why does RAND_add() take "randomness" as a "double"?
kgoldman at us.ibm.com
Wed May 22 14:12:01 UTC 2019
On 5/21/2019 9:48 PM, Paul Dale wrote:
> Double makes sense. Entropy is often estimated as a real value.
Having a human readable calculation using floating point doesn't (to me)
mean that an API argument has to be a double.
From what I see in the code, the parameter 'double entropy' is used
to increment a value that eventually reaches # define ENTROPY_NEEDED 32.
Couldn't the number have been an unsigned long? If more precision was
needed, make the units 1/64k and make ENTROPY_NEEDED 32 * 64k. It's a
bit more work for the caller, but removes the (perhaps only) place
floating point is needed.
More information about the openssl-users