why does RAND_add() take "randomness" as a "double"?
Blumenthal, Uri - 0553 - MITLL
uri at ll.mit.edu
Tue May 21 15:14:36 UTC 2019
On 5/21/19, 10:45 AM, "openssl-users on behalf of Salz, Rich via openssl-users" <openssl-users-bounces at openssl.org on behalf of openssl-users at openssl.org> wrote:
When I overhauled the RAND mechanism, I tried to deprecate this use of floating point,
in favor of just a number from 0 to 100 but was voted down.
If it's a sarcasm, I'm missing the point.
It *is* stupid.
In general, yes, it is.
Luckily, on a modern system with system-provided randomness to seed the RNG, you never need this call.
Respectfully disagree.
There are use cases when one wants to mix/add extra randomness from, e.g., an external source (that, for whatever reasons, is trusted more than what's provided by the system).
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5229 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20190521/dafdaac3/attachment.bin>
More information about the openssl-users
mailing list