mbed TLS v3.3.0
Loading...
Searching...
No Matches
ctr_drbg.h
Go to the documentation of this file.
1
24/*
25 * Copyright The Mbed TLS Contributors
26 * SPDX-License-Identifier: Apache-2.0
27 *
28 * Licensed under the Apache License, Version 2.0 (the "License"); you may
29 * not use this file except in compliance with the License.
30 * You may obtain a copy of the License at
31 *
32 * http://www.apache.org/licenses/LICENSE-2.0
33 *
34 * Unless required by applicable law or agreed to in writing, software
35 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
36 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
37 * See the License for the specific language governing permissions and
38 * limitations under the License.
39 */
40
41#ifndef MBEDTLS_CTR_DRBG_H
42#define MBEDTLS_CTR_DRBG_H
44
45#include "mbedtls/build_info.h"
46
47#include "mbedtls/aes.h"
48
49#if defined(MBEDTLS_THREADING_C)
50#include "mbedtls/threading.h"
51#endif
52
54#define MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED -0x0034
56#define MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG -0x0036
58#define MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG -0x0038
60#define MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR -0x003A
61
62#define MBEDTLS_CTR_DRBG_BLOCKSIZE 16
64#if defined(MBEDTLS_CTR_DRBG_USE_128_BIT_KEY)
65#define MBEDTLS_CTR_DRBG_KEYSIZE 16
71#else
72#define MBEDTLS_CTR_DRBG_KEYSIZE 32
78#endif
79
80#define MBEDTLS_CTR_DRBG_KEYBITS ( MBEDTLS_CTR_DRBG_KEYSIZE * 8 )
81#define MBEDTLS_CTR_DRBG_SEEDLEN ( MBEDTLS_CTR_DRBG_KEYSIZE + MBEDTLS_CTR_DRBG_BLOCKSIZE )
96#if !defined(MBEDTLS_CTR_DRBG_ENTROPY_LEN)
97#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_ENTROPY_FORCE_SHA256)
101#define MBEDTLS_CTR_DRBG_ENTROPY_LEN 48
102
103#else /* defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_ENTROPY_FORCE_SHA256) */
104
109#if !defined(MBEDTLS_CTR_DRBG_USE_128_BIT_KEY)
113#endif /* !defined(MBEDTLS_CTR_DRBG_USE_128_BIT_KEY) */
114#define MBEDTLS_CTR_DRBG_ENTROPY_LEN 32
115#endif /* defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_ENTROPY_FORCE_SHA256) */
116#endif /* !defined(MBEDTLS_CTR_DRBG_ENTROPY_LEN) */
117
118#if !defined(MBEDTLS_CTR_DRBG_RESEED_INTERVAL)
119#define MBEDTLS_CTR_DRBG_RESEED_INTERVAL 10000
121#endif
122
123#if !defined(MBEDTLS_CTR_DRBG_MAX_INPUT)
124#define MBEDTLS_CTR_DRBG_MAX_INPUT 256
126#endif
127
128#if !defined(MBEDTLS_CTR_DRBG_MAX_REQUEST)
129#define MBEDTLS_CTR_DRBG_MAX_REQUEST 1024
131#endif
132
133#if !defined(MBEDTLS_CTR_DRBG_MAX_SEED_INPUT)
134#define MBEDTLS_CTR_DRBG_MAX_SEED_INPUT 384
136#endif
137
140#define MBEDTLS_CTR_DRBG_PR_OFF 0
142#define MBEDTLS_CTR_DRBG_PR_ON 1
145#ifdef __cplusplus
146extern "C" {
147#endif
148
149#if MBEDTLS_CTR_DRBG_ENTROPY_LEN >= MBEDTLS_CTR_DRBG_KEYSIZE * 3 / 2
156#define MBEDTLS_CTR_DRBG_ENTROPY_NONCE_LEN 0
157#else
164#define MBEDTLS_CTR_DRBG_ENTROPY_NONCE_LEN ( MBEDTLS_CTR_DRBG_ENTROPY_LEN + 1 ) / 2
165#endif
166
171{
172 unsigned char MBEDTLS_PRIVATE(counter)[16];
173 int MBEDTLS_PRIVATE(reseed_counter);
183 int MBEDTLS_PRIVATE(prediction_resistance);
187 size_t MBEDTLS_PRIVATE(entropy_len);
189 int MBEDTLS_PRIVATE(reseed_interval);
195 /*
196 * Callbacks (Entropy)
197 */
198 int (*MBEDTLS_PRIVATE(f_entropy))(void *, unsigned char *, size_t);
201 void *MBEDTLS_PRIVATE(p_entropy);
203#if defined(MBEDTLS_THREADING_C)
204 /* Invariant: the mutex is initialized if and only if f_entropy != NULL.
