openvpn3

mirror of https://github.com/OpenVPN/openvpn3.git synced 2024-09-20 04:02:15 +02:00

History

Heiko Hund 47795ea2d5 remove 'prng' argument from SSLLib::RandomAPI ctor It was only supported by mbedTLS and is very easily used wrong since it is just a boolean value. Other TLS stacks were using the regular strength PRNG no matter what. Also we should not weaken a crypto strength PRNG, now that we have the StrongRandomAPI type in place. It might give the wrong sense of strength, when in reality we might reseed a hundred times less often. In places where prng was passed as true before, use MTRand now instead. Signed-off-by: Heiko Hund <heiko@openvpn.net>	2023-11-22 04:49:31 +01:00
..
rand.hpp	remove 'prng' argument from SSLLib::RandomAPI ctor	2023-11-22 04:49:31 +01:00

Heiko Hund 47795ea2d5 remove 'prng' argument from SSLLib::RandomAPI ctor

It was only supported by mbedTLS and is very easily used wrong since it
is just a boolean value. Other TLS stacks were using the regular strength
PRNG no matter what. Also we should not weaken a crypto strength PRNG,
now that we have the StrongRandomAPI type in place. It might give the
wrong sense of strength, when in reality we might reseed a hundred times
less often.

In places where prng was passed as true before, use MTRand now instead.

Signed-off-by: Heiko Hund <heiko@openvpn.net>

2023-11-22 04:49:31 +01:00

rand.hpp

remove 'prng' argument from SSLLib::RandomAPI ctor

2023-11-22 04:49:31 +01:00