It is up to the user to ensure that a live entropy source is configured
and is being used.
-The derivation function is disabled during initialization by calling the
-RAND_DRBG_set() function with the RAND_DRBG_FLAG_CTR_NO_DF flag.
-For more information on the derivation function and when it can be omitted,
-see [NIST SP 800-90A Rev. 1]. Roughly speaking it can be omitted if the random
-source has "full entropy", i.e., contains 8 bits of entropy per byte.
+The derivation function is disabled by calling the RAND_DRBG_new_ex()
+function with the RAND_DRBG_FLAG_CTR_NO_DF flag. For more information on
+the derivation function and when it can be omitted, see [NIST SP 800-90A
+Rev. 1]. Roughly speaking it can be omitted if the random source has "full
+entropy", i.e., contains 8 bits of entropy per byte. In a FIPS context,
+the derivation function can never be omitted.
Even if a nonce is required, the B<get_nonce>() and B<cleanup_nonce>()
callbacks can be omitted by setting them to NULL.