On Tue, Nov 16, 2021 at 4:01 PM <rsbecker@xxxxxxxxxxxxx> wrote: > > We do link with libcurl and use OpenSSL as a DLL to handle TLS. The underlying random source for the nonstop-* configurations as of OpenSSL 3.0 are PNRG supplied by the vendor (HPE) on ia64 and the hardware rdrand* instructions on x86. I know that part of the OpenSSL code rather intimately. Older versions of OpenSSL exported (AFAIK) a usable version of arc4random_buf() that could have helped here; it seems to still be there in libressl[1] which is mostly API compatible and might be worth looking into IMHO even if as you pointed out will need an implementation similar to what OpenSSL does internally. [1] https://cvsweb.openbsd.org/src/lib/libcrypto/arc4random/
