Google Git
Sign in
boringssl/boringssl.git/22000608d079c0ce802c92701d77b649e6925caa^!/.
commit
22000608d079c0ce802c92701d77b649e6925caa
[log]
author
David Benjamin <davidben@google.com>
Thu Jul 13 13:47:32 2023 -0400
committer
Boringssl LUCI CQ <boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com>
Thu Jul 13 18:36:40 2023 +0000
tree
64abc41833d04ec0062ca6cd0e87e899d6297f2a
parent
d43fef7cd52fc6c689ee919b2e97fff920a4c18c [diff]
Temporarily disable the Trusty CRYPTO_sysrand implementation

This effectively reverts
https://boringssl-review.googlesource.com/c/boringssl/+/61465, as a
temporary workaround for b/291102972. Once the broken
libcrypto_baremetal target in Android is fixed, we'll restore this file.

Bug: b:291102972
Change-Id: I830b61219e863cd7a72858a44df5fd958b023fd0
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/61585
Commit-Queue: Bob Beck <bbe@google.com>
Reviewed-by: Bob Beck <bbe@google.com>
Auto-Submit: David Benjamin <davidben@google.com>

diff --git a/crypto/fipsmodule/rand/internal.h b/crypto/fipsmodule/rand/internal.h
index 91bbe58..029e0f7 100644
--- a/crypto/fipsmodule/rand/internal.h
+++ b/crypto/fipsmodule/rand/internal.h

@@ -29,7 +29,10 @@
 #if defined(BORINGSSL_UNSAFE_DETERMINISTIC_MODE)
 #define OPENSSL_RAND_DETERMINISTIC
 #elif defined(OPENSSL_TRUSTY)
-#define OPENSSL_RAND_TRUSTY
+// TODO(b/291102972): This should define OPENSSL_RAND_TRUSTY to activate the
+// Trusty RNG implementation. However, due to a different, non-Trusty target
+// incorrectly defining __TRUSTY__, things will break if we follow our standard
+// pattern here.
 #elif defined(OPENSSL_WINDOWS)
 #define OPENSSL_RAND_WINDOWS
 #elif defined(OPENSSL_LINUX)