[openssl] master update

matthias.st.pierre at ncp-e.com matthias.st.pierre at ncp-e.com
Mon Sep 14 04:37:40 UTC 2020


The branch master has been updated
       via  4f14a378f807e989aa0b328267732409c8d6ac68 (commit)
       via  1d30b0a4ada5707e10ee9a94ca4acd2e45004d01 (commit)
      from  ec0ce188f44b7ab261b1d691e34913b338479b1f (commit)


- Log -----------------------------------------------------------------
commit 4f14a378f807e989aa0b328267732409c8d6ac68
Author: Dr. Matthias St. Pierre <matthias.st.pierre at ncp-e.com>
Date:   Sun Sep 13 00:47:28 2020 +0200

    prov/drbg: cleanup some RAND_DRBG leftovers
    
    These are leftovers from the RAND_DRBG removal (#12509).
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12866)

commit 1d30b0a4ada5707e10ee9a94ca4acd2e45004d01
Author: Dr. Matthias St. Pierre <matthias.st.pierre at ncp-e.com>
Date:   Sun Sep 13 00:17:35 2020 +0200

    prov/drbg: fix misspelling of '#ifdef FIPS_MODULE'
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/12866)

-----------------------------------------------------------------------

Summary of changes:
 crypto/err/openssl.txt                 |  7 -------
 providers/fips/self_test_kats.c        |  4 ++--
 providers/implementations/rands/drbg.c |  8 ++++----
 test/drbgtest.c                        |  6 ------
 util/libcrypto.num                     | 22 ----------------------
 util/other.syms                        |  5 -----
 6 files changed, 6 insertions(+), 46 deletions(-)

diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt
index 35c1dd6bdc..f26d07835f 100644
--- a/crypto/err/openssl.txt
+++ b/crypto/err/openssl.txt
@@ -1136,17 +1136,10 @@ RAND_F_GET_ENTROPY:106:get_entropy
 RAND_F_RAND_BYTES:100:RAND_bytes
 RAND_F_RAND_BYTES_EX:126:rand_bytes_ex
 RAND_F_RAND_DRBG_ENABLE_LOCKING:119:rand_drbg_enable_locking
-RAND_F_RAND_DRBG_GENERATE:107:RAND_DRBG_generate
 RAND_F_RAND_DRBG_GET_ENTROPY:120:rand_drbg_get_entropy
 RAND_F_RAND_DRBG_GET_NONCE:123:rand_drbg_get_nonce
 RAND_F_RAND_DRBG_INIT_METHOD:130:
-RAND_F_RAND_DRBG_INSTANTIATE:108:RAND_DRBG_instantiate
-RAND_F_RAND_DRBG_NEW:109:RAND_DRBG_new
-RAND_F_RAND_DRBG_RESEED:110:RAND_DRBG_reseed
 RAND_F_RAND_DRBG_RESTART:102:rand_drbg_restart
-RAND_F_RAND_DRBG_SET:104:RAND_DRBG_set
-RAND_F_RAND_DRBG_SET_DEFAULTS:121:RAND_DRBG_set_defaults
-RAND_F_RAND_DRBG_UNINSTANTIATE:118:RAND_DRBG_uninstantiate
 RAND_F_RAND_LOAD_FILE:111:RAND_load_file
 RAND_F_RAND_POOL_ACQUIRE_ENTROPY:122:rand_pool_acquire_entropy
 RAND_F_RAND_POOL_ADD:103:rand_pool_add
diff --git a/providers/fips/self_test_kats.c b/providers/fips/self_test_kats.c
index 8c88f8be5d..44d7557530 100644
--- a/providers/fips/self_test_kats.c
+++ b/providers/fips/self_test_kats.c
@@ -315,7 +315,7 @@ static int self_test_drbg(const ST_KAT_DRBG *t, OSSL_SELF_TEST *st,
     if (!EVP_RAND_set_ctx_params(test, drbg_params))
         goto err;
 
