Hello, I have a question regarding the usage of the master DRBG during the fork operation. As far as I understand from the source code and articles, during the fork the library will perform the lock of the master DRBG to obtain the entropy for public and private DRBG. However, the library does not perform the check of the lock state itself and it is unclear for me, what will happen if the master DRBG is locked during the creation of the fork process.
Additionally, what was the purpose of such complicated scheme for DRBGs except for NIST requirements? Is it possible to solve fork problem without implementing the chain of DRBGs? Can you please help with this? Articles: https://www.openssl.org/docs/man1.1.1/man7/RAND_DRBG.html http://emboss.github.io/blog/2013/08/21/openssl-prng-is-not-really-fork-safe/ https://wiki.openssl.org/index.php/Random_fork-safety Here is the code from the rand_lib.c: rand_drbg_lock(drbg->parent); if (RAND_DRBG_generate(drbg->parent, buffer, bytes_needed, prediction_resistance, NULL, 0) != 0) bytes = bytes_needed; drbg->reseed_next_counter = tsan_load(&drbg->parent->reseed_prop_counter); rand_drbg_unlock(drbg->parent);
