subject:"RNG in SSL handshake"

RNG in SSL handshake

2010-05-19 Thread Paul Ohmart

Can anyone tell me what RNG is used in the SSL handshake in FIPS mode? 
Also what OpenSSL functions are called to get the random number. The 
Security Policy 1.1.1 documentation states that it is X9.31 but I am 
unable to locate where that happens in the source.


I am trying to use OpenSSL to generate random numbers that are X9.31 
compliant.


Thanks,
Paul
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

Re: RNG in SSL handshake

2010-05-19 Thread Dr. Stephen Henson

On Tue, May 18, 2010, Paul Ohmart wrote:

> Can anyone tell me what RNG is used in the SSL handshake in FIPS mode? Also 
> what OpenSSL functions are called to get the random number. The Security 
> Policy 1.1.1 documentation states that it is X9.31 but I am unable to 
> locate where that happens in the source.
>
> I am trying to use OpenSSL to generate random numbers that are X9.31 
> compliant.
>

OpenSSL uses the default PRNG implementation for all operations including
SSL/TLS, though in FIPS mode only TLS is permissible.

When you enter FIPS mode the default PRNG is set to the FIPS PRNG so TLS uses
the FIPS PRNG.

Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

RNG in SSL handshake

Re: RNG in SSL handshake

2 matches

Site Navigation

Mail list logo

Footer information