Thanks a lot! :) Tony
Sent from my iPhone > On Sep 24, 2013, at 2:27 PM, "Dr. Stephen Henson" <st...@openssl.org> wrote: > >> On Mon, Sep 23, 2013, yustein wrote: >> >> Hi, >> >> Does OpenSSL use this by default, if not where do a user choose which method >> to use for CSPRNG? > > The default DRBG for OpenSSL is 256 bit AES CTR_DRBG. > > The default can be changed by using the compile time flags: > > -DOPENSSL_DRBG_DEFAULT_TYPE=type > -DOPENSSL_DRBG_DEFAULT_FLAG=flags > > The default DRBG type can also be set at runtime before any other operations > are performed by calling: > > void RAND_set_fips_drbg_type(int type, int flags); > > Where "type" and "flags" have the same values as those indicated in the user > guide (section 6.1.2). > > Future versions of OpenSSL will fail if an attempt is made to use the Dual EC > DRBG. > > Steve. > -- > Dr Stephen N. Henson. OpenSSL project core developer. > Commercial tech support now available see: http://www.openssl.org > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager majord...@openssl.org
smime.p7s
Description: S/MIME cryptographic signature
