On Fri, Jun 07, 2019 at 01:28:30PM -0400, Viktor Dukhovni wrote: > > I think that having the RNG behaviour capriciously different on > different systems based on the whims of whoever built the library > for that system is not a good idea. OpenSSL should provide an RNG > that does not block "unexpectedly", indefinitely, and unpredictably. > > Where "unexpectedly", means except possibly early at boot time, but > ideally waiting for boot-time entropoy is something that systemd > and the like take care of, and application start scripts can just > register a dependency on some sort of "entropy" service, whose > successful initialization is sufficient to ensure adequately secure > non-blocking seeding of applications via one of getentropy(), > getrandom(), /dev/urandom... > > That is, I'd expect most of the work for ensuring adequate entropy > to happen outside libcrypto, except for perhaps enabling some > additional sources that may be available on various systems.
It seems unlikely that anything related to this will ever change, but we can always ask. The reason I think nothing will change is that the problem is already solved, use getentropy()/getrandom(). The init system would need to create this kind of service, and then all software not using getentropy()/getrandom() would need to depend on that service. It would be eaier to just switch that software to use getentropy()/getrandom(). Changing the init system, means that this will only work for new versions of an OS. But on those new versions we already use getentropy()/getrandom(). What we want to support is people that use an old OS, but run a new version of OpenSSL on it. That is, people that do not use the OS provided OpenSSL version. Kurt
