Questions about key generation and RNG
Werner Koch
wk at gnupg.org
Wed Aug 11 20:03:03 CEST 2010
On Wed, 11 Aug 2010 16:46, calestyo at scientia.net said:
> It seems that during key generation both happens, and at least once it is
> called with level=0.
>
> Why? And does this have any negative security impact?
GCRY_WEAK_RANDOM = 0,
GCRY_STRONG_RANDOM = 1,
GCRY_VERY_STRONG_RANDOM = 2
Nowadays GCRY_WEAK_RANDOM is an alias for GCRY_STRONG_RANDOM because it
is better to explictily use gcry_create_nonce if you need "weak" random
numbers.
In any case GCRY_WEAK_RANDOM is used during key generation to create
test vectors for the self-test; there are no security problems with
that.
Shalom-Salam,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
More information about the Gnupg-devel
mailing list