ctr_drbg.h File Reference

CTR_DRBG based on AES-256 (NIST SP 800-90). More...

#include <string.h>
#include "aes.h"
Include dependency graph for ctr_drbg.h:
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Data Structures

struct  ctr_drbg_context
 CTR_DRBG context structure. More...

Defines

#define POLARSSL_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED   -0x0034
 The entropy source failed.
#define POLARSSL_ERR_CTR_DRBG_REQUEST_TOO_BIG   -0x0036
 Too many random requested in single call.
#define POLARSSL_ERR_CTR_DRBG_INPUT_TOO_BIG   -0x0038
 Input too large (Entropy + additional).
#define POLARSSL_ERR_CTR_DRBG_FILE_IO_ERROR   -0x003A
 Read/write error in file.
#define CTR_DRBG_BLOCKSIZE   16
 Block size used by the cipher.
#define CTR_DRBG_KEYSIZE   32
 Key size used by the cipher.
#define CTR_DRBG_KEYBITS   ( CTR_DRBG_KEYSIZE * 8 )
#define CTR_DRBG_SEEDLEN   ( CTR_DRBG_KEYSIZE + CTR_DRBG_BLOCKSIZE )
 The seed length (counter + AES key).
#define CTR_DRBG_ENTROPY_LEN   48
 Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256).
#define CTR_DRBG_RESEED_INTERVAL   10000
 Interval before reseed is performed by default.
#define CTR_DRBG_MAX_INPUT   256
 Maximum number of additional input bytes.
#define CTR_DRBG_MAX_REQUEST   1024
 Maximum number of requested bytes per call.
#define CTR_DRBG_MAX_SEED_INPUT   384
 Maximum size of (re)seed buffer.
#define CTR_DRBG_PR_OFF   0
 No prediction resistance.
#define CTR_DRBG_PR_ON   1
 Prediction resistance enabled.

Functions

int ctr_drbg_init (ctr_drbg_context *ctx, int(*f_entropy)(void *, unsigned char *, size_t), void *p_entropy, const unsigned char *custom, size_t len)
 CTR_DRBG initialization.
void ctr_drbg_set_prediction_resistance (ctr_drbg_context *ctx, int resistance)
 Enable / disable prediction resistance (Default: Off).
void ctr_drbg_set_entropy_len (ctr_drbg_context *ctx, size_t len)
 Set the amount of entropy grabbed on each (re)seed (Default: CTR_DRBG_ENTROPY_LEN).
void ctr_drbg_set_reseed_interval (ctr_drbg_context *ctx, int interval)
 Set the reseed interval (Default: CTR_DRBG_RESEED_INTERVAL).
int ctr_drbg_reseed (ctr_drbg_context *ctx, const unsigned char *additional, size_t len)
 CTR_DRBG reseeding (extracts data from entropy source).
void ctr_drbg_update (ctr_drbg_context *ctx, const unsigned char *additional, size_t add_len)
 CTR_DRBG update state.
int ctr_drbg_random_with_add (void *p_rng, unsigned char *output, size_t output_len, const unsigned char *additional, size_t add_len)
 CTR_DRBG generate random with additional update input.
int ctr_drbg_random (void *p_rng, unsigned char *output, size_t output_len)
 CTR_DRBG generate random.
int ctr_drbg_write_seed_file (ctr_drbg_context *ctx, const char *path)
 Write a seed file.
int ctr_drbg_update_seed_file (ctr_drbg_context *ctx, const char *path)
 Read and update a seed file.
int ctr_drbg_self_test (int verbose)
 Checkup routine.
int ctr_drbg_init_entropy_len (ctr_drbg_context *, int(*)(void *, unsigned char *, size_t), void *, const unsigned char *, size_t, size_t)

Detailed Description

CTR_DRBG based on AES-256 (NIST SP 800-90).

Copyright (C) 2006-2013, Brainspark B.V.

