rand_drbg: remove RAND_DRBG.

The RAND_DRBG API did not fit well into the new provider concept as implemented by EVP_RAND and EVP_RAND_CTX. The main reason is that the RAND_DRBG API is a mixture of 'front end' and 'back end' API calls and some of its API calls are rather low-level. This holds in particular for the callback mechanism (RAND_DRBG_set_callbacks()) and the RAND_DRBG type changing mechanism (RAND_DRBG_set()). Adding a compatibility layer to continue supporting the RAND_DRBG API as a legacy API for a regular deprecation period turned out to come at the price of complicating the new provider API unnecessarily. Since the RAND_DRBG API exists only since version 1.1.1, it was decided by the OMC to drop it entirely. Other related changes: Use RNG instead of DRBG in EVP_RAND documentation. The documentation was using DRBG in places where it should have been RNG or CSRNG. Move the RAND_DRBG(7) documentation to EVP_RAND(7). Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/12509)
author: Pauli <paul.dale@oracle.com> 2020-07-22 12:55:31 +1000
committer: Pauli <paul.dale@oracle.com> 2020-08-07 14:16:47 +1000
commit: 7d615e2178fbffa53f05a67f68e5741374340308 (patch)
tree: 8e5cdbb8c39e24727e64af790831980b2a5d9e6a /crypto/evp/evp_rand.c
parent: 4df0d37ff6cc399b93f9ef2524d087c2d67d41b5 (diff)
1 files changed, 26 insertions, 37 deletions
diff --git a/crypto/evp/evp_rand.c b/crypto/evp/evp_rand.c
index 9056f6d20b..0e5e8c11f9 100644
--- a/crypto/evp/evp_rand.c
+++ b/crypto/evp/evp_rand.c
@@ -25,6 +25,32 @@
 #include "internal/provider.h"
 #include "evp_local.h"
 
+struct evp_rand_st {
+    OSSL_PROVIDER *prov;
+    int name_id;
+    CRYPTO_REF_COUNT refcnt;
+    CRYPTO_RWLOCK *refcnt_lock;
+
+    const OSSL_DISPATCH *dispatch;
+    OSSL_FUNC_rand_newctx_fn *newctx;
+    OSSL_FUNC_rand_freectx_fn *freectx;
+    OSSL_FUNC_rand_instantiate_fn *instantiate;
+    OSSL_FUNC_rand_uninstantiate_fn *uninstantiate;
+    OSSL_FUNC_rand_generate_fn *generate;
+    OSSL_FUNC_rand_reseed_fn *reseed;
+    OSSL_FUNC_rand_nonce_fn *nonce;
+    OSSL_FUNC_rand_enable_locking_fn *enable_locking;
+    OSSL_FUNC_rand_lock_fn *lock;
+    OSSL_FUNC_rand_unlock_fn *unlock;
+    OSSL_FUNC_rand_gettable_params_fn *gettable_params;
+    OSSL_FUNC_rand_gettable_ctx_params_fn *gettable_ctx_params;
+    OSSL_FUNC_rand_settable_ctx_params_fn *settable_ctx_params;
+    OSSL_FUNC_rand_get_params_fn *get_params;
+    OSSL_FUNC_rand_get_ctx_params_fn *get_ctx_params;
+    OSSL_FUNC_rand_set_ctx_params_fn *set_ctx_params;
+    OSSL_FUNC_rand_verify_zeroization_fn *verify_zeroization;
+} /* EVP_RAND */ ;
+
 static int evp_rand_up_ref(void *vrand)
 {
     EVP_RAND *rand = (EVP_RAND *)vrand;
@@ -144,11 +170,6 @@ static void *evp_rand_from_dispatch(int name_id,
                 break;
             rand->nonce = OSSL_FUNC_rand_nonce(fns);
             break;
-        case OSSL_FUNC_RAND_SET_CALLBACKS:
-            if (rand->set_callbacks != NULL)
-                break;
-            rand->set_callbacks = OSSL_FUNC_rand_set_callbacks(fns);
-            break;
         case OSSL_FUNC_RAND_ENABLE_LOCKING:
             if (rand->enable_locking != NULL)
                 break;
@@ -579,38 +600,6 @@ int EVP_RAND_state(EVP_RAND_CTX *ctx)
     return state;
 }
 
-static int evp_rand_set_callbacks_locked(EVP_RAND_CTX *ctx,
-                                         OSSL_INOUT_CALLBACK *get_entropy,
-                                         OSSL_CALLBACK *cleanup_entropy,
-                                         OSSL_INOUT_CALLBACK *get_nonce,
-                                         OSSL_CALLBACK *cleanup_nonce,
-                                         void *arg)
-{
-    if (ctx->meth->set_callbacks == NULL) {
-        EVPerr(0, EVP_R_UNABLE_TO_SET_CALLBACKS);
-        return 0;
-    }
-    ctx->meth->set_callbacks(ctx->data, get_entropy, cleanup_entropy,
-                             get_nonce, cleanup_nonce, arg);
-    return 1;
-}
-
-int EVP_RAND_set_callbacks(EVP_RAND_CTX *ctx,
-                           OSSL_INOUT_CALLBACK *get_entropy,
-                           OSSL_CALLBACK *cleanup_entropy,
-                           OSSL_INOUT_CALLBACK *get_nonce,
-                           OSSL_CALLBACK *cleanup_nonce, void *arg)
-{
-    int res;
-
-    if (!evp_rand_lock(ctx))
-        return 0;
-    res = evp_rand_set_callbacks_locked(ctx, get_entropy, cleanup_entropy,
-                                        get_nonce, cleanup_nonce, arg);
-    evp_rand_unlock(ctx);
-    return res;
-}
-
 static int evp_rand_verify_zeroization_locked(EVP_RAND_CTX *ctx)
 {
     if (ctx->meth->verify_zeroization != NULL)
author	Pauli <paul.dale@oracle.com>	2020-07-22 12:55:31 +1000
committer	Pauli <paul.dale@oracle.com>	2020-08-07 14:16:47 +1000
commit	7d615e2178fbffa53f05a67f68e5741374340308 (patch)
tree	8e5cdbb8c39e24727e64af790831980b2a5d9e6a /crypto/evp/evp_rand.c
parent	4df0d37ff6cc399b93f9ef2524d087c2d67d41b5 (diff)