RAND, FIPS and providers

Dr Paul Dale paul.dale at oracle.com
Tue Sep 24 00:17:47 UTC 2019

This started in #9954, the topic of RAND being used by the legacy provider came up (in the context of DES).  The abridged version is:

* @levitte suggested the possibility of making RAND detachable.
* I noted that this was desirable and in fact necessary for FIPS.
* @mattcaswell added that the DRBGs and seeding is available inside the FIPS provider.

That the FIPS provider includes a copy of the relevant RAND files, means it can satisfy internal requests for random numbers.
However, external entities (TLS stack, user applications) won’t git FIPS approved random numbers.

I can’t see currently an alternative to making the RAND functionality fetchable.  I also suspect it will need to be per library context which might interfere with the per thread DRBGs we’re using.

As for what to fetch: the DRBG instances and the seed material source would be ideal, although we don’t need the seed source for FIPS (so long as the DRBGs seed from inside their own provider).

Thoughts or input anyone?

Dr Paul Dale | Distinguished Architect | Cryptographic Foundations 
Phone +61 7 3031 7217
Oracle Australia

More information about the openssl-project mailing list