diff --git a/ctaocrypt/src/random.c b/ctaocrypt/src/random.c
index 2849e35d9..a2e053f9c 100644
--- a/ctaocrypt/src/random.c
+++ b/ctaocrypt/src/random.c
@@ -456,10 +456,18 @@ int FreeRng(RNG* rng)
 
 int RNG_HealthTest(int reseed, const byte* entropyA, word32 entropyASz,
                                const byte* entropyB, word32 entropyBSz,
-                               const byte* output, word32 outputSz)
+                               byte* output, word32 outputSz)
 {
     DRBG drbg;
-    byte check[SHA256_DIGEST_SIZE * 4];
+
+    if (entropyA == NULL || output == NULL)
+        return BAD_FUNC_ARG;
+
+    if (reseed != 0 && entropyB == NULL)
+        return BAD_FUNC_ARG;
+
+    if (outputSz != (SHA256_DIGEST_SIZE * 4))
+        return -1;
 
     if (Hash_DRBG_Instantiate(&drbg, entropyA, entropyASz, NULL, 0) != 0)
         return -1;
@@ -471,17 +479,12 @@ int RNG_HealthTest(int reseed, const byte* entropyA, word32 entropyASz,
         }
     }
 
-    if (Hash_DRBG_Generate(&drbg, check, sizeof(check)) != 0) {
+    if (Hash_DRBG_Generate(&drbg, output, outputSz) != 0) {
         Hash_DRBG_Uninstantiate(&drbg);
         return -1;
     }
 
-    if (Hash_DRBG_Generate(&drbg, check, sizeof(check)) != 0) {
-        Hash_DRBG_Uninstantiate(&drbg);
-        return -1;
-    }
-
-    if (outputSz != sizeof(check) || XMEMCMP(output, check, sizeof(check))) {
+    if (Hash_DRBG_Generate(&drbg, output, outputSz) != 0) {
         Hash_DRBG_Uninstantiate(&drbg);
         return -1;
     }
diff --git a/ctaocrypt/test/test.c b/ctaocrypt/test/test.c
index 58cf4620e..5d26f3780 100644
--- a/ctaocrypt/test/test.c
+++ b/ctaocrypt/test/test.c
@@ -2884,16 +2884,26 @@ int random_test(void)
         0x82, 0xc9, 0x55, 0xa8, 0x19, 0x69, 0xe0, 0x69, 0xfa, 0x8c, 0xe0, 0x07,
         0xa1, 0x80, 0x18, 0x3a, 0x07, 0xdf, 0xae, 0x17
     };
+
+    byte output[SHA256_DIGEST_SIZE * 4];
     int ret;
 
     ret = RNG_HealthTest(0, test1Entropy, sizeof(test1Entropy), NULL, 0,
-                            test1Output, sizeof(test1Output));
-    if (ret != 0) return -39;
+                            output, sizeof(output));
+    if (ret != 0)
+        return -39;
+
+    if (XMEMCMP(test1Output, output, sizeof(output)) != 0)
+        return -40;
 
     ret = RNG_HealthTest(1, test2EntropyA, sizeof(test2EntropyA),
                             test2EntropyB, sizeof(test2EntropyB),
-                            test2Output, sizeof(test2Output));
-    if (ret != 0) return -40;
+                            output, sizeof(output));
+    if (ret != 0)
+        return -41;
+
+    if (XMEMCMP(test2Output, output, sizeof(output)) != 0)
+        return -42;
 
     return 0;
 }
diff --git a/cyassl/ctaocrypt/random.h b/cyassl/ctaocrypt/random.h
index 29b94ad80..1bc48a22e 100644
--- a/cyassl/ctaocrypt/random.h
+++ b/cyassl/ctaocrypt/random.h
@@ -122,7 +122,7 @@ CYASSL_API int  RNG_GenerateByte(RNG*, byte*);
     CYASSL_API int RNG_HealthTest(int reseed,
                                         const byte* entropyA, word32 entropyASz,
                                         const byte* entropyB, word32 entropyBSz,
-                                        const byte* output, word32 outputSz);
+                                        byte* output, word32 outputSz);
 #endif /* HAVE_HASHDRBG || NO_RC4 */
 
 
@@ -134,7 +134,7 @@ CYASSL_API int  RNG_GenerateByte(RNG*, byte*);
     CYASSL_API int RNG_HealthTest_fips(int reseed,
                                         const byte* entropyA, word32 entropyASz,
                                         const byte* entropyB, word32 entropyBSz,
-                                        const byte* output, word32 outputSz);
+                                        byte* output, word32 outputSz);
     #ifndef FIPS_NO_WRAPPERS
         /* if not impl or fips.c impl wrapper force fips calls if fips build */
         #define InitRng              InitRng_fips