Remove All Software Generators
cauldwell.thomas at gmail.com
Wed Oct 30 15:55:23 UTC 2019
Dmitry Belyavsky <beldmit at gmail.com> wrote
news:CADqLbz+JCTu_yQiW9w-fyO0O56MquA2NRi6HELR6pggxQdHHWA at mail.gmail.com:
> On Wed, Oct 30, 2019 at 6:39 PM Frederick Gotham
> <cauldwell.thomas at gmail.com> wrote:
>> Dmitry Belyavsky <beldmit at gmail.com>
>> >> You still have the OpenSSL built-in RNG.
>> Is there a simple compiler flag to remove this?
>> Or do I need to go into the source code and stick a "return -1;"
>> No. Openssl will not work if you do not provide a valid RAND_METHOD
> a very minimal set of operations.
So I have to go into the source code and do the following?
int RAND_bytes(unsigned char *buf, int num)
I can either make this function fail (e.g. call 'abort'), or I can always
make it return 0.
What do you think?
More information about the openssl-users