>
More information about the openssl-users
mailing list