This file is part of PolarSSL (http://www.polarssl.org) Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>

All rights reserved.

This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.

Definition in file ctr_drbg.h.


Define Documentation

#define CTR_DRBG_BLOCKSIZE   16

Block size used by the cipher.

Definition at line 39 of file ctr_drbg.h.

Referenced by block_cipher_df(), ctr_drbg_random_with_add(), ctr_drbg_self_test(), and ctr_drbg_update_internal().

#define CTR_DRBG_ENTROPY_LEN   48

Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256).

Definition at line 47 of file ctr_drbg.h.

Referenced by ctr_drbg_init().

#define CTR_DRBG_KEYBITS   ( CTR_DRBG_KEYSIZE * 8 )

Definition at line 41 of file ctr_drbg.h.

Referenced by block_cipher_df(), ctr_drbg_init_entropy_len(), and ctr_drbg_update_internal().

#define CTR_DRBG_KEYSIZE   32

Key size used by the cipher.

Definition at line 40 of file ctr_drbg.h.

Referenced by block_cipher_df(), ctr_drbg_init_entropy_len(), and ctr_drbg_update_internal().

#define CTR_DRBG_MAX_INPUT   256

Maximum number of additional input bytes.

Definition at line 52 of file ctr_drbg.h.

Referenced by ctr_drbg_random_with_add(), ctr_drbg_update_seed_file(), and ctr_drbg_write_seed_file().

#define CTR_DRBG_MAX_REQUEST   1024

Maximum number of requested bytes per call.

Definition at line 53 of file ctr_drbg.h.

Referenced by ctr_drbg_random_with_add().

#define CTR_DRBG_MAX_SEED_INPUT   384

Maximum size of (re)seed buffer.

Definition at line 54 of file ctr_drbg.h.

Referenced by block_cipher_df(), and ctr_drbg_reseed().

#define CTR_DRBG_PR_OFF   0

No prediction resistance.

Definition at line 57 of file ctr_drbg.h.

#define CTR_DRBG_PR_ON   1

Prediction resistance enabled.

Definition at line 58 of file ctr_drbg.h.

Referenced by ctr_drbg_self_test(), and test_suite_ctr_drbg_validate_pr().

#define CTR_DRBG_RESEED_INTERVAL   10000

Interval before reseed is performed by default.

Definition at line 51 of file ctr_drbg.h.

Referenced by ctr_drbg_init_entropy_len().

#define CTR_DRBG_SEEDLEN   ( CTR_DRBG_KEYSIZE + CTR_DRBG_BLOCKSIZE )

The seed length (counter + AES key).

Definition at line 42 of file ctr_drbg.h.

Referenced by block_cipher_df(), ctr_drbg_random_with_add(), and ctr_drbg_update().

#define POLARSSL_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED   -0x0034

The entropy source failed.

Definition at line 34 of file ctr_drbg.h.

Referenced by ctr_drbg_reseed(), and polarssl_strerror().

#define POLARSSL_ERR_CTR_DRBG_FILE_IO_ERROR   -0x003A

Read/write error in file.

Definition at line 37 of file ctr_drbg.h.

Referenced by ctr_drbg_update_seed_file(), ctr_drbg_write_seed_file(), and polarssl_strerror().

#define POLARSSL_ERR_CTR_DRBG_INPUT_TOO_BIG   -0x0038

Input too large (Entropy + additional).

Definition at line 36 of file ctr_drbg.h.

Referenced by ctr_drbg_random_with_add(), ctr_drbg_reseed(), ctr_drbg_update_seed_file(), and polarssl_strerror().

#define POLARSSL_ERR_CTR_DRBG_REQUEST_TOO_BIG   -0x0036

Too many random requested in single call.

Definition at line 35 of file ctr_drbg.h.

Referenced by ctr_drbg_random_with_add(), and polarssl_strerror().


