Topic: what type of random number generator WolfSSL uses and how it is seeded

we are using wolfSSL on a QNX 6.6 platform

QNX uses Yarrow Pseudo-random number generator (PRNG)

http://www.qnx.com/developers/docs/660/ … dom%22%20.



what type of random number generator WolfSSL uses and how it is seeded?

Share

Re: what type of random number generator WolfSSL uses and how it is seeded

wolfSSL has two PRNG functions that can be selected at build time: ARC4 using the entropy source (GenerateSeed() function) to provide a key or a SHA-256 Hash_DRBG (described in NIST SP 900-80A) seeded with the entropy source. If you are using "configure" to set up your build, the Hash_DRBG is enabled by default. If you are building through Visual Studio, the ARC4 PRNG is used.

The entropy seed for either PRNG is obtained with the GenerateSeed() function. There are several GenerateSeed() example functions in file random.c, most of which can be used depending on your environment. On Linux or Mac OS X, "/dev/urandom" is read for the seeding. On Windows, the equivalent source is read. Some of the embedded processors have their own built in hardware entropy sources and we call their API. If we don't have an example that suits your needs you have to provide your own GenerateSeed(), and we can help with that.

For QNX you could set the flag "HAVE_HASHDRBG" and use the Linux-style GenerateSeed() reading from /dev/urandom.

I hope this helps.