> -Ursprüngliche Nachricht-
> Von: openssl-users Im Auftrag von Paul
> Dale
> Gesendet: Freitag, 5. Oktober 2018 01:33
> An: openssl-users@openssl.org
> Betreff: Re: [openssl-users] Seeding before RSA key generation
>
> Not mentioned thus far is that if you a
mann [mailto:andres.traumann...@gmail.com]
Sent: Friday, 5 October 2018 3:54 AM
To: openssl-users@openssl.org
Subject: Re: [openssl-users] Seeding before RSA key generation
Thank you for your help.
Andres
On 10/4/18 6:47 PM, Matt Caswell wrote:
>
> On 04/10/18 16:14, Salz, Rich via openssl-u
Thank you for your help.
Andres
On 10/4/18 6:47 PM, Matt Caswell wrote:
On 04/10/18 16:14, Salz, Rich via openssl-users wrote:
Which version of OpenSSL are you using?
1.0.2 and 1.1.0 have a bad random number generator and must be explicitly
seeded.
This is not correct. The RNG in 1.0.2 and
>This is not correct.
Thanks for the corrections, Matt.
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
We disagree, and as I wrote the latest RNG code and docs, I'm biased (sic).
I'll leave on that weak pun.
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
On 04/10/2018 17:38, Salz, Rich wrote:
What's supposedly bad about the 1.0.x/1.1.0 OpenSSL RNG other
than not being an NSA/NIST design?
Poor locking; been known to crash.
Simple bug, not a reason to change the algorithm.
Does not reseed.
But can be reseeded if so desired, sub
On 04/10/18 16:14, Salz, Rich via openssl-users wrote:
> Which version of OpenSSL are you using?
>
> 1.0.2 and 1.1.0 have a bad random number generator and must be explicitly
> seeded.
This is not correct. The RNG in 1.0.2 and 1.1.0 automatically seeds.
There is no need to explicitly seed it.
>What's supposedly bad about the 1.0.x/1.1.0 OpenSSL RNG other
than not being an NSA/NIST design?
Poor locking; been known to crash.
Does not reseed.
Global across the process, rather than isolated for private-key generation or
per-connection.
Mixes in getpid and time to get "better"
On 04/10/2018 17:14, Salz, Rich via openssl-users wrote:
Which version of OpenSSL are you using?
1.0.2 and 1.1.0 have a bad random number generator and must be explicitly
seeded. 1.1.1 has a good random number generator and auto-seeds.
What's supposedly bad about the 1.0.x/1.1.0 OpenSSL RNG
Which version of OpenSSL are you using?
1.0.2 and 1.1.0 have a bad random number generator and must be explicitly
seeded. 1.1.1 has a good random number generator and auto-seeds.
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Hello,
In the documentation it is written: "The pseudo-random number generator
must be seeded prior to calling RSA_generate_key_ex()".
After reading the documentation in
https://wiki.openssl.org/index.php/Random_Numbers and investigating the
source code, it seems that the seeding is in fact
11 matches
Mail list logo
