Reputation: 41
RSA and Perl - how randomness is achieved?
The documentation of Crypt::OpenSSL::RSA seems to be vague regarding how randomness is achieved. For example, is it mandatory to call
Crypt::OpenSSL::RSA->import_random_seed();
before every call to
Crypt::OpenSSL::RSA->generate_key
or maybe calling import_random_seed once is enough even with multiple subsequent calls to generate_key?
And what about Crypt::OpenSSL::Random::random_seed($good_entropy)? It's said to be not necessary if there is /dev/random, but what if it's Windows?
I'm looking for advice by people that have experience using it.
Upvotes: 4
Views: 116
Answers (1)
Reputation: 54333
There is some information in one of the test files that come with Crypt::OpenSSL::RSA.
On platforms without a /dev/random, we need to manually seed. In real life, the following would stink, but for testing purposes, it suffices to seed with any old thing, even if it is not actually random. We'll at least emulate seeding from Crypt::OpenSSL::Random, which is what we would have to do in "real life", since the private data used by the OpenSSL random library apparently does not span across perl XS modules.
So you would have to use that stuff and add more random randomness on Windows devices.
Upvotes: 1
Related Questions
- How to fix a locale setting warning from Perl
- How to generate a random alpha-numeric string
- How to randomize (shuffle) a JavaScript array?
- How do I generate random integers within a specific range in Java?
- Random string generation with upper case letters and digits
- Generate random integers between 0 and 9
- Calculate RSA key fingerprint
- How can I randomly select (choose) an item from a list (get a random element)?
- How do I generate a random integer in C#?
- Understanding "randomness"