-    /* This calls RAND_DRBG_reseed() internally when prediction_resistance = 1 */
+    /* This calls PROV_DRBG_reseed() internally when prediction_resistance = 1 */
     if (!EVP_RAND_generate(drbg, out, t->expectedlen, strength,
                            prediction_resistance,
                            t->entropyaddin2, t->entropyaddin2len))
@@ -329,7 +329,7 @@ static int self_test_drbg(const ST_KAT_DRBG *t, OSSL_SELF_TEST *st,
     if (!EVP_RAND_uninstantiate(drbg))
         goto err;
     /*
-     * Check that the DRBG data has been zeroized after RAND_DRBG_uninstantiate.
+     * Check that the DRBG data has been zeroized after PROV_DRBG_uninstantiate.
      */
     if (!EVP_RAND_verify_zeroization(drbg))
         goto err;
diff --git a/providers/implementations/rands/drbg.c b/providers/implementations/rands/drbg.c
index 5d364b1a21..5a41647b33 100644
--- a/providers/implementations/rands/drbg.c
+++ b/providers/implementations/rands/drbg.c
@@ -133,10 +133,10 @@ static unsigned int get_parent_reseed_count(PROV_DRBG *drbg)
 }
 
 /*
- * Implements the get_entropy() callback (see RAND_DRBG_set_callbacks())
+ * Implements the get_entropy() callback
  *
  * If the DRBG has a parent, then the required amount of entropy input
- * is fetched using the parent's RAND_DRBG_generate().
+ * is fetched using the parent's PROV_DRBG_generate().
  *
  * Otherwise, the entropy is polled from the system entropy sources
  * using prov_pool_acquire_entropy().
@@ -229,7 +229,7 @@ err:
 }
 
 /*
- * Implements the cleanup_entropy() callback (see RAND_DRBG_set_callbacks())
+ * Implements the cleanup_entropy() callback
  *
  */
 static void prov_drbg_cleanup_entropy(PROV_DRBG *drbg,
@@ -587,7 +587,7 @@ int PROV_DRBG_reseed(PROV_DRBG *drbg, int prediction_resistance,
     }
 
     if (ent != NULL) {
-#ifdef FIP_MODULE
+#ifdef FIPS_MODULE
         /*
          * NIST SP-800-90A mandates that entropy *shall not* be provided
          * by the consuming application. Instead the data is added as additional
diff --git a/test/drbgtest.c b/test/drbgtest.c
index 2ded33aa7f..30c6b270d0 100644
--- a/test/drbgtest.c
+++ b/test/drbgtest.c
@@ -7,12 +7,6 @@
  * https://www.openssl.org/source/license.html
  */
 
