Google Git
Sign in
boringssl/boringssl.git/6738d477b8763abf38f6d1b60b6d799167ce9c8c^!/.
commit
6738d477b8763abf38f6d1b60b6d799167ce9c8c
[log]
author
David Benjamin <davidben@google.com>
Mon Jul 31 13:19:54 2023 -0700
committer
Boringssl LUCI CQ <boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com>
Tue Aug 01 01:17:59 2023 +0000
tree
f6d64e2c343a7fd3eb0b470883901dd879eeb854
parent
8dec463a609706480a6ae9057702ec662843acc2 [diff]
Restore OPENSSL_RAND_TRUSTY

With b/291102972 resolved, we can try this again.

Bug: 629, b:291102972
Change-Id: Ic04d1855f185ead6ae2e151dcc56493afce40b4f
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/62105
Auto-Submit: David Benjamin <davidben@google.com>
Reviewed-by: Bob Beck <bbe@google.com>
Commit-Queue: Bob Beck <bbe@google.com>

diff --git a/crypto/fipsmodule/rand/internal.h b/crypto/fipsmodule/rand/internal.h
index 029e0f7..91bbe58 100644
--- a/crypto/fipsmodule/rand/internal.h
+++ b/crypto/fipsmodule/rand/internal.h

@@ -29,10 +29,7 @@
 #if defined(BORINGSSL_UNSAFE_DETERMINISTIC_MODE)
 #define OPENSSL_RAND_DETERMINISTIC
 #elif defined(OPENSSL_TRUSTY)
-// TODO(b/291102972): This should define OPENSSL_RAND_TRUSTY to activate the
-// Trusty RNG implementation. However, due to a different, non-Trusty target
-// incorrectly defining __TRUSTY__, things will break if we follow our standard
-// pattern here.
+#define OPENSSL_RAND_TRUSTY
 #elif defined(OPENSSL_WINDOWS)
 #define OPENSSL_RAND_WINDOWS
 #elif defined(OPENSSL_LINUX)

diff --git a/include/openssl/base.h b/include/openssl/base.h
index 87ffe21..97a17bb 100644
--- a/include/openssl/base.h
+++ b/include/openssl/base.h

@@ -108,7 +108,7 @@
 // A consumer may use this symbol in the preprocessor to temporarily build
 // against multiple revisions of BoringSSL at the same time. It is not
 // recommended to do so for longer than is necessary.
-#define BORINGSSL_API_VERSION 25
+#define BORINGSSL_API_VERSION 26
 
 #if defined(BORINGSSL_SHARED_LIBRARY)