Thank you for all the help, got this working.
Thanks
Bala
On Thursday, 15 April, 2021, 04:02:10 am IST, Dr Paul Dale
wrote:
Comments inline.
Pauli
On 15/4/21 12:09 am, Bala Duvvuri wrote:
HI Paul,
Thanks a lot for your response, thank you for pointing to
Comments inline.
Pauli
On 15/4/21 12:09 am, Bala Duvvuri wrote:
HI Paul,
Thanks a lot for your response, thank you for pointing to
/providers/implementations/rands/test_rng.c and the code to run NIST test.
Still finding it a bit difficult to wrap around these new APIs
In the old
For setting up a parent for a DRBG, look at
/providers/implementations/rands/test_rng.c which produces seed material
(test_rng_generate) and nonces (test_rng_nonce). The built in DRBG's
don't need the nonce, they will act as per SP800-90Ar1 section 9.1 with
a nonce available from their
1> >>The best way to do this, is to create a provider which acts as a seed
source and to then use this as the parent of the primary DRBG. See, for
example, test/testutil/fakerandom.c for how to do this. The key is to set up
the seed source before the RNG subsystem is first used.
In our case
RAND_add() forces a reseed to the DRBGs and uses the passed material
(not as entropy but as additional input).
EVP_RAND_reseed() is a more direct interface but remember that the built
in DRBGs are free to ignore what the user claims is /entropy/. History
has shown us time and again that
Hi All,
In OpenSSL 1.1.1 version, we were using RAND_DRBG for random number generation.
Using "RAND_DRBG_set_callbacks", we were able to call into our custom API for
entropy and nonce generation.
How can this be achieved with EVP_RAND implementation i.e. does it allow
entropy to be provided?