Offhand, I'd say it's a perfect solution. It allows me to mix in additional randomness when I want to the RNG that I think may need it. Exactly what I need.
Thanks! P.S. I wonder if it's feasible to have a configuration parameter that would allow me to tell the TLS code to invoke RAND_add_ex() before generating session keys? Regards, Uri Sent from my iPhone > On Aug 18, 2017, at 19:42, Salz, Rich via openssl-dev > <openssl-dev@openssl.org> wrote: > > ➢ But I’d like the development team to comment on (and ideally – accept) my > request to add RAND_add() method to the RNG that is used in generation of > private keys. > > Well, I’ve been thinking about this for a bit, since you first raised it. I > am still not sure of the need. And as the blog post says, we’re not > convinced that the current DRBG arrangement is something that will never > change. But I think a new API, RAND_add_ex that took a flag that had values > like RAND_ADD_GLOBAL, RAND_ADD_LOCAL, RAND_ADD_PRIVATE, RAND_LOCAL_PRIVATE > indicating which to seed. Thoughts? > > -- > openssl-dev mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
smime.p7s
Description: S/MIME cryptographic signature
-- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
