Re: OpenSSL 3.0 - providing entropy to EVP_RAND ?

Wed, 14 Apr 2021 03:47:58 -0700 

 1> >>The best way to do this, is to create a provider which acts as a seed 
source and to then use this as the parent of the primary DRBG. See, for 
example, test/testutil/fakerandom.c for how to do this. The key is to set up 
the seed source before the RNG subsystem is first used.

In our case we provide the entropy and nonce from hardware sources (as its on 
embedded platform) as requested by DRBG in older version.
Now, if we setup a custom provider and use it as parent of the primary DRBG, 
its not clear how the entropy and nonce from this provider will be accessed, 
which API is invoked for the entropy/nonce consumption (any specific callbacks 
set)? Can you please explain the steps or example of the usage?

2> Also, we need set DRBG for CAVS test (Input: EntropyInput, Nonce, 
PersonalizationString, AdditionalInput, EntropyInputPR, AdditionalInput, 
EntropyInputPR), with OpenSSL 1.1.1, the below steps were done:

RAND_DRBG_new(NID_aes_256_ctr, RAND_DRBG_FLAGS, NULL);
RAND_DRBG_set_callbacks // This will setup to return the provided entropy and 
nonce inputs
RAND_DRBG_instantiate // Pass personalization string.
RAND_DRBG_generate

Can you kindly let me know the equivalent steps with OpenSSL 3.0?


Thank you for your help in this.

Thanks
Bala

     On Wednesday, 24 March, 2021, 11:56:18 am IST, Dr Paul Dale 
<[email protected]> wrote:  
 
  RAND_add() forces a reseed to the DRBGs and uses the passed material (not as 
entropy but as additional input).
 
 EVP_RAND_reseed() is a more direct interface but remember that the built in 
DRBGs are free to ignore what the user claims is entropy.  History has shown us 
time and again that entropy is often anything but.
 
 The best way to do this, is to create a provider which acts as a seed source 
and to then use this as the parent of the primary DRBG.  See, for example, 
test/testutil/fakerandom.c for how to do this.  The key is to set up the seed 
source before the RNG subsystem is first used.
 
 If you simply want to replace the built-in DRBGs with a real random source, 
create a provider and set the appropriate environment/config variables.
 
 
 Pauli
 
 
 On 24/3/21 4:14 pm, Bala Duvvuri via openssl-users wrote:
  
 Hi All,In OpenSSL 1.1.1 version, we were using RAND_DRBG for random number 
generation.Using "RAND_DRBG_set_callbacks", we were able to call into our 
custom API for entropy and nonce generation.How can this be achieved with 
EVP_RAND implementation i.e. does it allow entropy to be provided? ThanksBala

Reply via email to