subject:"\[openssl\-users\] force to use \/dev\/random for openssl fips module"

Re: [openssl-users] force to use /dev/random for openssl fips module

2015-12-10 Thread Ethan Rahn

xxiao, have you changed the code to also increase the timeout and not try to use other devices to get entropy? If /dev/random is blocking at the time, it may run into issues trying to look for other sources of entropy than giving up. On Tue, Dec 8, 2015 at 8:25 PM, xxiao8

[openssl-users] force to use /dev/random for openssl fips module

2015-12-08 Thread xxiao8

I don't know how critical is the DEVRANDOM for openssl-fips, in e_os.h I saw this: #define DEVRANDOM "/dev/urandom","/dev/random","/dev/srandom" we have a hardware RNG that is feeding /dev/random via: /sbin/rngd -r /dev/hwrng -W 4000 so the /dev/random will never block, I