diff options
author | Pauli <paul.dale@oracle.com> | 2020-07-22 12:55:31 +1000 |
---|---|---|
committer | Pauli <paul.dale@oracle.com> | 2020-08-07 14:16:47 +1000 |
commit | 7d615e2178fbffa53f05a67f68e5741374340308 (patch) | |
tree | 8e5cdbb8c39e24727e64af790831980b2a5d9e6a /doc/man1 | |
parent | 4df0d37ff6cc399b93f9ef2524d087c2d67d41b5 (diff) | |
download | openssl-7d615e2178fbffa53f05a67f68e5741374340308.tar.gz |
rand_drbg: remove RAND_DRBG.
The RAND_DRBG API did not fit well into the new provider concept as
implemented by EVP_RAND and EVP_RAND_CTX. The main reason is that the
RAND_DRBG API is a mixture of 'front end' and 'back end' API calls
and some of its API calls are rather low-level. This holds in particular
for the callback mechanism (RAND_DRBG_set_callbacks()) and the RAND_DRBG
type changing mechanism (RAND_DRBG_set()).
Adding a compatibility layer to continue supporting the RAND_DRBG API as
a legacy API for a regular deprecation period turned out to come at the
price of complicating the new provider API unnecessarily. Since the
RAND_DRBG API exists only since version 1.1.1, it was decided by the OMC
to drop it entirely.
Other related changes:
Use RNG instead of DRBG in EVP_RAND documentation. The documentation was
using DRBG in places where it should have been RNG or CSRNG.
Move the RAND_DRBG(7) documentation to EVP_RAND(7).
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/12509)
Diffstat (limited to 'doc/man1')
-rw-r--r-- | doc/man1/openssl-rand.pod.in | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/doc/man1/openssl-rand.pod.in b/doc/man1/openssl-rand.pod.in index 67696ee413..cd799b7bd0 100644 --- a/doc/man1/openssl-rand.pod.in +++ b/doc/man1/openssl-rand.pod.in @@ -28,7 +28,7 @@ The random bytes are generated using the L<RAND_bytes(3)> function, which provides a security level of 256 bits, provided it managed to seed itself successfully from a trusted operating system entropy source. Otherwise, the command will fail with a nonzero error code. -For more details, see L<RAND_bytes(3)>, L<RAND(7)>, and L<RAND_DRBG(7)>. +For more details, see L<RAND_bytes(3)>, L<RAND(7)>, and L<EVP_RAND(7)>. =head1 OPTIONS @@ -63,7 +63,7 @@ Show the output as a hex string. L<openssl(1)>, L<RAND_bytes(3)>, L<RAND(7)>, -L<RAND_DRBG(7)> +L<EVP_RAND(7)> =head1 HISTORY |