diff options
| author | Pauli <paul.dale@oracle.com> | 2020-07-22 04:55:31 +0200 |
|---|---|---|
| committer | Pauli <paul.dale@oracle.com> | 2020-08-07 06:16:47 +0200 |
| commit | 7d615e2178fbffa53f05a67f68e5741374340308 (patch) | |
| tree | 8e5cdbb8c39e24727e64af790831980b2a5d9e6a /NEWS.md | |
| parent | PROV: Fix MSBLOB / PVK deserializer (diff) | |
| download | openssl-7d615e2178fbffa53f05a67f68e5741374340308.tar.xz openssl-7d615e2178fbffa53f05a67f68e5741374340308.zip | |
rand_drbg: remove RAND_DRBG.
The RAND_DRBG API did not fit well into the new provider concept as
implemented by EVP_RAND and EVP_RAND_CTX. The main reason is that the
RAND_DRBG API is a mixture of 'front end' and 'back end' API calls
and some of its API calls are rather low-level. This holds in particular
for the callback mechanism (RAND_DRBG_set_callbacks()) and the RAND_DRBG
type changing mechanism (RAND_DRBG_set()).
Adding a compatibility layer to continue supporting the RAND_DRBG API as
a legacy API for a regular deprecation period turned out to come at the
price of complicating the new provider API unnecessarily. Since the
RAND_DRBG API exists only since version 1.1.1, it was decided by the OMC
to drop it entirely.
Other related changes:
Use RNG instead of DRBG in EVP_RAND documentation. The documentation was
using DRBG in places where it should have been RNG or CSRNG.
Move the RAND_DRBG(7) documentation to EVP_RAND(7).
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/12509)
Diffstat (limited to 'NEWS.md')
| -rw-r--r-- | NEWS.md | 1 |
1 files changed, 1 insertions, 0 deletions
@@ -20,6 +20,7 @@ OpenSSL 3.0 ### Major changes between OpenSSL 1.1.1 and OpenSSL 3.0 [under development] + * Remove the `RAND_DRBG` API. * Deprecated the `ENGINE` API. * Added `OPENSSL_CTX`, a libcrypto library context. * Interactive mode is removed from the 'openssl' program. |