The following reply was made to PR bin/188745; it has been noted by GNATS. From: Eitan Adler <[email protected]> To: Kenji Rikitake <[email protected]> Cc: bug-followup <[email protected]> Subject: Re: bin/188745: FreeBSD base OpenSSL puts private keys to RNG seeds Date: Fri, 18 Apr 2014 14:58:17 -0700
On 17 April 2014 20:51, Kenji Rikitake <[email protected]> wrote: >>Environment: > FreeBSD minimax.priv.k2r.org 10.0-STABLE FreeBSD 10.0-STABLE #33 r264285: > Wed Apr 9 09:25:02 JST 2014 > [email protected]:/usr/obj/usr/src/sys/K2RKERNEL amd64 >>Description: > OpenBSD devs report OpenSSL puts RSA private keys as they are for seeding > the PRNG. See > http://freshbsd.org/commit/openbsd/e5136d69ece4682e6167c8f4a8122270236898bf > for the details. > > On 10.0-STABLE, I've found the same practice under > /usr/src/crypto/openssl/crypto at: Please see: http://blog.ngas.ch/archives/2014/04/17/what_is_this_private_key_doing_in_my_random_pool/index.html In particular: "So the patch which was committed by the OpenBSD people actually has the potential to weaken the entropy of the OpenSSL random pool, but it was never a security or privacy concern," -- Eitan Adler _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-bugs To unsubscribe, send any mail to "[email protected]"
