On 23.05.2018 20:39, Michael Wojcik wrote:
From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf
Of redpath
Sent: Wednesday, May 23, 2018 13:08
To: openssl-users@openssl.org
Subject: Re: [openssl-users] PEM_write_bio_RSAPrivateKey assure
Randomness of PK
SO if I add this RAND usage below, em I seeding to assure a different RSA key
pair each time run of creating a RSA pair.
You'll get a *different* key pair (with high probability) each time, provided
you wait at least a second between generating keys. That is, if you get
anything at all; you may not, if there isn't enough entropy in the pool.
You'll also get completely pointless keys, because the wall-clock time contains
little entropy.
As Viktor wrote: DO NOT DO THIS. If you don't understand why, stop trying to
use cryptography until you've learned enough about the subject to be a bit less
dangerous.
... if this is code going in the general direction of "production
deployment", then get a crypto-person on board, or at least get them to
review and sign off the code. Otherwise this *will* end in a debacle.
-Marian
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users