[openssl-users] Fips CTR_DRBG

Dr. Stephen Henson steve at openssl.org
Fri Feb 27 12:54:46 UTC 2015

On Fri, Feb 27, 2015, Piotr ??obacz wrote:

> I can do mutch more i can give the source code:
> 	  dctx = FIPS_drbg_new(NID_aes_256_ctr, DRBG_FLAG_CTR_USE_DF);

Try including the flag DRBG_FLAG_TEST: the DRBG needs to be in test mode
otherwise the continuous PRNG test discards the first block generated.

Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org

More information about the openssl-users mailing list