RAND_Bytes() failed with RAND_R_ERROR_INSTANTIATING_DRBG

Dr Paul Dale pauli at openssl.org
Thu Apr 20 04:27:08 UTC 2023


Might an strace or rld help?
Linking against a symbol that is unknown in the latest but known in 
earlier releases might work (although I'm not aware of such symbols).

Pauli



On 20/4/23 12:07, rsbecker at nexbridge.com wrote:
> I'm wondering whether this might be related to #20394. We are still trying to track this down. One hypothesis is that we are picking up an older libcrypto.so.
>
>> -----Original Message-----
>> From: openssl-users <openssl-users-bounces at openssl.org> On Behalf Of Dr Paul Dale
>> Sent: Wednesday, April 19, 2023 9:33 PM
>> To: openssl-users at openssl.org
>> Subject: Re: RAND_Bytes() failed with RAND_R_ERROR_INSTANTIATING_DRBG
>>
>> My guess would be /dev/random is waiting to be seeded.  3.0 waits for the operating
>> system to have decent entropy.  1.1.1 will run without (which is rather bad).
>>
>> You might be able to run one of the entropy gathering daemons.  CPU Jitter is my
>> usual recommendation but there are others.
>>
>>
>> Paul Dale
>>
>>
>> On 18/4/23 05:11, Manish Patel via openssl-users wrote:
>>> Hi,
>>>
>>>     I am trying to upgrade openssl-1.1.1c with openssl-3.0.8.
>>> We have an existing code that calls RAND_Bytes() which
>>> now fails with above error code: [error:1200006C:lib(36)::reason(108)]
>>>
>>> Tracing
>>> RAND_bytes_ex()
>>> seed_src_generate()
>>> ossl_pool_acquire_entropy() <- this returns no entropy.
>>>
>>> The pool->len is always zero.
>>> I do not see ossl_rand_pool_add() or ossl_rand_pool_add_begin()
>>> ever called.
>>>
>>> What am I missing? Looks like the random code in openssl has changed
>>> significantly but can not figure out what do I need to do for the
>>> entropy pool
>>> to kick start.
>>>
>>> Any help is appreciated.
>>>
>>> Thank you
>>> Manish.
>>>
>>>
>>>



More information about the openssl-users mailing list