This is merely a historical archive of years 2008-2021, before the migration to mailman3.
A maintained and still updated list archive can be found at https://lists.osmocom.org/hyperkitty/list/OpenBSC@lists.osmocom.org/.
Holger Freyther holger at freyther.de> On 19 Feb 2016, at 20:54, Ruben Undheim <ruben.undheim at gmail.com> wrote: > >> 1.) You link against libgnutls-openssl-dev which provides a wrapper for RAND_bytes. >> >> 2.) We move to GNUtls (or gcrypt?) to call the function that RAND_bytes is wrapped around (after reading the documentation) >> >> 3.) We use GNU nettle and their yarrow-256 implementation (assuming that is a smart move)? > > Thanks. > I did #1. Here's the patch: > I explored 2nd and gnutls calls gcrypt so I looked at gcry_randomize[1]. In comparison to the OpenSSL RNAD_bytes documentation I feel a lot is missing. RAND_bytes will fail if the RNG is not seeded, I don't see anything like this in gcry_randomize documentation. Do I really need to call gcry_check_version or is it okay to not call it? I will not do this weekend, but please ping me if there is not progress in the weeks to come. I think we roughly need to do: * Call gcry_check_version in the main routine of apps using it * Switch to use gcry_randomize holger [1] https://gnupg.org/documentation/manuals/gcrypt/Retrieving-random-numbers.html#Retrieving-random-numbers [2] https://www.openssl.org/docs/manmaster/crypto/RAND_bytes.html