Kory,
The situation is more complicated but your solution below is the one I'd
have suggested.
SP800-90B says bad things about /dev/random but this is modified by IG
7.14 indicates that it is okay to use /dev/random. Then IG 7.19 says
that it isn't. The current FIPS 140-2 validation is side
Adding that should be enough to force only FIPS validated algorithms are
used.
Just doing that isn't enough, there is more you are going to need to
do. E.g. you will need to load the FIPS and base providers either via
config or explicitly.
It's possible to set the default properties via con
