rand_lib: do not silently ignore custom seed source failures#29316
Closed
xnox wants to merge 1 commit intoopenssl:masterfrom
Closed
rand_lib: do not silently ignore custom seed source failures#29316xnox wants to merge 1 commit intoopenssl:masterfrom
xnox wants to merge 1 commit intoopenssl:masterfrom
Conversation
github-actions
bot
added
the
severity: fips change
t8m
added
branch: master
xnox
force-pushed
the
honor-configured-seed-source-strictly
branch
from
278682f to
8c56ed5
Compare
Contributor
Author
|
I am not sure I understand what test_ssl_old is doing => in many cases it specifies multiple providers, but then only loads one of them not both. |
t8m
reviewed
Dec 5, 2025
If a custom seed source is specified in the config file, it can be silently ignored. For example if it is missing, fails to be created, or fails to initialize it can be silently ignored and fallback to os entropy instead. To reproduce this, perform default configuration of openssl without jitter entropy source, and then specify jitter entropy source. Currently entropy will fall back to getrandom, instead of erroring out. This is not unique to jitter entropy source, there are a few other entropy source providers out there on the market, and in all cases if one is configuring OpenSSL to use a given seed source by name, it should be honored. Currently this will output a fresh rsa key, with this change however it will now result in an error: ``` ./Configure make ./util/wrap.pl -jitter ./apps/openssl genrsa Warning: generating random key material may take a long time if the system has a poor entropy source genrsa: Error generating RSA key 80ABAB8F9F7F0000:error:0308010C:digital envelope routines:inner_evp_generic_fetch:unsupported:crypto/evp/evp_fetch.c:375:Global default library context, Algorithm (JITTER : 0), Properties (<null>) 80ABAB8F9F7F0000:error:12000090:random number generator:rand_new_seed:unable to fetch drbg:crypto/rand/rand_lib.c:613: 80ABAB8F9F7F0000:error:0308010C:digital envelope routines:inner_evp_generic_fetch:unsupported:crypto/evp/evp_fetch.c:375:Global default library context, Algorithm (JITTER : 0), Properties (<null>) 80ABAB8F9F7F0000:error:12000090:random number generator:rand_new_seed:unable to fetch drbg:crypto/rand/rand_lib.c:613: ``` IMHO, if a user is configuring a custom seed source, it should be honored without silently eating errors. Note this partially reverts 1d180bb "rand: allow seed-src to be missing", which as far as I understand was done to ensure that fallback seedsource is allowed to be missing. This new implementation preserves this behaviour by ensuring error is not raised if SEED-SRC (which since the above commit was changed to a macro define OPENSSL_DEFAULT_SEED_SRC) is used as a fallback, and it fails to be fetched. Previously all errors were popped unconditionaly, thus same behaviour is preserved if SEED-SRC is completely missing and it wasn't configured in the config file. cc @paulidale, also see: - openssl#13640
xnox
force-pushed
the
honor-configured-seed-source-strictly
branch
from
8c56ed5 to
e364822
Compare
paulidale
approved these changes
Dec 16, 2025
esyr
approved these changes
Jan 15, 2026
Member
esyr
left a comment
esyr
left a comment
There was a problem hiding this comment.
LGTM, it warrants a mention in CHANGES.md, however.
esyr
added
approval: done
Contributor
|
I don't agree that this warrants a changes entry. It's a bug fix. |
Collaborator
|
24 hours has passed since 'approval: done' was set, but as this PR has been updated in that time the label 'approval: ready to merge' is not being automatically set. Please review the updates and set the label manually. |
paulidale
added
approval: ready to merge
Contributor
|
Merged fixing trivial style reformat conflict. Thanks for the fix. |
openssl-machine
pushed a commit
that referenced
this pull request
Jan 18, 2026
If a custom seed source is specified in the config file, it can be silently ignored. For example if it is missing, fails to be created, or fails to initialize it can be silently ignored and fallback to os entropy instead. To reproduce this, perform default configuration of openssl without jitter entropy source, and then specify jitter entropy source. Currently entropy will fall back to getrandom, instead of erroring out. This is not unique to jitter entropy source, there are a few other entropy source providers out there on the market, and in all cases if one is configuring OpenSSL to use a given seed source by name, it should be honored. Currently this will output a fresh rsa key, with this change however it will now result in an error: ``` ./Configure make ./util/wrap.pl -jitter ./apps/openssl genrsa Warning: generating random key material may take a long time if the system has a poor entropy source genrsa: Error generating RSA key 80ABAB8F9F7F0000:error:0308010C:digital envelope routines:inner_evp_generic_fetch:unsupported:crypto/evp/evp_fetch.c:375:Global default library context, Algorithm (JITTER : 0), Properties (<null>) 80ABAB8F9F7F0000:error:12000090:random number generator:rand_new_seed:unable to fetch drbg:crypto/rand/rand_lib.c:613: 80ABAB8F9F7F0000:error:0308010C:digital envelope