Re: [openssl-project] OpenSSL 3.0 and FIPS Update

Previous Topic Next Topic
classic Classic list List threaded Threaded
21 messages Options
Reply | Threaded
Open this post in threaded view

Re: [openssl-project] OpenSSL 3.0 and FIPS Update

Richard Levitte - VMS Whacker-2
On Sat, 23 Feb 2019 21:47:00 +0100,
Dmitry Belyavsky wrote:

> Dear Richard, 
> On Sat, Feb 23, 2019 at 8:47 AM Richard Levitte <[hidden email]> wrote:
>     Since our RAND API is separate from the EVP API, I'm unsure how we
>     plan on getting custom RAND_methods from providers.
>     Please note that we can add RAND to the list of provider backed APIs,
>     and given a foundation that we're currently building, it may even be
>     quite easy.  However, no one has said explicitly that we would do so.
>     The other option is, of course, to move the RAND API to EVP somehow,
>     but that will probably be more challenging.
> I do not think it is really necessary to move RAND to EVP.
> Current architecture suits our requirements, but if the possibility to overwrite
> the RAND_METHOD is removed, it will cause problems for us.

So it turns out that some of my collegues were assuming that the RAND
API would be provider backed.  I simply hadn't caught on to that...


Richard Levitte         [hidden email]
OpenSSL Project