Openssl FIPS uses /dev/urandom by default?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

in e_os.h I saw
======
#ifndef DEVRANDOM

/* set this to a comma-separated list of 'random' device files to try out.

* My default, we will try to read at least one of these files */

#define DEVRANDOM "/dev/urandom","/dev/random","/dev/srandom"

# endif
======
this basically sets /dev/urandom as the default which really is not 
FIPS-friendly, is there a way to override this during compilation to set 
the default to /dev/random instead? I'm not supposed to modify the 
source code as it will invalidate openssl-FIPS certificate.

Thanks,
xxiao
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux