[openssl] master update
matthias.st.pierre at ncp-e.com
matthias.st.pierre at ncp-e.com
Mon Sep 14 04:37:40 UTC 2020
The branch master has been updated
via 4f14a378f807e989aa0b328267732409c8d6ac68 (commit)
via 1d30b0a4ada5707e10ee9a94ca4acd2e45004d01 (commit)
from ec0ce188f44b7ab261b1d691e34913b338479b1f (commit)
- Log -----------------------------------------------------------------
commit 4f14a378f807e989aa0b328267732409c8d6ac68
Author: Dr. Matthias St. Pierre <matthias.st.pierre at ncp-e.com>
Date: Sun Sep 13 00:47:28 2020 +0200
prov/drbg: cleanup some RAND_DRBG leftovers
These are leftovers from the RAND_DRBG removal (#12509).
Reviewed-by: Paul Dale <paul.dale at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12866)
commit 1d30b0a4ada5707e10ee9a94ca4acd2e45004d01
Author: Dr. Matthias St. Pierre <matthias.st.pierre at ncp-e.com>
Date: Sun Sep 13 00:17:35 2020 +0200
prov/drbg: fix misspelling of '#ifdef FIPS_MODULE'
Reviewed-by: Paul Dale <paul.dale at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12866)
-----------------------------------------------------------------------
Summary of changes:
crypto/err/openssl.txt | 7 -------
providers/fips/self_test_kats.c | 4 ++--
providers/implementations/rands/drbg.c | 8 ++++----
test/drbgtest.c | 6 ------
util/libcrypto.num | 22 ----------------------
util/other.syms | 5 -----
6 files changed, 6 insertions(+), 46 deletions(-)
diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt
index 35c1dd6bdc..f26d07835f 100644
--- a/crypto/err/openssl.txt
+++ b/crypto/err/openssl.txt
@@ -1136,17 +1136,10 @@ RAND_F_GET_ENTROPY:106:get_entropy
RAND_F_RAND_BYTES:100:RAND_bytes
RAND_F_RAND_BYTES_EX:126:rand_bytes_ex
RAND_F_RAND_DRBG_ENABLE_LOCKING:119:rand_drbg_enable_locking
-RAND_F_RAND_DRBG_GENERATE:107:RAND_DRBG_generate
RAND_F_RAND_DRBG_GET_ENTROPY:120:rand_drbg_get_entropy
RAND_F_RAND_DRBG_GET_NONCE:123:rand_drbg_get_nonce
RAND_F_RAND_DRBG_INIT_METHOD:130:
-RAND_F_RAND_DRBG_INSTANTIATE:108:RAND_DRBG_instantiate
-RAND_F_RAND_DRBG_NEW:109:RAND_DRBG_new
-RAND_F_RAND_DRBG_RESEED:110:RAND_DRBG_reseed
RAND_F_RAND_DRBG_RESTART:102:rand_drbg_restart
-RAND_F_RAND_DRBG_SET:104:RAND_DRBG_set
-RAND_F_RAND_DRBG_SET_DEFAULTS:121:RAND_DRBG_set_defaults
-RAND_F_RAND_DRBG_UNINSTANTIATE:118:RAND_DRBG_uninstantiate
RAND_F_RAND_LOAD_FILE:111:RAND_load_file
RAND_F_RAND_POOL_ACQUIRE_ENTROPY:122:rand_pool_acquire_entropy
RAND_F_RAND_POOL_ADD:103:rand_pool_add
diff --git a/providers/fips/self_test_kats.c b/providers/fips/self_test_kats.c
index 8c88f8be5d..44d7557530 100644
--- a/providers/fips/self_test_kats.c
+++ b/providers/fips/self_test_kats.c
@@ -315,7 +315,7 @@ static int self_test_drbg(const ST_KAT_DRBG *t, OSSL_SELF_TEST *st,
if (!EVP_RAND_set_ctx_params(test, drbg_params))
goto err;
- /* This calls RAND_DRBG_reseed() internally when prediction_resistance = 1 */
+ /* This calls PROV_DRBG_reseed() internally when prediction_resistance = 1 */
if (!EVP_RAND_generate(drbg, out, t->expectedlen, strength,
prediction_resistance,
t->entropyaddin2, t->entropyaddin2len))
@@ -329,7 +329,7 @@ static int self_test_drbg(const ST_KAT_DRBG *t, OSSL_SELF_TEST *st,
if (!EVP_RAND_uninstantiate(drbg))
goto err;
/*
- * Check that the DRBG data has been zeroized after RAND_DRBG_uninstantiate.
+ * Check that the DRBG data has been zeroized after PROV_DRBG_uninstantiate.
*/
if (!EVP_RAND_verify_zeroization(drbg))
goto err;
diff --git a/providers/implementations/rands/drbg.c b/providers/implementations/rands/drbg.c
index 5d364b1a21..5a41647b33 100644
--- a/providers/implementations/rands/drbg.c
+++ b/providers/implementations/rands/drbg.c
@@ -133,10 +133,10 @@ static unsigned int get_parent_reseed_count(PROV_DRBG *drbg)
}
/*
- * Implements the get_entropy() callback (see RAND_DRBG_set_callbacks())
+ * Implements the get_entropy() callback
*
* If the DRBG has a parent, then the required amount of entropy input
- * is fetched using the parent's RAND_DRBG_generate().
+ * is fetched using the parent's PROV_DRBG_generate().
*
* Otherwise, the entropy is polled from the system entropy sources
* using prov_pool_acquire_entropy().
@@ -229,7 +229,7 @@ err:
}
/*
- * Implements the cleanup_entropy() callback (see RAND_DRBG_set_callbacks())
+ * Implements the cleanup_entropy() callback
*
*/
static void prov_drbg_cleanup_entropy(PROV_DRBG *drbg,
@@ -587,7 +587,7 @@ int PROV_DRBG_reseed(PROV_DRBG *drbg, int prediction_resistance,
}
if (ent != NULL) {
-#ifdef FIP_MODULE
+#ifdef FIPS_MODULE
/*
* NIST SP-800-90A mandates that entropy *shall not* be provided
* by the consuming application. Instead the data is added as additional
diff --git a/test/drbgtest.c b/test/drbgtest.c
index 2ded33aa7f..30c6b270d0 100644
--- a/test/drbgtest.c
+++ b/test/drbgtest.c
@@ -7,12 +7,6 @@
* https://www.openssl.org/source/license.html
*/
-/*
- * RAND_DRBG_set is deprecated for public use, but still ok for
- * internal use.
- */
-#include "internal/deprecated.h"
-
#include <string.h>
#include "internal/nelem.h"
#include <openssl/crypto.h>
diff --git a/util/libcrypto.num b/util/libcrypto.num
index efadadd94b..42bbb4bd04 100644
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -4198,17 +4198,6 @@ OSSL_STORE_LOADER_get0_engine 4287 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_
OPENSSL_fork_prepare 4288 3_0_0 EXIST:UNIX:FUNCTION:
OPENSSL_fork_parent 4289 3_0_0 EXIST:UNIX:FUNCTION:
OPENSSL_fork_child 4290 3_0_0 EXIST:UNIX:FUNCTION:
-RAND_DRBG_instantiate 4292 3_0_0 NOEXIST::FUNCTION:
-RAND_DRBG_uninstantiate 4293 3_0_0 NOEXIST::FUNCTION:
-RAND_DRBG_set 4295 3_0_0 NOEXIST::FUNCTION:DEPRECATEDIN_3_0
-RAND_DRBG_set_callbacks 4296 3_0_0 NOEXIST::FUNCTION:
-RAND_DRBG_new 4297 3_0_0 NOEXIST::FUNCTION:
-RAND_DRBG_set_reseed_interval 4298 3_0_0 NOEXIST::FUNCTION:
-RAND_DRBG_free 4299 3_0_0 NOEXIST::FUNCTION:
-RAND_DRBG_generate 4300 3_0_0 NOEXIST::FUNCTION:
-RAND_DRBG_reseed 4301 3_0_0 NOEXIST::FUNCTION:
-RAND_DRBG_set_ex_data 4302 3_0_0 NOEXIST::FUNCTION:
-RAND_DRBG_get_ex_data 4303 3_0_0 NOEXIST::FUNCTION:
EVP_sha3_224 4304 3_0_0 EXIST::FUNCTION:
EVP_sha3_256 4305 3_0_0 EXIST::FUNCTION:
EVP_sha3_384 4306 3_0_0 EXIST::FUNCTION:
@@ -4223,7 +4212,6 @@ SCRYPT_PARAMS_it 4314 3_0_0 EXIST::FUNCTION:SCRYPT
CRYPTO_secure_clear_free 4315 3_0_0 EXIST::FUNCTION:
EVP_PKEY_meth_get0 4316 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
EVP_PKEY_meth_get_count 4317 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
-RAND_DRBG_get0_public 4319 3_0_0 NOEXIST::FUNCTION:
RAND_priv_bytes 4320 3_0_0 EXIST::FUNCTION:
BN_priv_rand 4321 3_0_0 EXIST::FUNCTION:
BN_priv_rand_range 4322 3_0_0 EXIST::FUNCTION:
@@ -4233,7 +4221,6 @@ ASN1_TIME_compare 4325 3_0_0 EXIST::FUNCTION:
EVP_PKEY_CTX_ctrl_uint64 4326 3_0_0 EXIST::FUNCTION:
EVP_DigestFinalXOF 4327 3_0_0 EXIST::FUNCTION:
ERR_clear_last_mark 4328 3_0_0 EXIST::FUNCTION:
-RAND_DRBG_get0_private 4329 3_0_0 NOEXIST::FUNCTION:
EVP_aria_192_ccm 4330 3_0_0 EXIST::FUNCTION:ARIA
EVP_aria_256_gcm 4331 3_0_0 EXIST::FUNCTION:ARIA
EVP_aria_256_ccm 4332 3_0_0 EXIST::FUNCTION:ARIA
@@ -4281,8 +4268,6 @@ RSA_set0_multi_prime_params 4376 3_0_0 EXIST::FUNCTION:RSA
RSA_get_version 4377 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
RSA_meth_get_multi_prime_keygen 4378 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
RSA_meth_set_multi_prime_keygen 4379 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA
-RAND_DRBG_get0_master 4380 3_0_0 NOEXIST::FUNCTION:
-RAND_DRBG_set_reseed_time_interval 4381 3_0_0 NOEXIST::FUNCTION:
PROFESSION_INFO_get0_addProfessionInfo 4382 3_0_0 EXIST::FUNCTION:
ADMISSION_SYNTAX_free 4383 3_0_0 EXIST::FUNCTION:
d2i_ADMISSION_SYNTAX 4384 3_0_0 EXIST::FUNCTION:
@@ -4332,7 +4317,6 @@ ADMISSION_SYNTAX_new 4427 3_0_0 EXIST::FUNCTION:
EVP_sha512_256 4428 3_0_0 EXIST::FUNCTION:
EVP_sha512_224 4429 3_0_0 EXIST::FUNCTION:
OCSP_basic_sign_ctx 4430 3_0_0 EXIST::FUNCTION:OCSP
-RAND_DRBG_bytes 4431 3_0_0 NOEXIST::FUNCTION:
OSSL_STORE_vctrl 4433 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
OSSL_STORE_SEARCH_by_alias 4434 3_0_0 EXIST::FUNCTION:
BIO_bind 4435 3_0_0 EXIST::FUNCTION:SOCK
@@ -4352,13 +4336,11 @@ X509_get0_authority_key_id 4448 3_0_0 EXIST::FUNCTION:
OSSL_STORE_LOADER_set_find 4449 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
OSSL_STORE_SEARCH_free 4450 3_0_0 EXIST::FUNCTION:
OSSL_STORE_SEARCH_get0_digest 4451 3_0_0 EXIST::FUNCTION:
-RAND_DRBG_set_reseed_defaults 4452 3_0_0 NOEXIST::FUNCTION:
EVP_PKEY_new_raw_private_key 4453 3_0_0 EXIST::FUNCTION:
