Restrict RAND to producing 63 random bits
Viktor Dukhovni
openssl-users at dukhovni.org
Thu Jul 20 23:42:49 UTC 2023
On Thu, Jul 20, 2023 at 05:59:17PM -0400, Robert Moskowitz wrote:
> And the advantage of your approach is you can make a serialNumber longer
> than 8 bytes.
No, because the shell doesn't do multi-precision arithmetic. However,
a small tweak does the job. For example, for 20 bytes:
$ printf "%02x%s\n" $(( 0x$(openssl rand -hex 1) & 0x7f )) $(openssl rand -hex 19)
0f8cf177eeab347c825a7ff7dfea6b1f2dd1df8c
--
Viktor.
More information about the openssl-users
mailing list