diff -up openssl-3.0.1/providers/implementations/rands/drbg.c.fipsrand openssl-3.0.1/providers/implementations/rands/drbg.c
--- openssl-3.0.1/providers/implementations/rands/drbg.c.fipsrand	2022-08-03 12:14:39.409370134 +0200
+++ openssl-3.0.1/providers/implementations/rands/drbg.c	2022-08-03 12:19:06.320700346 +0200
@@ -575,6 +575,9 @@ int ossl_prov_drbg_reseed(PROV_DRBG *drb
 #endif
     }
 
+#ifdef FIPS_MODULE
+    prediction_resistance = 1;
+#endif
     /* Reseed using our sources in addition */
     entropylen = get_entropy(drbg, &entropy, drbg->strength,
                              drbg->min_entropylen, drbg->max_entropylen,
diff -up openssl-3.0.1/crypto/rand/prov_seed.c.fipsrand openssl-3.0.1/crypto/rand/prov_seed.c
--- openssl-3.0.1/crypto/rand/prov_seed.c.fipsrand	2022-08-04 12:17:52.148556301 +0200
+++ openssl-3.0.1/crypto/rand/prov_seed.c	2022-08-04 12:19:41.783533552 +0200
@@ -20,7 +20,14 @@ size_t ossl_rand_get_entropy(ossl_unused
     size_t entropy_available;
     RAND_POOL *pool;
 
-    pool = ossl_rand_pool_new(entropy, 1, min_len, max_len);
+    /*
+     * OpenSSL still implements an internal entropy pool of
+     * some size that is hashed to get seed data.
+     * Note that this is a conditioning step for which SP800-90C requires
+     * 64 additional bits from the entropy source to claim the requested
+     * amount of entropy.
+     */
+    pool = ossl_rand_pool_new(entropy + 64, 1, min_len, max_len);
     if (pool == NULL) {
         ERR_raise(ERR_LIB_RAND, ERR_R_MALLOC_FAILURE);
         return 0;
diff -up openssl-3.0.1/providers/implementations/rands/crngt.c.fipsrand openssl-3.0.1/providers/implementations/rands/crngt.c
--- openssl-3.0.1/providers/implementations/rands/crngt.c.fipsrand	2022-08-04 11:56:10.100950299 +0200
+++ openssl-3.0.1/providers/implementations/rands/crngt.c	2022-08-04 11:59:11.241564925 +0200
@@ -139,7 +139,11 @@ size_t ossl_crngt_get_entropy(PROV_DRBG
      * to the nearest byte.  If the entropy is of less than full quality,
      * the amount required should be scaled up appropriately here.
      */
-    bytes_needed = (entropy + 7) / 8;
+    /*
+     * FIPS 140-3: the yet draft SP800-90C requires requested entropy
+     * + 128 bits during initial seeding
+     */
+    bytes_needed = (entropy + 128 + 7) / 8;
     if (bytes_needed < min_len)
         bytes_needed = min_len;
     if (bytes_needed > max_len)