mercredi 27 septembre 2023

Disable automatic re-seeding in OpenSSL random generation

I am using OpenSSL C++ random generation, more specifically the RAND_priv_bytes() function.

My goal is to make sure the random generator used in RAND_priv_bytes() is seeded by my custom function, and that re-seeding also happens at a regular interval, specified by me, still using my seed function. It is also fine if my seed is just used to add entropy to the internally generated seed, and it is also fine if the first time the random generator is seeded by OpenSSL.

My problem is that OpenSSL, as far as I understand, is automatically re-seeding all random generators, which is not acceptable since I need to be in control of what seed is provided.

So, I tried the following:

  • I am using RAND_seed() with a 64 bytes seed to achieve that. Is that correct? I learn that after a certain time interval or random generations, the random generator is automatically re-seeded so I will not be in control of what seed is being generated. Is that true?
  • To overcome this issue of automatic reseeding, I tried to build OpenSSL with "--with-rand-seed=none", and I provide a 64 bytes initial seed using RAND_seed(), and the initial seed is coming from the standard C, rand() function. Unfortunatelly, RAND_status() returns 0 after seeding, so OpenSSL is no longer usable. And RAND_poll() doesn't return 1, suggesting it fails, but that should be expected with no seed. Maybe rand() has not enough entropy as initial seed? Is there any other quick solution to provide an initial valid seed?
  • Ideally, I would let OpenSSL generate the first seed and disable automatic re-seeding after that. Is that possible? I found some functions to specify the re-seeding interval but these are in <openssl/rand_drbg.h>, and I can't find this file in my build.
  • On a different topic, I read that RAND_priv_bytes() generates a new random generator instance per thread, does it affect re-seeding in some way?

In short, I need to ensure that each time the private random generator is re-seeded, my seed generation is taken into account (the first seeding may come from OpenSSL).

Thanks in advance.




Aucun commentaire:

Enregistrer un commentaire