提交 b262a002 编写于 作者: D Dr. Matthias St. Pierre

Replace the public RAND_DRBG_USED_FLAGS #define by an internal constant

The new DRBG API added the aforementioned #define. However, it is
used internally only and having it defined publicly does not serve
any purpose except causing potential version compatibility problems.

Fixes #7182
Reviewed-by: NMatt Caswell <matt@openssl.org>
Reviewed-by: NPaul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/7190)

(cherry picked from commit c402e943cd0d748ca2a74a37caeccdfc59ce2870)
上级 5538ba99
......@@ -82,6 +82,10 @@ static unsigned int slave_reseed_interval = SLAVE_RESEED_INTERVAL;
static time_t master_reseed_time_interval = MASTER_RESEED_TIME_INTERVAL;
static time_t slave_reseed_time_interval = SLAVE_RESEED_TIME_INTERVAL;
/* A logical OR of all used DRBG flag bits (currently there is only one) */
static const unsigned int rand_drbg_used_flags =
RAND_DRBG_FLAG_CTR_NO_DF;
static RAND_DRBG *drbg_setup(RAND_DRBG *parent);
static RAND_DRBG *rand_drbg_new(int secure,
......@@ -147,7 +151,7 @@ int RAND_DRBG_set_defaults(int type, unsigned int flags)
break;
}
if ((flags & ~RAND_DRBG_USED_FLAGS) != 0) {
if ((flags & ~rand_drbg_used_flags) != 0) {
RANDerr(RAND_F_RAND_DRBG_SET_DEFAULTS, RAND_R_UNSUPPORTED_DRBG_FLAGS);
return 0;
}
......
......@@ -13,14 +13,21 @@
# include <time.h>
# include <openssl/ossl_typ.h>
/*
* RAND_DRBG flags
*
* Note: if new flags are added, the constant `rand_drbg_used_flags`
* in drbg_lib.c needs to be updated accordingly.
*/
/* In CTR mode, disable derivation function ctr_df */
# define RAND_DRBG_FLAG_CTR_NO_DF 0x1
/* A logical OR of all used flag bits (currently there is only one) */
# define RAND_DRBG_USED_FLAGS ( \
RAND_DRBG_FLAG_CTR_NO_DF \
)
# if OPENSSL_API_COMPAT < 0x10200000L
/* This #define was replaced by an internal constant and should not be used. */
# define RAND_DRBG_USED_FLAGS (RAND_DRBG_FLAG_CTR_NO_DF)
# endif
/*
* Default security strength (in the sense of [NIST SP 800-90Ar1])
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册