Remove All Software Generators

Frederick Gotham cauldwell.thomas at
Wed Oct 30 15:55:23 UTC 2019

Dmitry Belyavsky <beldmit at> wrote
news:CADqLbz+JCTu_yQiW9w-fyO0O56MquA2NRi6HELR6pggxQdHHWA at 

> On Wed, Oct 30, 2019 at 6:39 PM Frederick Gotham
> <cauldwell.thomas at> wrote:
>> Dmitry Belyavsky <beldmit at>
>> wrote: 
>> >> You still have the OpenSSL built-in RNG.
>> Is there a simple compiler flag to remove this?
>> Or do I need to go into the source code and stick a "return -1;"
>> somewhere? 
>> No. Openssl will not work if you do not provide a valid RAND_METHOD
>> except 
> a very minimal set of operations.

So I have to go into the source code and do the following?

int RAND_bytes(unsigned char *buf, int num)
    return 1;

I can either make this function fail (e.g. call 'abort'), or I can always 
make it return 0.

What do you think?

More information about the openssl-users mailing list