205 * This means that the mutex is initialized during the initial seeding
206 * in mbedtls_ctr_drbg_seed() and freed in mbedtls_ctr_drbg_free().
207 *
208 * Note that this invariant may change without notice. Do not rely on it
209 * and do not access the mutex directly in application code.
210 */
211 mbedtls_threading_mutex_t MBEDTLS_PRIVATE(mutex);
212#endif
213}
215
229
263#if MBEDTLS_CTR_DRBG_ENTROPY_NONCE_LEN == 0
268#else
274#endif
275#if defined(MBEDTLS_THREADING_C)
283#endif /* MBEDTLS_THREADING_C */
330 int (*f_entropy)(void *, unsigned char *, size_t),
331 void *p_entropy,
332 const unsigned char *custom,
333 size_t len );
334
342
357 int resistance );
358
384 size_t len );
385
406 size_t len );
407
421 int interval );
422
444 const unsigned char *additional, size_t len );
445
467 const unsigned char *additional,
468 size_t add_len );
469
502 unsigned char *output, size_t output_len,
503 const unsigned char *additional, size_t add_len );
504
511#if defined(MBEDTLS_THREADING_C)
518#endif /* MBEDTLS_THREADING_C */
529int mbedtls_ctr_drbg_random( void *p_rng,
530 unsigned char *output, size_t output_len );
531
532#if defined(MBEDTLS_FS_IO)
545
561#endif /* MBEDTLS_FS_IO */
562
563#if defined(MBEDTLS_SELF_TEST)
564
571int mbedtls_ctr_drbg_self_test( int verbose );
572
573#endif /* MBEDTLS_SELF_TEST */
574
575#ifdef __cplusplus
576}
577#endif
578
579#endif /* ctr_drbg.h */
This file contains AES definitions and functions.
Build-time configuration info.
int mbedtls_ctr_drbg_set_nonce_len(mbedtls_ctr_drbg_context *ctx, size_t len)
This function sets the amount of entropy grabbed as a nonce for the initial seeding.
int mbedtls_ctr_drbg_random_with_add(void *p_rng, unsigned char *output, size_t output_len, const unsigned char *additional, size_t add_len)
This function updates a CTR_DRBG instance with additional data and uses it to generate random data.
void mbedtls_ctr_drbg_free(mbedtls_ctr_drbg_context *ctx)
This function resets CTR_DRBG context to the state immediately after initial call of mbedtls_ctr_drbg...
int mbedtls_ctr_drbg_update_seed_file(mbedtls_ctr_drbg_context *ctx, const char *path)
This function reads and updates a seed file. The seed is added to this instance.
int mbedtls_ctr_drbg_reseed(mbedtls_ctr_drbg_context *ctx, const unsigned char *additional, size_t len)
This function reseeds the CTR_DRBG context, that is extracts data from the entropy source.
int mbedtls_ctr_drbg_self_test(int verbose)
The CTR_DRBG checkup routine.
void mbedtls_ctr_drbg_init(mbedtls_ctr_drbg_context *ctx)
This function initializes the CTR_DRBG context, and prepares it for mbedtls_ctr_drbg_seed() or mbedtl...
int mbedtls_ctr_drbg_update(mbedtls_ctr_drbg_context *ctx, const unsigned char *additional, size_t add_len)
This function updates the state of the CTR_DRBG context.
int mbedtls_ctr_drbg_seed(mbedtls_ctr_drbg_context *ctx, int(*f_entropy)(void *, unsigned char *, size_t), void *p_entropy, const unsigned char *custom, size_t len)
This function seeds and sets up the CTR_DRBG entropy source for future reseeds.
void mbedtls_ctr_drbg_set_prediction_resistance(mbedtls_ctr_drbg_context *ctx, int resistance)
This function turns prediction resistance on or off. The default value is off.
void mbedtls_ctr_drbg_set_reseed_interval(mbedtls_ctr_drbg_context *ctx, int interval)
This function sets the reseed interval.
void mbedtls_ctr_drbg_set_entropy_len(mbedtls_ctr_drbg_context *ctx, size_t len)
This function sets the amount of entropy grabbed on each seed or reseed.
int mbedtls_ctr_drbg_random(void *p_rng, unsigned char *output, size_t output_len)
This function uses CTR_DRBG to generate random data.
int mbedtls_ctr_drbg_write_seed_file(mbedtls_ctr_drbg_context *ctx, const char *path)
This function writes a seed file.
Macro wrapper for struct's members.
#define MBEDTLS_PRIVATE(member)
The AES context-type definition.
Definition: aes.h:76
The CTR_DRBG context structure.
Definition: ctr_drbg.h:171
Threading abstraction layer.