<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
For setting up a parent for a DRBG, look at
/providers/implementations/rands/test_rng.c which produces seed
material (test_rng_generate) and nonces (test_rng_nonce). The built
in DRBG's don't need the nonce, they will act as per SP800-90Ar1
section 9.1 with a nonce available from their parent.
/providers/implementations/rands/seed_src.c is the OpenSSL seed
source and it doesn't supply nonces.<br>
<br>
For the CAVS tests, look at test/acvp_test.c or test/evp_test.c
which both include code to run NISTs tests.<br>
<br>
<br>
Pauli<br>
<br>
<div class="moz-cite-prefix">On 14/4/21 8:47 pm, Bala Duvvuri wrote:<br>
</div>
<blockquote type="cite"
cite="mid:406505205.1959745.1618397253247@mail.yahoo.com">
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<div> 1> >>The best way to do this, is to create a
provider which acts as a seed source and to then use this as the
parent of the primary DRBG. See, for example,
test/testutil/fakerandom.c for how to do this. The key is to set
up the seed source before the RNG subsystem is first used.<br>
<br>
In our case we provide the entropy and nonce from hardware
sources (as its on embedded platform) as requested by DRBG in
older version.<br>
Now, if we setup a custom provider and use it as parent of the
primary DRBG, its not clear how the entropy and nonce from this
provider will be accessed, which API is invoked for the
entropy/nonce consumption (any specific callbacks set)? Can you
please explain the steps or example of the usage?<br>
<br>
2> Also, we need set DRBG for CAVS test (Input: EntropyInput,
Nonce, PersonalizationString, AdditionalInput, EntropyInputPR,
AdditionalInput, EntropyInputPR), with OpenSSL 1.1.1, the below
steps were done:<br>
<br>
RAND_DRBG_new(NID_aes_256_ctr, RAND_DRBG_FLAGS, NULL);<br>
RAND_DRBG_set_callbacks // This will setup to return the
provided entropy and nonce inputs<br>
RAND_DRBG_instantiate // Pass personalization string.<br>
RAND_DRBG_generate<br>
<br>
Can you kindly let me know the equivalent steps with OpenSSL
3.0?<br>
<br>
<br>
Thank you for your help in this.<br>
<br>
Thanks<br>
Bala<br>
<br>
</div>
<div class="yahoo_quoted" style="margin:10px 0px 0px
0.8ex;border-left:1px solid #ccc;padding-left:1ex;">
<div style="font-family:'Helvetica Neue', Helvetica, Arial,
sans-serif;font-size:13px;color:#26282a;">
<div> On Wednesday, 24 March, 2021, 11:56:18 am IST, Dr Paul
Dale <a class="moz-txt-link-rfc2396E" href="mailto:pauli@openssl.org"><pauli@openssl.org></a> wrote: </div>
<div><br>
</div>
<div><br>
</div>
<div>
<div id="yiv0391599231">
<div> RAND_add() forces a reseed to the DRBGs and uses the
passed material (not as entropy but as additional
input).<br clear="none">
<br clear="none">
EVP_RAND_reseed() is a more direct interface but
remember that the built in DRBGs are free to ignore what
the user claims is <i>entropy</i>. History has shown
us time and again that <i>entropy</i> is often anything
but.<br clear="none">
<br clear="none">
The <b>best</b> way to do this, is to create a provider
which acts as a seed source and to then use this as the
parent of the primary DRBG. See, for example, <font
face="monospace">test/testutil/fakerandom.c</font> for
how to do this. The key is to set up the seed source
before the <font face="monospace">RNG</font> subsystem
is first used.<br clear="none">
<br clear="none">
If you simply want to replace the built-in DRBGs with a
real random source, create a provider and set the
appropriate environment/config variables.<br
clear="none">
<br clear="none">
<br clear="none">
Pauli<br clear="none">
<br clear="none">
<br clear="none">
<div class="yiv0391599231yqt3838012062"
id="yiv0391599231yqt31614">
<div class="yiv0391599231moz-cite-prefix">On 24/3/21
4:14 pm, Bala Duvvuri via openssl-users wrote:<br
clear="none">
</div>
<blockquote type="cite">
<pre class="yiv0391599231moz-quote-pre">Hi All,In OpenSSL 1.1.1 version, we were using RAND_DRBG for random number generation.Using "RAND_DRBG_set_callbacks", we were able to call into our custom API for entropy and nonce generation.How can this be achieved with EVP_RAND implementation i.e. does it allow entropy to be provided? ThanksBala</pre>
</blockquote>
</div>
<br clear="none">
</div>
</div>
</div>
</div>
</div>
</blockquote>
<br>
</body>
</html>