Provided by: openssl_3.5.0-2ubuntu1_amd64 
NAME
EVP_RAND-CRNG-TEST - The FIPS health testing EVP_RAND filter
DESCRIPTION
This EVP_RAND object acts as a filter between the entropy source and its users. It performs CRNG health
tests as defined in SP 800-90B <https://csrc.nist.gov/pubs/sp/800/90/b/final> Section 4 "Health Tests".
Most requests are forwarded to the entropy source, either via its parent reference or via the provider
entropy upcalls.
Identity
"CRNG-TEST" is the name for this implementation; it can be used with the EVP_RAND_fetch() function.
Supported parameters
If a parent EVP_RAND is specified on context creation, the parent's parameters are supported because the
request is forwarded to the parent seed source for processing.
If no parent EVP_RAND is specified on context creation, the following parameters are supported:
"state" (OSSL_RAND_PARAM_STATE) <integer>
"strength" (OSSL_RAND_PARAM_STRENGTH) <unsigned integer>
"max_request" (OSSL_RAND_PARAM_MAX_REQUEST) <unsigned integer>
These parameters work as described in "PARAMETERS" in EVP_RAND(3).
"fips-indicator" (OSSL_DRBG_PARAM_FIPS_APPROVED_INDICATOR) <integer>
This parameter works as described in "PARAMETERS" in provider-rand(7).
NOTES
This EVP_RAND is only implemented by the OpenSSL FIPS provider.
A context for a health test filter can be obtained by calling:
EVP_RAND *parent = ...;
EVP_RAND *rand = EVP_RAND_fetch(NULL, "CRNG-TEST", NULL);
EVP_RAND_CTX *rctx = EVP_RAND_CTX_new(rand, parent);
SEE ALSO
EVP_RAND(3), OSSL_PROVIDER-FIPS(7)
HISTORY
This functionality was added in OpenSSL 3.4.
COPYRIGHT
Copyright 2024 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance
with the License. You can obtain a copy in the file LICENSE in the source distribution or at
<https://www.openssl.org/source/license.html>.
3.5.0 2025-06-04 EVP_RAND-CRNG-TEST(7SSL)