A question has arisen in the OpenSSL development community regarding the relative "entropy" offered by using $GETTIM and $GETTIM_PREC resolutions. This is in the context of the number of bits of resolution offered per tick of particular systems. Use of $GETTIM_PREC adds a dependency to OpenSSL when built on VMS V8.4 which precludes execution on V8.3 and less. If there is no significant gain in "bits per tick" under $GETTIM_PREC then why bother using it.
While it is imagined Alpha boxen are pretty-much passe, and only the very latest Itanium system might support higher tick rates, what is the situation with X86, and in particular hypervisors. Any *real* advantage to $GETTIM_PREC (in an "entropy generation" context)?
While a work-around has been put in place for executing OpenSSL build on V8.4 under earlier versions, it would simplify the code if $GETTIME_PREC could be eliminated completely in favour of $GETTIM and no real loss of precision bits.
$GETTIM and $GETTIM_PREC on modern systems
-
Topic author - Valued Contributor
- Posts: 62
- Joined: Mon Feb 28, 2022 5:16 pm
- Reputation: 0
- Location: Adelaide, South Australia
- Status: Offline
- Contact:
Re: $GETTIM and $GETTIM_PREC on modern systems
But there you go Richard. No (current) effective difference in the result between the two calls and the SP 800-90A section 4 mechanism available. Get coding and eliminate this V8.4 dependency! Thanks for your (plural) interests.
Re: $GETTIM and $GETTIM_PREC on modern systems
Jeez, it's been a bit since I looked at this.
Anyway, I've worked on this item today, and went for using $GETTIM only, but to add a sequence number to be safe (and [ahem] doing it properly )
For anyone who's interested, look at https://github.com/openssl/openssl/pull/18730 (for OpenSSL 1.1.1) and https://github.com/openssl/openssl/pull/18731 (for OpenSSL 3.0 and newer).
Anyway, I've worked on this item today, and went for using $GETTIM only, but to add a sequence number to be safe (and [ahem] doing it properly )
For anyone who's interested, look at https://github.com/openssl/openssl/pull/18730 (for OpenSSL 1.1.1) and https://github.com/openssl/openssl/pull/18731 (for OpenSSL 3.0 and newer).