

OpenSSL feeds your private key to the system PRNG - damncabbage
http://opensslrampage.org/post/83007010531/well-even-if-time-isnt-random-your-rsa-private-key

======
damncabbage
(There was no title for the post; please forgive my editorialising.)

In short, if there's not enough seed data in the system PRNG (or whatever
random subsystem is hooked up), it dumps in your private key in an attempt to
increase entropy.

Removed today: [http://www.openbsd.org/cgi-
bin/cvsweb/src/lib/libssl/src/cry...](http://www.openbsd.org/cgi-
bin/cvsweb/src/lib/libssl/src/crypto/rsa/rsa_crpt.c.diff?r1=1.2;r2=1.3)

