Roger, The FIPS_mode_set() call normally calls OpenSSL_init(), which calls RAND_init_fips(), which initializes/instantiates the FIPS DRBG (including seeding with good entropy from call to the default DRBG bytes() method). This all happens if built with OPENSSL_FIPS defined. So check that is defined, and check that FIPS_mode_set() calls OpenSSL_init().
You are right that the rsa/dsa selftests fail if the FIPS DRBG is not seeded, and your solution accomplished that. But I assume you want the DRBG seeded with good entropy from the system/kernel. Kevin On Wed, Oct 8, 2014 at 9:02 AM, Roger No-Spam <[email protected]> wrote: > Hi, > > I'm experimenting with porting openssl-1.0.1/openssl-fips-2.0 to a > proprietary platform. FIPS_mode_set was failing for me, and some > investigation showed that it was the rsa post tests that failed, and that > it was related to RNG initialization. I found that if I added the following > code before my FIPS_mode_set() call, FIPS mode was entered successfully. > > { > DRBG_CTX *ctx; > size_t i; > /*FIPS_set_error_callbacks(put_err_cb, add_err_cb); */ > for (i = 0; i < sizeof(dummy_entropy); i++) > dummy_entropy[i] = i & 0xff; > if (entropy_stick) > memcpy(dummy_entropy + 32, dummy_entropy + 16, 16); > ctx = FIPS_get_default_drbg(); > FIPS_drbg_init(ctx, NID_aes_256_ctr, DRBG_FLAG_CTR_USE_DF); > FIPS_drbg_set_callbacks(ctx, dummy_cb, 0, 16, dummy_cb, 0); > FIPS_drbg_instantiate(ctx, dummy_entropy, 10); > FIPS_rand_set_method(FIPS_drbg_method()); > } > > This looks a bit complicated. I've been trying to find information on how > RNG initialization is supposed to work in FIPS mode, but I have not been > able to find anything. How is this supposed to be handled? I fear that I > unknowingly have ripped something out that is causing this. > > Can anyone give me a description of RNG initialization in FIPS mode, > please? > > -- > R > >
