OpenSSL 3.0 - providing entropy to EVP_RAND ?

Dr Paul Dale pauli at
Wed Mar 24 06:25:00 UTC 2021

RAND_add() forces a reseed to the DRBGs and uses the passed material 
(not as entropy but as additional input).

EVP_RAND_reseed() is a more direct interface but remember that the built 
in DRBGs are free to ignore what the user claims is /entropy/. History 
has shown us time and again that /entropy/ is often anything but.

The *best* way to do this, is to create a provider which acts as a seed 
source and to then use this as the parent of the primary DRBG.  See, for 
example, test/testutil/fakerandom.c for how to do this.  The key is to 
set up the seed source before the RNG subsystem is first used.

If you simply want to replace the built-in DRBGs with a real random 
source, create a provider and set the appropriate environment/config 


On 24/3/21 4:14 pm, Bala Duvvuri via openssl-users wrote:
> Hi All,
> In OpenSSL 1.1.1 version, we were using RAND_DRBG for random number generation.
> Using "RAND_DRBG_set_callbacks", we were able to call into our custom API for entropy and nonce generation.
> How can this be achieved with EVP_RAND implementation i.e. does it allow entropy to be provided?
> Thanks
> Bala

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the openssl-users mailing list