On Sun, Apr 08, 2018 at 08:29:18PM +0000, Dr. Matthias St. Pierre wrote: > Just for completeness sake: The entropy requirement is 256 and *not* 384 if a > derivation function is used.
But one way of implementing the nonce when a DF is not used, is to also have 384 bit in that case, which is our current implementation. If someone writes a default get_nonce function it can be reduced to 256. Kurt _______________________________________________ openssl-project mailing list openssl-project@openssl.org https://mta.openssl.org/mailman/listinfo/openssl-project
