Hi All,

I've downloaded and installed this version (above) from iTuglib.

After setting the LIB location as suggested Openssl starts up ... but any operation requiring random numbers fails with entropy issues etc.:

OpenSSL> version -a
OpenSSL 1.1.1n 15 Mar 2022
built on: Wed Mar 16 02:20:50 2022 UTC
platform: nonstop-nsx
options: bn(32,32) rc4(int) des(long) idea(int) blowfish(ptr)
compiler: c99 -Wverbose -I/usr/local/include -g -O2 -Wextensions -Wnowarn=203,220,272,734,770,1506 -Wbuild_neutral_library -Wverbose -I/usr/local/include -DOPENSSL_PIC -DOPENSSL_VPROC= -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1 -DB_ENDIAN -DOPENSSL_
SYSNAME_TANDEM -DOPENSSL_TANDEM_FLOSS -DNDEBUG
OPENSSLDIR: "/usr/local-ssl1.1/ssl"
ENGINESDIR: "/usr/local-ssl1.1/lib/engines-1.1"
Seeding source: EGD ( "/var/run/egd-pool" "/dev/egd-pool" "/etc/egd-pool" "/etc/entropy" )


For example:

OpenSSL> rand 10
0:error:2406C06E:random number generator:RAND_DRBG_instantiate:error retrieving entropy:/home/ituglib/randall/jenkins/.jenkins/workspace/OpenSSL-1.1_Pipeline/crypto/rand/drbg_lib.c:335:
0:error:2406C06E:random number generator:RAND_DRBG_instantiate:error retrieving entropy:/home/ituglib/randall/jenkins/.jenkins/workspace/OpenSSL-1.1_Pipeline/crypto/rand/drbg_lib.c:335:
0:error:2406B072:random number generator:RAND_DRBG_generate:in error state:/home/ituglib/randall/jenkins/.jenkins/workspace/OpenSSL-1.1_Pipeline/crypto/rand/drbg_lib.c:588:
0:error:2406C06E:random number generator:RAND_DRBG_instantiate:error retrieving entropy:/home/ituglib/randall/jenkins/.jenkins/workspace/OpenSSL-1.1_Pipeline/crypto/rand/drbg_lib.c:335:
etc.
Any ideas anyone?

Regards,

Peter Collins

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Monday, April 4, 2022 at 9:46:15 p.m. UTC-4, Peter Collins wrote:

Hi All,

I've downloaded and installed this version (above) from iTuglib.

After setting the LIB location as suggested Openssl starts up ... but any operation requiring random numbers fails with entropy issues etc.:

OpenSSL> version -a
OpenSSL 1.1.1n 15 Mar 2022
built on: Wed Mar 16 02:20:50 2022 UTC
platform: nonstop-nsx
options: bn(32,32) rc4(int) des(long) idea(int) blowfish(ptr)
compiler: c99 -Wverbose -I/usr/local/include -g -O2 -Wextensions -Wnowarn=203,220,272,734,770,1506 -Wbuild_neutral_library -Wverbose -I/usr/local/include -DOPENSSL_PIC -DOPENSSL_VPROC= -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1 -DB_ENDIAN -DOPENSSL_

SYSNAME_TANDEM -DOPENSSL_TANDEM_FLOSS -DNDEBUG

OPENSSLDIR: "/usr/local-ssl1.1/ssl"
ENGINESDIR: "/usr/local-ssl1.1/lib/engines-1.1"
Seeding source: EGD ( "/var/run/egd-pool" "/dev/egd-pool" "/etc/egd-pool" "/etc/entropy" )

For example:

OpenSSL> rand 10
0:error:2406C06E:random number generator:RAND_DRBG_instantiate:error retrieving entropy:/home/ituglib/randall/jenkins/.jenkins/workspace/OpenSSL-1.1_Pipeline/crypto/rand/drbg_lib.c:335:
0:error:2406C06E:random number generator:RAND_DRBG_instantiate:error retrieving entropy:/home/ituglib/randall/jenkins/.jenkins/workspace/OpenSSL-1.1_Pipeline/crypto/rand/drbg_lib.c:335:
0:error:2406B072:random number generator:RAND_DRBG_generate:in error state:/home/ituglib/randall/jenkins/.jenkins/workspace/OpenSSL-1.1_Pipeline/crypto/rand/drbg_lib.c:588:
0:error:2406C06E:random number generator:RAND_DRBG_instantiate:error retrieving entropy:/home/ituglib/randall/jenkins/.jenkins/workspace/OpenSSL-1.1_Pipeline/crypto/rand/drbg_lib.c:335:
etc.
Any ideas anyone?

Regards,

Peter Collins

Please see my other response. You need to run PRNGD (from coreutils) for OpenSSL 1.x. This has not changed from prior OpenSSL releases. At OpenSSL 3.x, the x86 hardware randomizer is used, so you don't need PRNGD anymore. The command to start PRNGD is:

/usr/coreutils/sbin/prngd -f /etc/egd-pool tcp/localhost:708

Which you should make as a kernel managed process. The good thing is that PRNGD is part of CoreUtils T1202, so is supported by GNSC.

Good luck,
Randall

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)