Hello, ? Is FIPS_mode_set(1) taking care of setting up a default DRBG ?? Would a subsequent call to RAND_pseudo_bytes() for instance be using the default DRBG ( 256-bit CTR AES ?) There are quite a few DRBG-related FIPS methods described in the User Guide, and one that is called FIPS_get_default_drbg().? Does this have to be actually called ?? I'm asking since I added in crypto/o_fips.c a FIPS_post_set_callback() in FIPS_set_mode() with a case switch on FIPS_TEST_DRBG (amongst others).? SHA256, HMAC-SHA256, AES-128-CBC, AES-256-CTR amongst others are reported to be tested, although there's no sign of the FIPS_TEST_DRBG.? Nor FIPS_TEST_CONTINUOUS for that matter.? Wouldn't the DRBG be tested in a 'continuous' way before each use ?? - thanks. Regards.
