[openssl-project] OpenSSL 3.0 and FIPS Update
Richard Levitte
levitte at openssl.org
Mon Feb 25 18:59:55 UTC 2019
On Sat, 23 Feb 2019 21:47:00 +0100,
Dmitry Belyavsky wrote:
>
>
> Dear Richard,
>
> On Sat, Feb 23, 2019 at 8:47 AM Richard Levitte <levitte at openssl.org> wrote:
>
> Since our RAND API is separate from the EVP API, I'm unsure how we
> plan on getting custom RAND_methods from providers.
>
> Please note that we can add RAND to the list of provider backed APIs,
> and given a foundation that we're currently building, it may even be
> quite easy. However, no one has said explicitly that we would do so.
>
> The other option is, of course, to move the RAND API to EVP somehow,
> but that will probably be more challenging.
>
> I do not think it is really necessary to move RAND to EVP.
> Current architecture suits our requirements, but if the possibility to overwrite
> the RAND_METHOD is removed, it will cause problems for us.
So it turns out that some of my collegues were assuming that the RAND
API would be provider backed. I simply hadn't caught on to that...
Cheers,
Richard
--
Richard Levitte levitte at openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
More information about the openssl-users
mailing list