Reorganise DRBG API so the entropy and nonce callbacks can return a

[openssl.git] / fips / rand / fips_rand.h

diff --git a/fips/rand/fips_rand.h b/fips/rand/fips_rand.h
index b332549ff271a046075bf9852702dc62d9ecc8bc..f1e813680e1c405a877f4b1b43dab74141793096 100644 (file)
--- a/fips/rand/fips_rand.h
+++ b/fips/rand/fips_rand.h
@@ -90,10 +90,12 @@ int FIPS_drbg_uninstantiate(DRBG_CTX *dctx);
 void FIPS_drbg_free(DRBG_CTX *dctx);
 
 int FIPS_drbg_set_callbacks(DRBG_CTX *dctx,
-       size_t (*get_entropy)(DRBG_CTX *ctx, unsigned char *out,
+       size_t (*get_entropy)(DRBG_CTX *ctx, unsigned char **pout,
                                int entropy, size_t min_len, size_t max_len),
-       size_t (*get_nonce)(DRBG_CTX *ctx, unsigned char *out,
-                               int entropy, size_t min_len, size_t max_len));
+       void (*cleanup_entropy)(DRBG_CTX *ctx, unsigned char *out, size_t olen),
+       size_t (*get_nonce)(DRBG_CTX *ctx, unsigned char **pout,
+                               int entropy, size_t min_len, size_t max_len),
+       void (*cleanup_nonce)(DRBG_CTX *ctx, unsigned char *out, size_t olen));
 
 void *FIPS_drbg_get_app_data(DRBG_CTX *ctx);
 void FIPS_drbg_set_app_data(DRBG_CTX *ctx, void *app_data);