Mbed TLS v3.6.1
hmac_drbg.h
Go to the documentation of this file.
1 
10 /*
11  * Copyright The Mbed TLS Contributors
12  * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
13  */
14 #ifndef MBEDTLS_HMAC_DRBG_H
15 #define MBEDTLS_HMAC_DRBG_H
16 #include "mbedtls/private_access.h"
17 
18 #include "mbedtls/build_info.h"
19 
20 #include "mbedtls/md.h"
21 
22 #if defined(MBEDTLS_THREADING_C)
23 #include "mbedtls/threading.h"
24 #endif
25 
26 /*
27  * Error codes
28  */
30 #define MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG -0x0003
32 #define MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG -0x0005
34 #define MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR -0x0007
36 #define MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED -0x0009
37 
46 #if !defined(MBEDTLS_HMAC_DRBG_RESEED_INTERVAL)
47 #define MBEDTLS_HMAC_DRBG_RESEED_INTERVAL 10000
48 #endif
49 
50 #if !defined(MBEDTLS_HMAC_DRBG_MAX_INPUT)
51 #define MBEDTLS_HMAC_DRBG_MAX_INPUT 256
52 #endif
53 
54 #if !defined(MBEDTLS_HMAC_DRBG_MAX_REQUEST)
55 #define MBEDTLS_HMAC_DRBG_MAX_REQUEST 1024
56 #endif
57 
58 #if !defined(MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT)
59 #define MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT 384
60 #endif
61 
64 #define MBEDTLS_HMAC_DRBG_PR_OFF 0
65 #define MBEDTLS_HMAC_DRBG_PR_ON 1
67 #ifdef __cplusplus
68 extern "C" {
69 #endif
70 
74 typedef struct mbedtls_hmac_drbg_context {
75  /* Working state: the key K is not stored explicitly,
76  * but is implied by the HMAC context */
79  int MBEDTLS_PRIVATE(reseed_counter);
81  /* Administrative state */
82  size_t MBEDTLS_PRIVATE(entropy_len);
83  int MBEDTLS_PRIVATE(prediction_resistance);
85  int MBEDTLS_PRIVATE(reseed_interval);
87  /* Callbacks */
88  int(*MBEDTLS_PRIVATE(f_entropy))(void *, unsigned char *, size_t);
89  void *MBEDTLS_PRIVATE(p_entropy);
91 #if defined(MBEDTLS_THREADING_C)
92  /* Invariant: the mutex is initialized if and only if
93  * md_ctx->md_info != NULL. This means that the mutex is initialized
94  * during the initial seeding in mbedtls_hmac_drbg_seed() or
95  * mbedtls_hmac_drbg_seed_buf() and freed in mbedtls_ctr_drbg_free().
96  *
97  * Note that this invariant may change without notice. Do not rely on it
98  * and do not access the mutex directly in application code.
99  */
101 #endif
103 
117 
150 #if defined(MBEDTLS_THREADING_C)
158 #endif /* MBEDTLS_THREADING_C */
187  const mbedtls_md_info_t *md_info,
188  int (*f_entropy)(void *, unsigned char *, size_t),
189  void *p_entropy,
190  const unsigned char *custom,
191  size_t len);
192 
199 #if defined(MBEDTLS_THREADING_C)
207 #endif /* MBEDTLS_THREADING_C */
222  const mbedtls_md_info_t *md_info,
223  const unsigned char *data, size_t data_len);
224 
239  int resistance);
240 
251  size_t len);
252 
266  int interval);
267 
286  const unsigned char *additional, size_t add_len);
287 
313  const unsigned char *additional, size_t len);
314 
347  unsigned char *output, size_t output_len,
348  const unsigned char *additional,
349  size_t add_len);
350 
357 #if defined(MBEDTLS_THREADING_C)
364 #endif /* MBEDTLS_THREADING_C */
378 int mbedtls_hmac_drbg_random(void *p_rng, unsigned char *output, size_t out_len);
379 
387 
388 #if defined(MBEDTLS_FS_IO)
401 
417 #endif /* MBEDTLS_FS_IO */
418 
419 
420 #if defined(MBEDTLS_SELF_TEST)
428 #endif
429 
430 #ifdef __cplusplus
431 }
432 #endif
433 
434 #endif /* hmac_drbg.h */
int mbedtls_hmac_drbg_update_seed_file(mbedtls_hmac_drbg_context *ctx, const char *path)
This function reads and updates a seed file. The seed is added to this instance.
void mbedtls_hmac_drbg_set_prediction_resistance(mbedtls_hmac_drbg_context *ctx, int resistance)
This function turns prediction resistance on or off. The default value is off.
int mbedtls_hmac_drbg_seed(mbedtls_hmac_drbg_context *ctx, const mbedtls_md_info_t *md_info, int(*f_entropy)(void *, unsigned char *, size_t), void *p_entropy, const unsigned char *custom, size_t len)
HMAC_DRBG initial seeding.
int mbedtls_hmac_drbg_reseed(mbedtls_hmac_drbg_context *ctx, const unsigned char *additional, size_t len)
This function reseeds the HMAC_DRBG context, that is extracts data from the entropy source.
void mbedtls_hmac_drbg_init(mbedtls_hmac_drbg_context *ctx)
HMAC_DRBG context initialization.
void mbedtls_hmac_drbg_set_reseed_interval(mbedtls_hmac_drbg_context *ctx, int interval)
Set the reseed interval.
int mbedtls_hmac_drbg_self_test(int verbose)
The HMAC_DRBG Checkup routine.
void mbedtls_hmac_drbg_free(mbedtls_hmac_drbg_context *ctx)
This function resets HMAC_DRBG context to the state immediately after initial call of mbedtls_hmac_dr...
int mbedtls_hmac_drbg_seed_buf(mbedtls_hmac_drbg_context *ctx, const mbedtls_md_info_t *md_info, const unsigned char *data, size_t data_len)
Initialisation of simplified HMAC_DRBG (never reseeds).
void mbedtls_hmac_drbg_set_entropy_len(mbedtls_hmac_drbg_context *ctx, size_t len)
This function sets the amount of entropy grabbed on each seed or reseed.
int mbedtls_hmac_drbg_write_seed_file(mbedtls_hmac_drbg_context *ctx, const char *path)
This function writes a seed file.
int mbedtls_hmac_drbg_random_with_add(void *p_rng, unsigned char *output, size_t output_len, const unsigned char *additional, size_t add_len)
This function updates an HMAC_DRBG instance with additional data and uses it to generate random data.
int mbedtls_hmac_drbg_random(void *p_rng, unsigned char *output, size_t out_len)
This function uses HMAC_DRBG to generate random data.
int mbedtls_hmac_drbg_update(mbedtls_hmac_drbg_context *ctx, const unsigned char *additional, size_t add_len)
This function updates the state of the HMAC_DRBG context.
struct mbedtls_hmac_drbg_context mbedtls_hmac_drbg_context
Build-time configuration info.
This file contains the generic functions for message-digest (hashing) and HMAC.
struct mbedtls_md_info_t mbedtls_md_info_t
Definition: md.h:107
#define MBEDTLS_MD_MAX_SIZE
Definition: md.h:71
Macro wrapper for struct's members.
#define MBEDTLS_PRIVATE(member)
Threading abstraction layer.