Loading...

XML

Word

Printable

JSON

Type: Improvement
Resolution: Unresolved
Priority: Major - P3
Fix Version/s: None
Affects Version/s: None
Component/s: Internal Code, Security
Labels:
None

Assigned Teams:

Server Security
Backwards Compatibility:
Fully Compatible
Confidence Status:
None
Work Order:
3

Aha! Reference:
None
Tracking Level:
None
Risk Status:
None
Exec Notes:
None
Goal Name:
None
Goal Link:
None

Work on ~~SERVER-20919~~ suggested some improvements that could improve our random number generation infrastructure across the codebase.

The following points are some suggested improvements:
1) We should have a way to access OpenSSL's CSPRNG
2) We should have a way to obtain arbitrary byte arrays full of random values
3) We should have a templated method to produce random numbers of requested types

is related to

SERVER-9058 Use FIPS-140-2 Approved Pseudorandom Number Generator for SecureRandom

Backlog

SERVER-20919 Use OpenSSL to generate IVs

Closed

Assignee:: [DO NOT USE] Backlog - Security Team
Reporter:: Spencer Jackson
Participants:: [DO NOT USE] Backlog - Security Team, Spencer Jackson
Votes:: 0 Vote for this issue
Watchers:: 3 Start watching this issue

Created:: Nov 02 2015 06:14:04 PM UTC
Updated:: Dec 06 2022 04:40:45 AM UTC

Details

Description

Attachments

Issue Links

Activity

People

Dates