-/*
- * RAND_DRBG_set is deprecated for public use, but still ok for
- * internal use.
- */
-#include "internal/deprecated.h"
-
 #include <string.h>
 #include "internal/nelem.h"
 #include <openssl/crypto.h>
diff --git a/util/libcrypto.num b/util/libcrypto.num
index efadadd94b..42bbb4bd04 100644
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -4198,17 +4198,6 @@ OSSL_STORE_LOADER_get0_engine           4287	3_0_0	EXIST::FUNCTION:DEPRECATEDIN_
 OPENSSL_fork_prepare                    4288	3_0_0	EXIST:UNIX:FUNCTION:
 OPENSSL_fork_parent                     4289	3_0_0	EXIST:UNIX:FUNCTION:
 OPENSSL_fork_child                      4290	3_0_0	EXIST:UNIX:FUNCTION:
-RAND_DRBG_instantiate                   4292	3_0_0	NOEXIST::FUNCTION:
-RAND_DRBG_uninstantiate                 4293	3_0_0	NOEXIST::FUNCTION:
-RAND_DRBG_set                           4295	3_0_0	NOEXIST::FUNCTION:DEPRECATEDIN_3_0
-RAND_DRBG_set_callbacks                 4296	3_0_0	NOEXIST::FUNCTION:
-RAND_DRBG_new                           4297	3_0_0	NOEXIST::FUNCTION:
-RAND_DRBG_set_reseed_interval           4298	3_0_0	NOEXIST::FUNCTION:
-RAND_DRBG_free                          4299	3_0_0	NOEXIST::FUNCTION:
-RAND_DRBG_generate                      4300	3_0_0	NOEXIST::FUNCTION:
-RAND_DRBG_reseed                        4301	3_0_0	NOEXIST::FUNCTION:
-RAND_DRBG_set_ex_data                   4302	3_0_0	NOEXIST::FUNCTION:
-RAND_DRBG_get_ex_data                   4303	3_0_0	NOEXIST::FUNCTION:
 EVP_sha3_224                            4304	3_0_0	EXIST::FUNCTION:
 EVP_sha3_256                            4305	3_0_0	EXIST::FUNCTION:
 EVP_sha3_384                            4306	3_0_0	EXIST::FUNCTION:
@@ -4223,7 +4212,6 @@ SCRYPT_PARAMS_it                        4314	3_0_0	EXIST::FUNCTION:SCRYPT
 CRYPTO_secure_clear_free                4315	3_0_0	EXIST::FUNCTION:
 EVP_PKEY_meth_get0                      4316	3_0_0	EXIST::FUNCTION:DEPRECATEDIN_3_0
 EVP_PKEY_meth_get_count                 4317	3_0_0	EXIST::FUNCTION:DEPRECATEDIN_3_0
-RAND_DRBG_get0_public                   4319	3_0_0	NOEXIST::FUNCTION:
 RAND_priv_bytes                         4320	3_0_0	EXIST::FUNCTION:
 BN_priv_rand                            4321	3_0_0	EXIST::FUNCTION:
 BN_priv_rand_range                      4322	3_0_0	EXIST::FUNCTION:
@@ -4233,7 +4221,6 @@ ASN1_TIME_compare                       4325	3_0_0	EXIST::FUNCTION:
 EVP_PKEY_CTX_ctrl_uint64                4326	3_0_0	EXIST::FUNCTION:
 EVP_DigestFinalXOF                      4327	3_0_0	EXIST::FUNCTION:
 ERR_clear_last_mark                     4328	3_0_0	EXIST::FUNCTION:
-RAND_DRBG_get0_private                  4329	3_0_0	NOEXIST::FUNCTION:
 EVP_aria_192_ccm                        4330	3_0_0	EXIST::FUNCTION:ARIA
 EVP_aria_256_gcm                        4331	3_0_0	EXIST::FUNCTION:ARIA
 EVP_aria_256_ccm                        4332	3_0_0	EXIST::FUNCTION:ARIA
@@ -4281,8 +4268,6 @@ RSA_set0_multi_prime_params             4376	3_0_0	EXIST::FUNCTION:RSA
 RSA_get_version                         4377	3_0_0	EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
 RSA_meth_get_multi_prime_keygen         4378	3_0_0	EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
 RSA_meth_set_multi_prime_keygen         4379	3_0_0	EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
-RAND_DRBG_get0_master                   4380	3_0_0	NOEXIST::FUNCTION:
-RAND_DRBG_set_reseed_time_interval      4381	3_0_0	NOEXIST::FUNCTION:
 PROFESSION_INFO_get0_addProfessionInfo  4382	3_0_0	EXIST::FUNCTION:
 ADMISSION_SYNTAX_free                   4383	3_0_0	EXIST::FUNCTION:
 d2i_ADMISSION_SYNTAX                    4384	3_0_0	EXIST::FUNCTION:
@@ -4332,7 +4317,6 @@ ADMISSION_SYNTAX_new                    4427	3_0_0	EXIST::FUNCTION:
 EVP_sha512_256                          4428	3_0_0	EXIST::FUNCTION:
 EVP_sha512_224                          4429	3_0_0	EXIST::FUNCTION:
 OCSP_basic_sign_ctx                     4430	3_0_0	EXIST::FUNCTION:OCSP
-RAND_DRBG_bytes                         4431	3_0_0	NOEXIST::FUNCTION:
 OSSL_STORE_vctrl                        4433	3_0_0	EXIST::FUNCTION:DEPRECATEDIN_3_0
