RAND_Bytes() failed with RAND_R_ERROR_INSTANTIATING_DRBG

rsbecker at nexbridge.com rsbecker at nexbridge.com
Thu Apr 20 02:07:13 UTC 2023


I'm wondering whether this might be related to #20394. We are still trying to track this down. One hypothesis is that we are picking up an older libcrypto.so.

>-----Original Message-----
>From: openssl-users <openssl-users-bounces at openssl.org> On Behalf Of Dr Paul Dale
>Sent: Wednesday, April 19, 2023 9:33 PM
>To: openssl-users at openssl.org
>Subject: Re: RAND_Bytes() failed with RAND_R_ERROR_INSTANTIATING_DRBG
>
>My guess would be /dev/random is waiting to be seeded.  3.0 waits for the operating
>system to have decent entropy.  1.1.1 will run without (which is rather bad).
>
>You might be able to run one of the entropy gathering daemons.  CPU Jitter is my
>usual recommendation but there are others.
>
>
>Paul Dale
>
>
>On 18/4/23 05:11, Manish Patel via openssl-users wrote:
>> Hi,
>>
>>    I am trying to upgrade openssl-1.1.1c with openssl-3.0.8.
>> We have an existing code that calls RAND_Bytes() which
>> now fails with above error code: [error:1200006C:lib(36)::reason(108)]
>>
>> Tracing
>> RAND_bytes_ex()
>> seed_src_generate()
>> ossl_pool_acquire_entropy() <- this returns no entropy.
>>
>> The pool->len is always zero.
>> I do not see ossl_rand_pool_add() or ossl_rand_pool_add_begin()
>> ever called.
>>
>> What am I missing? Looks like the random code in openssl has changed
>> significantly but can not figure out what do I need to do for the
>> entropy pool
>> to kick start.
>>
>> Any help is appreciated.
>>
>> Thank you
>> Manish.
>>
>>
>>



More information about the openssl-users mailing list