Function Documentation

int ctr_drbg_init ( ctr_drbg_context ctx,
int(*)(void *, unsigned char *, size_t)  f_entropy,
void *  p_entropy,
const unsigned char *  custom,
size_t  len 
)

CTR_DRBG initialization.

Note: Personalization data can be provided in addition to the more generic entropy source to make this instantiation as unique as possible.

Parameters:
ctx CTR_DRBG context to be initialized
f_entropy Entropy callback (p_entropy, buffer to fill, buffer length)
p_entropy Entropy context
custom Personalization data (Device specific identifiers) (Can be NULL)
len Length of personalization data
Returns:
0 if successful, or POLARSSL_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED

Definition at line 76 of file ctr_drbg.c.

References CTR_DRBG_ENTROPY_LEN, and ctr_drbg_init_entropy_len().

int ctr_drbg_init_entropy_len ( ctr_drbg_context ,
int(*)(void *, unsigned char *, size_t)  ,
void *  ,
const unsigned char *  ,
size_t  ,
size_t   
)
int ctr_drbg_random ( void *  p_rng,
unsigned char *  output,
size_t  output_len 
)

CTR_DRBG generate random.

Note: Automatically reseeds if reseed_counter is reached.

Parameters:
p_rng CTR_DRBG context
output Buffer to fill
output_len Length of the buffer
Returns:
0 if successful, or POLARSSL_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED, or POLARSSL_ERR_CTR_DRBG_REQUEST_TOO_BIG

Definition at line 345 of file ctr_drbg.c.

References ctr_drbg_random_with_add().

Referenced by ctr_drbg_self_test(), and ctr_drbg_write_seed_file().

int ctr_drbg_random_with_add ( void *  p_rng,
unsigned char *  output,
size_t  output_len,
const unsigned char *  additional,
size_t  add_len 
)

CTR_DRBG generate random with additional update input.

Note: Automatically reseeds if reseed_counter is reached.

Parameters:
p_rng CTR_DRBG context
output Buffer to fill
output_len Length of the buffer
additional Additional data to update with (Can be NULL)
add_len Length of additional data
Returns:
0 if successful, or POLARSSL_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED, or POLARSSL_ERR_CTR_DRBG_REQUEST_TOO_BIG

Definition at line 280 of file ctr_drbg.c.

References aes_crypt_ecb(), ctr_drbg_context::aes_ctx, AES_ENCRYPT, block_cipher_df(), ctr_drbg_context::counter, CTR_DRBG_BLOCKSIZE, CTR_DRBG_MAX_INPUT, CTR_DRBG_MAX_REQUEST, ctr_drbg_reseed(), CTR_DRBG_SEEDLEN, ctr_drbg_update_internal(), POLARSSL_ERR_CTR_DRBG_INPUT_TOO_BIG, POLARSSL_ERR_CTR_DRBG_REQUEST_TOO_BIG, ctr_drbg_context::prediction_resistance, ctr_drbg_context::reseed_counter, and ctr_drbg_context::reseed_interval.

Referenced by ctr_drbg_random(), test_suite_ctr_drbg_validate_nopr(), and test_suite_ctr_drbg_validate_pr().

int ctr_drbg_reseed ( ctr_drbg_context ctx,
const unsigned char *  additional,
size_t  len 
)

CTR_DRBG reseeding (extracts data from entropy source).

Parameters:
ctx CTR_DRBG context
additional Additional data to add to state (Can be NULL)
len Length of additional data
Returns:
0 if successful, or POLARSSL_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED

Definition at line 235 of file ctr_drbg.c.

References block_cipher_df(), CTR_DRBG_MAX_SEED_INPUT, ctr_drbg_update_internal(), ctr_drbg_context::entropy_len, ctr_drbg_context::f_entropy, ctr_drbg_context::p_entropy, POLARSSL_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED, POLARSSL_ERR_CTR_DRBG_INPUT_TOO_BIG, and ctr_drbg_context::reseed_counter.