 OSSL_STORE_SEARCH_by_alias              4434	3_0_0	EXIST::FUNCTION:
 BIO_bind                                4435	3_0_0	EXIST::FUNCTION:SOCK
@@ -4352,13 +4336,11 @@ X509_get0_authority_key_id              4448	3_0_0	EXIST::FUNCTION:
 OSSL_STORE_LOADER_set_find              4449	3_0_0	EXIST::FUNCTION:DEPRECATEDIN_3_0
 OSSL_STORE_SEARCH_free                  4450	3_0_0	EXIST::FUNCTION:
 OSSL_STORE_SEARCH_get0_digest           4451	3_0_0	EXIST::FUNCTION:
-RAND_DRBG_set_reseed_defaults           4452	3_0_0	NOEXIST::FUNCTION:
 EVP_PKEY_new_raw_private_key            4453	3_0_0	EXIST::FUNCTION:
 EVP_PKEY_new_raw_public_key             4454	3_0_0	EXIST::FUNCTION:
 EVP_PKEY_new_CMAC_key                   4455	3_0_0	EXIST::FUNCTION:
 EVP_PKEY_asn1_set_set_priv_key          4456	3_0_0	EXIST::FUNCTION:
 EVP_PKEY_asn1_set_set_pub_key           4457	3_0_0	EXIST::FUNCTION:
-RAND_DRBG_set_defaults                  4458	3_0_0	NOEXIST::FUNCTION:
 conf_ssl_name_find                      4469	3_0_0	EXIST::FUNCTION:
 conf_ssl_get_cmd                        4470	3_0_0	EXIST::FUNCTION:
 conf_ssl_get                            4471	3_0_0	EXIST::FUNCTION:
@@ -4643,7 +4625,6 @@ OSSL_CMP_MSG_free                       ?	3_0_0	EXIST::FUNCTION:CMP
 ERR_load_CMP_strings                    ?	3_0_0	EXIST::FUNCTION:CMP
 EVP_MD_CTX_set_params                   ?	3_0_0	EXIST::FUNCTION:
 EVP_MD_CTX_get_params                   ?	3_0_0	EXIST::FUNCTION:
-RAND_DRBG_new_ex                        ?	3_0_0	NOEXIST::FUNCTION:
 OPENSSL_CTX_get0_primary_drbg           ?	3_0_0	NOEXIST::FUNCTION:
 OPENSSL_CTX_get0_public_drbg            ?	3_0_0	NOEXIST::FUNCTION:
 OPENSSL_CTX_get0_private_drbg           ?	3_0_0	NOEXIST::FUNCTION:
@@ -4930,8 +4911,6 @@ EVP_PKEY_pairwise_check                 ?	3_0_0	EXIST::FUNCTION:
 ASN1_item_verify_ctx                    ?	3_0_0	EXIST::FUNCTION:
 ASN1_item_sign_with_libctx              ?	3_0_0	EXIST::FUNCTION:
 ASN1_item_verify_with_libctx            ?	3_0_0	EXIST::FUNCTION:
-RAND_DRBG_set_callback_data             ?	3_0_0	NOEXIST::FUNCTION:
-RAND_DRBG_get_callback_data             ?	3_0_0	NOEXIST::FUNCTION:
 BIO_socket_wait                         ?	3_0_0	EXIST::FUNCTION:SOCK
 BIO_wait                                ?	3_0_0	EXIST::FUNCTION:
 BIO_do_connect_retry                    ?	3_0_0	EXIST::FUNCTION:
@@ -5118,7 +5097,6 @@ EVP_RAND_enable_locking                 ?	3_0_0	EXIST::FUNCTION:
 EVP_RAND_verify_zeroization             ?	3_0_0	EXIST::FUNCTION:
 EVP_RAND_strength                       ?	3_0_0	EXIST::FUNCTION:
 EVP_RAND_state                          ?	3_0_0	EXIST::FUNCTION:
-RAND_DRBG_verify_zeroization            ?	3_0_0	NOEXIST::FUNCTION:
 EVP_default_properties_is_fips_enabled  ?	3_0_0	EXIST::FUNCTION:
 EVP_default_properties_enable_fips      ?	3_0_0	EXIST::FUNCTION:
 EVP_PKEY_new_raw_private_key_with_libctx ?	3_0_0	EXIST::FUNCTION:
diff --git a/util/other.syms b/util/other.syms
index 6dcc9b260c..0925d726d8 100644
--- a/util/other.syms
+++ b/util/other.syms
@@ -71,10 +71,6 @@ OSSL_STORE_post_process_info_fn         datatype
 OSSL_trace_cb                           datatype
 PROFESSION_INFO                         datatype
 PROFESSION_INFOS                        datatype
-RAND_DRBG_cleanup_entropy_fn            datatype
-RAND_DRBG_cleanup_nonce_fn              datatype
-RAND_DRBG_get_entropy_fn                datatype
-RAND_DRBG_get_nonce_fn                  datatype
 RAND_poll_cb                            datatype
 SSL_CTX_allow_early_data_cb_fn          datatype
 SSL_CTX_keylog_cb_func                  datatype
@@ -427,7 +423,6 @@ PEM_FLAG_EAY_COMPATIBLE                 define
 PEM_FLAG_ONLY_B64                       define
 PEM_FLAG_SECURE                         define
 RAND_cleanup                            define deprecated 1.1.0
-RAND_DRBG_get_ex_new_index              define
 SSL_COMP_free_compression_methods       define deprecated 1.1.0
 SSL_CTX_add0_chain_cert                 define
 SSL_CTX_add1_chain_cert                 define


More information about the openssl-commits mailing list