Looking at https://wiki.openssl.org/index.php/Random_Numbers I see the following:
To ensure RAND_bytes <https://wiki.openssl.org/index.php?title=Manual:RAND_bytes(3)&action=edit&redlink=1> uses the hardware engine, you must perform three steps: - load the rdrand engine - acquire a handle to the engine - set the default RAND_method to the engine So it looks like OpenSSL does sw rng by default and then you have to use their engine API to set up support for any hw rng. /HH Den mån 6 mars 2023 kl 23:30 skrev Daniel Stenberg via curl-library < curl-library@lists.haxx.se>: > On Mon, 6 Mar 2023, rsbec...@nexbridge.com wrote: > > > So if OpenSSL RAND_bytes() goes to the HRNG by default, will curl? > > curl calls OpenSSL's RAND_bytes(), yes. > > I don't know how that works or what exact mechanism it will use beyond > what > they document. Their man page does not mention hardware support: > > https://www.openssl.org/docs/man3.0/man3/RAND_bytes.html > > -- > > / daniel.haxx.se > | Commercial curl support up to 24x7 is available! > | Private help, bug fixes, support, ports, new features > | https://curl.se/support.html > -- > Unsubscribe: https://lists.haxx.se/mailman/listinfo/curl-library > Etiquette: https://curl.se/mail/etiquette.html >
-- Unsubscribe: https://lists.haxx.se/mailman/listinfo/curl-library Etiquette: https://curl.se/mail/etiquette.html