EVP_PKEY_new_raw_public_key 4454 3_0_0 EXIST::FUNCTION:
EVP_PKEY_new_CMAC_key 4455 3_0_0 EXIST::FUNCTION:
EVP_PKEY_asn1_set_set_priv_key 4456 3_0_0 EXIST::FUNCTION:
EVP_PKEY_asn1_set_set_pub_key 4457 3_0_0 EXIST::FUNCTION:
-RAND_DRBG_set_defaults 4458 3_0_0 NOEXIST::FUNCTION:
conf_ssl_name_find 4469 3_0_0 EXIST::FUNCTION:
conf_ssl_get_cmd 4470 3_0_0 EXIST::FUNCTION:
conf_ssl_get 4471 3_0_0 EXIST::FUNCTION:
@@ -4643,7 +4625,6 @@ OSSL_CMP_MSG_free ? 3_0_0 EXIST::FUNCTION:CMP
ERR_load_CMP_strings ? 3_0_0 EXIST::FUNCTION:CMP
EVP_MD_CTX_set_params ? 3_0_0 EXIST::FUNCTION:
EVP_MD_CTX_get_params ? 3_0_0 EXIST::FUNCTION:
-RAND_DRBG_new_ex ? 3_0_0 NOEXIST::FUNCTION:
OPENSSL_CTX_get0_primary_drbg ? 3_0_0 NOEXIST::FUNCTION:
OPENSSL_CTX_get0_public_drbg ? 3_0_0 NOEXIST::FUNCTION:
OPENSSL_CTX_get0_private_drbg ? 3_0_0 NOEXIST::FUNCTION:
@@ -4930,8 +4911,6 @@ EVP_PKEY_pairwise_check ? 3_0_0 EXIST::FUNCTION:
ASN1_item_verify_ctx ? 3_0_0 EXIST::FUNCTION:
ASN1_item_sign_with_libctx ? 3_0_0 EXIST::FUNCTION:
ASN1_item_verify_with_libctx ? 3_0_0 EXIST::FUNCTION:
-RAND_DRBG_set_callback_data ? 3_0_0 NOEXIST::FUNCTION:
-RAND_DRBG_get_callback_data ? 3_0_0 NOEXIST::FUNCTION:
BIO_socket_wait ? 3_0_0 EXIST::FUNCTION:SOCK
BIO_wait ? 3_0_0 EXIST::FUNCTION:
BIO_do_connect_retry ? 3_0_0 EXIST::FUNCTION:
@@ -5118,7 +5097,6 @@ EVP_RAND_enable_locking ? 3_0_0 EXIST::FUNCTION:
EVP_RAND_verify_zeroization ? 3_0_0 EXIST::FUNCTION:
EVP_RAND_strength ? 3_0_0 EXIST::FUNCTION:
EVP_RAND_state ? 3_0_0 EXIST::FUNCTION:
-RAND_DRBG_verify_zeroization ? 3_0_0 NOEXIST::FUNCTION:
EVP_default_properties_is_fips_enabled ? 3_0_0 EXIST::FUNCTION:
EVP_default_properties_enable_fips ? 3_0_0 EXIST::FUNCTION:
EVP_PKEY_new_raw_private_key_with_libctx ? 3_0_0 EXIST::FUNCTION:
diff --git a/util/other.syms b/util/other.syms
index 6dcc9b260c..0925d726d8 100644
--- a/util/other.syms
+++ b/util/other.syms
@@ -71,10 +71,6 @@ OSSL_STORE_post_process_info_fn datatype
OSSL_trace_cb datatype
PROFESSION_INFO datatype
PROFESSION_INFOS datatype
-RAND_DRBG_cleanup_entropy_fn datatype
-RAND_DRBG_cleanup_nonce_fn datatype
-RAND_DRBG_get_entropy_fn datatype
-RAND_DRBG_get_nonce_fn datatype
RAND_poll_cb datatype
SSL_CTX_allow_early_data_cb_fn datatype
SSL_CTX_keylog_cb_func datatype
@@ -427,7 +423,6 @@ PEM_FLAG_EAY_COMPATIBLE define
PEM_FLAG_ONLY_B64 define
PEM_FLAG_SECURE define
RAND_cleanup define deprecated 1.1.0
-RAND_DRBG_get_ex_new_index define
SSL_COMP_free_compression_methods define deprecated 1.1.0
SSL_CTX_add0_chain_cert define
SSL_CTX_add1_chain_cert define
More information about the openssl-commits
mailing list