routines:inner_evp_generic_fetch:unsupported:crypto/evp/evp_fetch.c:375:Global default library context, Algorithm (JITTER : 0), Properties (<null>) 80ABAB8F9F7F0000:error:12000090:random number generator:rand_new_seed:unable to fetch drbg:crypto/rand/rand_lib.c:613: ``` IMHO, if a user is configuring a custom seed source, it should be honored without silently eating errors. Note this partially reverts 1d180bb "rand: allow seed-src to be missing", which as far as I understand was done to ensure that fallback seedsource is allowed to be missing. This new implementation preserves this behaviour by ensuring error is not raised if SEED-SRC (which since the above commit was changed to a macro define OPENSSL_DEFAULT_SEED_SRC) is used as a fallback, and it fails to be fetched. Previously all errors were popped unconditionaly, thus same behaviour is preserved if SEED-SRC is completely missing and it wasn't configured in the config file. cc @paulidale, also see: - #13640 Reviewed-by: Eugene Syromiatnikov <[email protected]> Reviewed-by: Paul Dale <[email protected]> (Merged from #29316)
esyr
pushed a commit
to esyr/openssl
that referenced
this pull request
Jan 19, 2026
If a custom seed source is specified in the config file, it can be silently ignored. For example if it is missing, fails to be created, or fails to initialize it can be silently ignored and fallback to os entropy instead. To reproduce this, perform default configuration of openssl without jitter entropy source, and then specify jitter entropy source. Currently entropy will fall back to getrandom, instead of erroring out. This is not unique to jitter entropy source, there are a few other entropy source providers out there on the market, and in all cases if one is configuring OpenSSL to use a given seed source by name, it should be honored. Currently this will output a fresh rsa key, with this change however it will now result in an error: ``` ./Configure make ./util/wrap.pl -jitter ./apps/openssl genrsa Warning: generating random key material may take a long time if the system has a poor entropy source genrsa: Error generating RSA key 80ABAB8F9F7F0000:error:0308010C:digital envelope routines:inner_evp_generic_fetch:unsupported:crypto/evp/evp_fetch.c:375:Global default library context, Algorithm (JITTER : 0), Properties (<null>) 80ABAB8F9F7F0000:error:12000090:random number generator:rand_new_seed:unable to fetch drbg:crypto/rand/rand_lib.c:613: 80ABAB8F9F7F0000:error:0308010C:digital envelope routines:inner_evp_generic_fetch:unsupported:crypto/evp/evp_fetch.c:375:Global default library context, Algorithm (JITTER : 0), Properties (<null>) 80ABAB8F9F7F0000:error:12000090:random number generator:rand_new_seed:unable to fetch drbg:crypto/rand/rand_lib.c:613: ``` IMHO, if a user is configuring a custom seed source, it should be honored without silently eating errors. Note this partially reverts 1d180bb "rand: allow seed-src to be missing", which as far as I understand was done to ensure that fallback seedsource is allowed to be missing. This new implementation preserves this behaviour by ensuring error is not raised if SEED-SRC (which since the above commit was changed to a macro define OPENSSL_DEFAULT_SEED_SRC) is used as a fallback, and it fails to be fetched. Previously all errors were popped unconditionaly, thus same behaviour is preserved if SEED-SRC is completely missing and it wasn't configured in the config file. cc @paulidale, also see: - openssl#13640 Reviewed-by: Eugene Syromiatnikov <[email protected]> Reviewed-by: Paul Dale <[email protected]> (Merged from openssl#29316)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
5 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
If a custom seed source is specified in the config file, it can be
silently ignored. For example if it is missing, fails to be created,
or fails to initialize it can be silently ignored and fallback to os
entropy instead.
To reproduce this, perform default configuration of openssl without
jitter entropy source, and then specify jitter entropy
source. Currently entropy will fall back to getrandom, instead of
erroring out.
This is not unique to jitter entropy source, there are a few other
entropy source providers out there on the market, and in all cases if
one is configuring OpenSSL to use a given seed source by name, it
should be honored.
Currently this will output a fresh rsa key, with this change however
it will now result in an error:
IMHO, if a user is configuring a custom seed source, it should be
honored without silently eating errors.
Note this partially reverts 1d180bb
"rand: allow seed-src to be missing", which as far as I understand was
done to ensure that fallback seedsource is allowed to be missing. This
new implementation preserves this behaviour by ensuring error is not
raised if SEED-SRC (which since the above commit was changed to a
macro define OPENSSL_DEFAULT_SEED_SRC) is used as a fallback, and it
fails to be fetched. Previously all errors were popped unconditionaly,
thus same behaviour is preserved if SEED-SRC is completely missing and
it wasn't configured in the config file. cc @paulidale, also see: -
#13640