Richard Levitte
Richard Levitte
> rng-tools already provides entropy via libjitterentropy, and can output to a named pipe. It seems like the same could be accomplished here by starting rngd with only the jitterentropy...
This problem is eerily similar to what #16705 is trying to solve, no? Sure, there it's about key matching, but, the way to think around KEYPAIR is similar.
This function seems to be part of the problem that @mattcaswell reports... as far as I can tell from reading the code, it assumes that it's got *something* and therefore...
I agree with @paulidale, there's should be no problem removing the offending check.
> ugh, thats right, we don't have a way to fetch the context from the loaded config #8764 was about that (and also separating *loading* a configuration from *using* its...
We're frankly not 100% strict with asm, obviously. On the other hand, the asm stuff requires specific compilers, where we *know* it's supported. Therefore, trying à pure C90 build can...
.travis.yml has one configuration where we do a check of a C89 build. Look for `-ansi` to find it, that shows the flags we're using, maybe that helps? Or maybe...
Actually, something *is* off here. Commands like `openssl pkey -in rsakey.pem -outform DER -out rsakey.der1` should output a PrivateKeyInfo (PKCS#8) structure by default (or SubjectPublicKeyInfo with `-pubout`) unless `-traditional` is...
``` console $ openssl genrsa -out rsakey.pem 2048 $ openssl pkey -in rsakey.pem -outform DER -out rsakey.der1 $ openssl asn1parse -inform d -i < rsakey.der1 0:d=0 hl=4 l=1186 cons: SEQUENCE...
> So the question is at what layer should this change? Should the DER output code-path for `openssl-pkey(1)` call an explicit PKCS#8 output function (absent `-traditional`)? Considering how that command...