]> git.ipfire.org Git - thirdparty/strongswan.git/commit
projects / thirdparty / strongswan.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 6fc90ce) | patch
openssl: Use separate DRBG for RNG_STRONG and RNG_TRUE with OpenSSL 1.1.1
authorTobias Brunner <tobias@strongswan.org>
Fri, 16 Nov 2018 10:11:27 +0000 (11:11 +0100)
committerTobias Brunner <tobias@strongswan.org>
Fri, 30 Nov 2018 14:35:01 +0000 (15:35 +0100)
commit69756c0bffb6ec905bf2008001669045b13c96ad
tree0d6a6fb8ebee49479f06a0bc4687775f25463ecetree | snapshot
parent6fc90cea74a7321b9463e60aafe68333fe05247ecommit | diff
openssl: Use separate DRBG for RNG_STRONG and RNG_TRUE with OpenSSL 1.1.1

OpenSSL 1.1.1 introduces DRGBs and provides two sources (same security
profile etc. but separate internal state), which allows us to use one for
RNG_WEAK (e.g. for nonces that are directly publicly visible) and the other
for stronger random data like keys.
src/libstrongswan/plugins/openssl/openssl_rng.c diff | blob | blame | history
Unnamed repository; edit this file 'description' to name the repository.