rand_drbg: remove RAND_DRBG.

The RAND_DRBG API did not fit well into the new provider concept as
implemented by EVP_RAND and EVP_RAND_CTX. The main reason is that the
RAND_DRBG API is a mixture of 'front end' and 'back end' API calls
and some of its API calls are rather low-level. This holds in particular
for the callback mechanism (RAND_DRBG_set_callbacks()) and the RAND_DRBG
type changing mechanism (RAND_DRBG_set()).

Adding a compatibility layer to continue supporting the RAND_DRBG API as
a legacy API for a regular deprecation period turned out to come at the
price of complicating the new provider API unnecessarily. Since the
RAND_DRBG API exists only since version 1.1.1, it was decided by the OMC
to drop it entirely.

Other related changes:

Use RNG instead of DRBG in EVP_RAND documentation.  The documentation was
using DRBG in places where it should have been RNG or CSRNG.

Move the RAND_DRBG(7) documentation to EVP_RAND(7).

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/12509)

1 files changed, 1 insertions, 33 deletions

diff --git a/crypto/rand/rand_local.h b/crypto/rand/rand_local.h
index 73751d25e4..d1c9bd7fec 100644
--- a/crypto/rand/rand_local.h
+++ b/crypto/rand/rand_local.h
@@ -15,48 +15,16 @@
 # include <openssl/sha.h>
 # include <openssl/hmac.h>
 # include <openssl/ec.h>
-# include <openssl/rand_drbg.h>
+# include <openssl/rand.h>
 # include "internal/tsan_assist.h"
 # include "crypto/rand.h"
 
-# include "internal/numbers.h"
-
-/* Maximum reseed intervals */
-# define MAX_RESEED_INTERVAL                     (1 << 24)
-# define MAX_RESEED_TIME_INTERVAL                (1 << 20) /* approx. 12 days */
-
 /* Default reseed intervals */
 # define PRIMARY_RESEED_INTERVAL                 (1 << 8)
 # define SECONDARY_RESEED_INTERVAL               (1 << 16)
 # define PRIMARY_RESEED_TIME_INTERVAL            (60 * 60) /* 1 hour */
 # define SECONDARY_RESEED_TIME_INTERVAL          (7 * 60)  /* 7 minutes */
 
-/*
- * The state of all types of DRBGs.
- */
-struct rand_drbg_st {
-    CRYPTO_RWLOCK *lock;
-    /* The library context this DRBG is associated with, if any */
-    OPENSSL_CTX *libctx;
-    RAND_DRBG *parent;
-    int type; /* the nid of the underlying algorithm */
-    unsigned short flags; /* various external flags */
-
-    /* Application data, mainly used in the KATs. */
-    CRYPTO_EX_DATA ex_data;
-
-    /* Implementation */
-    EVP_RAND_CTX *rand;
-
-    /* Callback functions.  See comments in rand_lib.c */
-    RAND_DRBG_get_entropy_fn get_entropy;
-    RAND_DRBG_cleanup_entropy_fn cleanup_entropy;
-    RAND_DRBG_get_nonce_fn get_nonce;
-    RAND_DRBG_cleanup_nonce_fn cleanup_nonce;
-
-    void *callback_data;
-};
-
 /* The global RAND method, and the global buffer and DRBG instance. */
 extern RAND_METHOD rand_meth;