OpenSSL 3.0 - providing entropy to EVP_RAND ?
Dr Paul Dale
pauli at openssl.org
Wed Mar 24 06:25:00 UTC 2021
RAND_add() forces a reseed to the DRBGs and uses the passed material
(not as entropy but as additional input).
EVP_RAND_reseed() is a more direct interface but remember that the built
in DRBGs are free to ignore what the user claims is /entropy/. History
has shown us time and again that /entropy/ is often anything but.
The *best* way to do this, is to create a provider which acts as a seed
source and to then use this as the parent of the primary DRBG. See, for
example, test/testutil/fakerandom.c for how to do this. The key is to
set up the seed source before the RNG subsystem is first used.
If you simply want to replace the built-in DRBGs with a real random
source, create a provider and set the appropriate environment/config
variables.
Pauli
On 24/3/21 4:14 pm, Bala Duvvuri via openssl-users wrote:
> Hi All,
>
> In OpenSSL 1.1.1 version, we were using RAND_DRBG for random number generation.
>
> Using "RAND_DRBG_set_callbacks", we were able to call into our custom API for entropy and nonce generation.
>
> How can this be achieved with EVP_RAND implementation i.e. does it allow entropy to be provided?
>
> Thanks
> Bala
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-users/attachments/20210324/d3734291/attachment.html>
More information about the openssl-users
mailing list