Buy commercial curl support from WolfSSL. We help you work
out your issues, debug your libcurl applications, use the API, port to new
platforms, add new features and more. With a team lead by the curl founder
himself.
Re: [Question] Forcing libcurl to use hardware randomization
- Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]
From: Daniel Stenberg via curl-library <curl-library_at_lists.haxx.se>
Date: Sun, 5 Mar 2023 22:20:34 +0100 (CET)
On Sun, 5 Mar 2023, Randall via curl-library wrote:
> I have a curl built with OpenSSL. The built of OpenSSL uses hardware
> randomization on the platform using _rdrand64(). When I use libcurl,
> typically through git, I end up with an open to PRNGD, which is not
> desirable. I'm wondering whether there is a configuration setting that I am
> missing from curl to force this, or whether I should contribute code to
> access the x86 hardware randomizer directly. There is no /dev/urandom or
> /dev/random on this platform, aside from it being POSIX compliant. Curl is
> configured as follows:
When built to use OpenSSL, curl will call OpenSSL's RAND_bytes() function for
random. If you can make that use your hardware or not is probably a question
for OpenSSL. I don't know.
Date: Sun, 5 Mar 2023 22:20:34 +0100 (CET)
On Sun, 5 Mar 2023, Randall via curl-library wrote:
> I have a curl built with OpenSSL. The built of OpenSSL uses hardware
> randomization on the platform using _rdrand64(). When I use libcurl,
> typically through git, I end up with an open to PRNGD, which is not
> desirable. I'm wondering whether there is a configuration setting that I am
> missing from curl to force this, or whether I should contribute code to
> access the x86 hardware randomizer directly. There is no /dev/urandom or
> /dev/random on this platform, aside from it being POSIX compliant. Curl is
> configured as follows:
When built to use OpenSSL, curl will call OpenSSL's RAND_bytes() function for
random. If you can make that use your hardware or not is probably a question
for OpenSSL. I don't know.
-- / daniel.haxx.se | Commercial curl support up to 24x7 is available! | Private help, bug fixes, support, ports, new features | https://curl.se/support.html -- Unsubscribe: https://lists.haxx.se/mailman/listinfo/curl-library Etiquette: https://curl.se/mail/etiquette.htmlReceived on 2023-03-05