Referenced by ctr_drbg_init_entropy_len(), ctr_drbg_random_with_add(), ctr_drbg_self_test(), and test_suite_ctr_drbg_validate_nopr().

int ctr_drbg_self_test ( int  verbose  ) 

Checkup routine.

Returns:
0 if successful, or 1 if the test failed

Definition at line 466 of file ctr_drbg.c.

References CTR_DRBG_BLOCKSIZE, ctr_drbg_init_entropy_len(), CTR_DRBG_PR_ON, ctr_drbg_random(), ctr_drbg_reseed(), ctr_drbg_self_test_entropy(), and ctr_drbg_set_prediction_resistance().

void ctr_drbg_set_entropy_len ( ctr_drbg_context ctx,
size_t  len 
)

Set the amount of entropy grabbed on each (re)seed (Default: CTR_DRBG_ENTROPY_LEN).

Parameters:
ctx CTR_DRBG context
len Amount of entropy to grab

Definition at line 91 of file ctr_drbg.c.

References ctr_drbg_context::entropy_len.

void ctr_drbg_set_prediction_resistance ( ctr_drbg_context ctx,
int  resistance 
)

Enable / disable prediction resistance (Default: Off).

Note: If enabled, entropy is used for ctx->entropy_len before each call! Only use this if you have ample supply of good entropy!

Parameters:
ctx CTR_DRBG context
resistance CTR_DRBG_PR_ON or CTR_DRBG_PR_OFF

Definition at line 86 of file ctr_drbg.c.

References ctr_drbg_context::prediction_resistance.

Referenced by ctr_drbg_self_test(), and test_suite_ctr_drbg_validate_pr().

void ctr_drbg_set_reseed_interval ( ctr_drbg_context ctx,
int  interval 
)

Set the reseed interval (Default: CTR_DRBG_RESEED_INTERVAL).

Parameters:
ctx CTR_DRBG context
interval Reseed interval

Definition at line 96 of file ctr_drbg.c.

References ctr_drbg_context::reseed_interval.

void ctr_drbg_update ( ctr_drbg_context ctx,
const unsigned char *  additional,
size_t  add_len 
)

CTR_DRBG update state.

Parameters:
ctx CTR_DRBG context
additional Additional data to update state with
add_len Length of additional data

Definition at line 223 of file ctr_drbg.c.

References block_cipher_df(), CTR_DRBG_SEEDLEN, and ctr_drbg_update_internal().

Referenced by ctr_drbg_update_seed_file().

int ctr_drbg_update_seed_file ( ctr_drbg_context ctx,
const char *  path 
)

Read and update a seed file.

Seed is added to this instance

Parameters:
ctx CTR_DRBG context
path Name of the file
Returns:
0 if successful, 1 on file error, POLARSSL_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED or POLARSSL_ERR_CTR_DRBG_INPUT_TOO_BIG

Definition at line 376 of file ctr_drbg.c.

References CTR_DRBG_MAX_INPUT, ctr_drbg_update(), ctr_drbg_write_seed_file(), POLARSSL_ERR_CTR_DRBG_FILE_IO_ERROR, and POLARSSL_ERR_CTR_DRBG_INPUT_TOO_BIG.

int ctr_drbg_write_seed_file ( ctr_drbg_context ctx,
const char *  path 
)

Write a seed file.

Parameters:
ctx CTR_DRBG context
path Name of the file
Returns:
0 if successful, 1 on file error, or POLARSSL_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED

Definition at line 351 of file ctr_drbg.c.

References CTR_DRBG_MAX_INPUT, ctr_drbg_random(), and POLARSSL_ERR_CTR_DRBG_FILE_IO_ERROR.

Referenced by ctr_drbg_update_seed_file().


Generated on 9 Apr 2014 for PolarSSL v1.3.2 by  doxygen 1.6.1