diff options
| author | Pauli <paul.dale@oracle.com> | 2020-07-22 12:55:31 +1000 |
|---|---|---|
| committer | Pauli <paul.dale@oracle.com> | 2020-08-07 14:16:47 +1000 |
| commit | 7d615e2178fbffa53f05a67f68e5741374340308 (patch) | |
| tree | 8e5cdbb8c39e24727e64af790831980b2a5d9e6a /ssl | |
| parent | 4df0d37ff6cc399b93f9ef2524d087c2d67d41b5 (diff) | |
rand_drbg: remove RAND_DRBG.
The RAND_DRBG API did not fit well into the new provider concept as
implemented by EVP_RAND and EVP_RAND_CTX. The main reason is that the
RAND_DRBG API is a mixture of 'front end' and 'back end' API calls
and some of its API calls are rather low-level. This holds in particular
for the callback mechanism (RAND_DRBG_set_callbacks()) and the RAND_DRBG
type changing mechanism (RAND_DRBG_set()).
Adding a compatibility layer to continue supporting the RAND_DRBG API as
a legacy API for a regular deprecation period turned out to come at the
price of complicating the new provider API unnecessarily. Since the
RAND_DRBG API exists only since version 1.1.1, it was decided by the OMC
to drop it entirely.
Other related changes:
Use RNG instead of DRBG in EVP_RAND documentation. The documentation was
using DRBG in places where it should have been RNG or CSRNG.
Move the RAND_DRBG(7) documentation to EVP_RAND(7).
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/12509)
Diffstat (limited to 'ssl')
| -rw-r--r-- | ssl/ssl_lib.c | 1 |
1 files changed, 0 insertions, 1 deletions
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index 3f621d5677..63a7433be4 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -18,7 +18,6 @@ #include <openssl/objects.h> #include <openssl/x509v3.h> #include <openssl/rand.h> -#include <openssl/rand_drbg.h> #include <openssl/ocsp.h> #include <openssl/dh.h> #include <openssl/engine.h> |