why does RAND_add() take "randomness" as a "double"?

Ken Goldman kgoldman at us.ibm.com
Tue May 21 14:42:09 UTC 2019

On 5/21/2019 10:15 AM, Laszlo Ersek wrote:
> Can someone please explain what is gained by using a floating point type
> here?
> Is it really a relevant use case that entropy is fed from an external
> source to OpenSSL such that truncating the amount to a whole number of
> bits would cause significant lossage? (Admittedly, it could be relevant
> if the individual randomness bit counts were in the (0, 1) interval,
> both boundaries exclusive.)
> Using floating point for randomness representation is a problem for
> environments that prefer to avoid floating point altogether, such as
> edk2 ("UEFI") firmware

I agree, and I reported this back in 2016.  We also have an environment 
that does not have floating point.

More information about the openssl-users mailing list