In my application, I've two major components which access the random
generator (one is database module and other one is JNI wrapper used by
Java). Therefore I think this issue is some synchronization issue.
I wrote a test app to try to reproduce the problem in multithreaded
environment. And this t
In the FIPS User Guide (http://www.openssl.org/docs/fips/UserGuide-2.0.pdf),
there is example to set the default DRBG type. It uses DRBG type as
NID_hmac_WithSHA256, but it should be NID_hmacWithSHA256.
Example from UserGuide:
./config -DOPENSSL_DRBG_DEFAULT_TYPE=NID_hmac_WithSHA256 \
-DOPENSSL_DR
I'm using FIPS OpenSSL on Android and it FIPS_rand_bytes() fails continuous
test after sometime. I read in the SecurityPolicy that if it fails then we
need to uninstantiate and re-instantiate the DRBG.
Few questions:
1. Is there any way to avoid this? Will using HMAC DRBG or Hash DRBG help?
2. Is
