Remove duplicate CHANGES text.

[oweals/openssl.git] / include / openssl / rand_drbg.h

diff --git a/include/openssl/rand_drbg.h b/include/openssl/rand_drbg.h
index 790dca5e8802a6bec8e39563060f4f5bbdb4bfdb..45b731b73c261e319dcdb508a4af4671ebbd8a72 100644 (file)
--- a/include/openssl/rand_drbg.h
+++ b/include/openssl/rand_drbg.h
@@ -12,23 +12,31 @@
 
 # include <time.h>
 # include <openssl/ossl_typ.h>
+# include <openssl/obj_mac.h>
 
+/*
+ * RAND_DRBG  flags
+ *
+ * Note: if new flags are added, the constant `rand_drbg_used_flags`
+ *       in drbg_lib.c needs to be updated accordingly.
+ */
 
 /* In CTR mode, disable derivation function ctr_df */
 # define RAND_DRBG_FLAG_CTR_NO_DF            0x1
 
-/* A logical OR of all used flag bits (currently there is only one) */
-# define RAND_DRBG_USED_FLAGS  ( \
-    RAND_DRBG_FLAG_CTR_NO_DF \
-                                 )
+
+# if OPENSSL_API_COMPAT < 0x10200000L
+/* This #define was replaced by an internal constant and should not be used. */
+#  define RAND_DRBG_USED_FLAGS  (RAND_DRBG_FLAG_CTR_NO_DF)
+# endif
 
 /*
  * Default security strength (in the sense of [NIST SP 800-90Ar1])
  *
  * NIST SP 800-90Ar1 supports the strength of the DRBG being smaller than that
- * of the cipher by collecting less entropy. The current DRBG implemantion does
- * not take RAND_DRBG_STRENGTH into account and sets the strength of the DRBG
- * to that of the cipher.
+ * of the cipher by collecting less entropy. The current DRBG implementation
+ * does not take RAND_DRBG_STRENGTH into account and sets the strength of the
+ * DRBG to that of the cipher.
  *
  * RAND_DRBG_STRENGTH is currently only used for the legacy RAND
  * implementation.
@@ -37,7 +45,9 @@
  * NID_aes_256_ctr
  */
 # define RAND_DRBG_STRENGTH             256
+/* Default drbg type */
 # define RAND_DRBG_TYPE                 NID_aes_256_ctr
+/* Default drbg flags */
 # define RAND_DRBG_FLAGS                0
 
 
@@ -87,26 +97,26 @@ RAND_DRBG *RAND_DRBG_get0_private(void);
  */
 # define RAND_DRBG_get_ex_new_index(l, p, newf, dupf, freef) \
     CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_DRBG, l, p, newf, dupf, freef)
-int RAND_DRBG_set_ex_data(RAND_DRBG *dctx, int idx, void *arg);
-void *RAND_DRBG_get_ex_data(const RAND_DRBG *dctx, int idx);
+int RAND_DRBG_set_ex_data(RAND_DRBG *drbg, int idx, void *arg);
+void *RAND_DRBG_get_ex_data(const RAND_DRBG *drbg, int idx);
 
 /*
  * Callback function typedefs
  */
-typedef size_t (*RAND_DRBG_get_entropy_fn)(RAND_DRBG *ctx,
+typedef size_t (*RAND_DRBG_get_entropy_fn)(RAND_DRBG *drbg,
                                            unsigned char **pout,
                                            int entropy, size_t min_len,
                                            size_t max_len,
                                            int prediction_resistance);
 typedef void (*RAND_DRBG_cleanup_entropy_fn)(RAND_DRBG *ctx,
                                              unsigned char *out, size_t outlen);
-typedef size_t (*RAND_DRBG_get_nonce_fn)(RAND_DRBG *ctx, unsigned char **pout,
+typedef size_t (*RAND_DRBG_get_nonce_fn)(RAND_DRBG *drbg, unsigned char **pout,
                                          int entropy, size_t min_len,
                                          size_t max_len);
-typedef void (*RAND_DRBG_cleanup_nonce_fn)(RAND_DRBG *ctx,
+typedef void (*RAND_DRBG_cleanup_nonce_fn)(RAND_DRBG *drbg,
                                            unsigned char *out, size_t outlen);
 
-int RAND_DRBG_set_callbacks(RAND_DRBG *dctx,
+int RAND_DRBG_set_callbacks(RAND_DRBG *drbg,
                             RAND_DRBG_get_entropy_fn get_entropy,
                             RAND_DRBG_cleanup_entropy_fn cleanup_entropy,
                             RAND_DRBG_get_nonce_fn get_nonce,