29#ifndef MBEDTLS_CTR_DRBG_H
30#define MBEDTLS_CTR_DRBG_H
48#if !defined(MBEDTLS_AES_C)
49#define MBEDTLS_CTR_DRBG_USE_PSA_CRYPTO
52#if defined(MBEDTLS_CTR_DRBG_USE_PSA_CRYPTO)
60#if defined(MBEDTLS_THREADING_C)
65#define MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED -0x0034
67#define MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG -0x0036
69#define MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG -0x0038
71#define MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR -0x003A
73#define MBEDTLS_CTR_DRBG_BLOCKSIZE 16
75#if defined(MBEDTLS_CTR_DRBG_USE_128_BIT_KEY)
76#define MBEDTLS_CTR_DRBG_KEYSIZE 16
83#define MBEDTLS_CTR_DRBG_KEYSIZE 32
91#define MBEDTLS_CTR_DRBG_KEYBITS (MBEDTLS_CTR_DRBG_KEYSIZE * 8)
92#define MBEDTLS_CTR_DRBG_SEEDLEN (MBEDTLS_CTR_DRBG_KEYSIZE + MBEDTLS_CTR_DRBG_BLOCKSIZE)
107#if !defined(MBEDTLS_CTR_DRBG_ENTROPY_LEN)
108#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR)
111#define MBEDTLS_CTR_DRBG_ENTROPY_LEN 48
117#if !defined(MBEDTLS_CTR_DRBG_USE_128_BIT_KEY)
122#define MBEDTLS_CTR_DRBG_ENTROPY_LEN 32
126#if !defined(MBEDTLS_CTR_DRBG_RESEED_INTERVAL)
127#define MBEDTLS_CTR_DRBG_RESEED_INTERVAL 10000
131#if !defined(MBEDTLS_CTR_DRBG_MAX_INPUT)
132#define MBEDTLS_CTR_DRBG_MAX_INPUT 256
136#if !defined(MBEDTLS_CTR_DRBG_MAX_REQUEST)
137#define MBEDTLS_CTR_DRBG_MAX_REQUEST 1024
141#if !defined(MBEDTLS_CTR_DRBG_MAX_SEED_INPUT)
142#define MBEDTLS_CTR_DRBG_MAX_SEED_INPUT 384
148#define MBEDTLS_CTR_DRBG_PR_OFF 0
150#define MBEDTLS_CTR_DRBG_PR_ON 1
157#if MBEDTLS_CTR_DRBG_ENTROPY_LEN >= MBEDTLS_CTR_DRBG_KEYSIZE * 3 / 2
164#define MBEDTLS_CTR_DRBG_ENTROPY_NONCE_LEN 0
172#define MBEDTLS_CTR_DRBG_ENTROPY_NONCE_LEN (MBEDTLS_CTR_DRBG_ENTROPY_LEN + 1) / 2
175#if defined(MBEDTLS_CTR_DRBG_USE_PSA_CRYPTO)
176typedef struct mbedtls_ctr_drbg_psa_context {
179} mbedtls_ctr_drbg_psa_context;
207#if defined(MBEDTLS_CTR_DRBG_USE_PSA_CRYPTO)
221#if defined(MBEDTLS_THREADING_C)
281#if MBEDTLS_CTR_DRBG_ENTROPY_NONCE_LEN == 0
293#if defined(MBEDTLS_THREADING_C)
348 int (*f_entropy)(
void *,
unsigned char *,
size_t),
350 const unsigned char *custom,
462 const unsigned char *additional,
size_t len);
485 const unsigned char *additional,
520 unsigned char *output,
size_t output_len,
521 const unsigned char *additional,
size_t add_len);
529#if defined(MBEDTLS_THREADING_C)
548 unsigned char *output,
size_t output_len);
550#if defined(MBEDTLS_FS_IO)
581#if defined(MBEDTLS_SELF_TEST)
This file contains AES definitions and functions.
Platform Security Architecture cryptography module.
int mbedtls_ctr_drbg_set_nonce_len(mbedtls_ctr_drbg_context *ctx, size_t len)
This function sets the amount of entropy grabbed as a nonce for the initial seeding.
int mbedtls_ctr_drbg_random_with_add(void *p_rng, unsigned char *output, size_t output_len, const unsigned char *additional, size_t add_len)
This function updates a CTR_DRBG instance with additional data and uses it to generate random data.
void mbedtls_ctr_drbg_free(mbedtls_ctr_drbg_context *ctx)
This function resets CTR_DRBG context to the state immediately after initial call of mbedtls_ctr_drbg...
int mbedtls_ctr_drbg_update_seed_file(mbedtls_ctr_drbg_context *ctx, const char *path)
This function reads and updates a seed file. The seed is added to this instance.
int mbedtls_ctr_drbg_reseed(mbedtls_ctr_drbg_context *ctx, const unsigned char *additional, size_t len)
This function reseeds the CTR_DRBG context, that is extracts data from the entropy source.
struct mbedtls_ctr_drbg_context mbedtls_ctr_drbg_context
The CTR_DRBG context structure.
int mbedtls_ctr_drbg_self_test(int verbose)
The CTR_DRBG checkup routine.
void mbedtls_ctr_drbg_init(mbedtls_ctr_drbg_context *ctx)
This function initializes the CTR_DRBG context, and prepares it for mbedtls_ctr_drbg_seed() or mbedtl...
int mbedtls_ctr_drbg_update(mbedtls_ctr_drbg_context *ctx, const unsigned char *additional, size_t add_len)
This function updates the state of the CTR_DRBG context.
int mbedtls_ctr_drbg_seed(mbedtls_ctr_drbg_context *ctx, int(*f_entropy)(void *, unsigned char *, size_t), void *p_entropy, const unsigned char *custom, size_t len)
This function seeds and sets up the CTR_DRBG entropy source for future reseeds.
void mbedtls_ctr_drbg_set_prediction_resistance(mbedtls_ctr_drbg_context *ctx, int resistance)
This function turns prediction resistance on or off. The default value is off.
void mbedtls_ctr_drbg_set_reseed_interval(mbedtls_ctr_drbg_context *ctx, int interval)
This function sets the reseed interval.
void mbedtls_ctr_drbg_set_entropy_len(mbedtls_ctr_drbg_context *ctx, size_t len)
This function sets the amount of entropy grabbed on each seed or reseed.
int mbedtls_ctr_drbg_random(void *p_rng, unsigned char *output, size_t output_len)
This function uses CTR_DRBG to generate random data.
int mbedtls_ctr_drbg_write_seed_file(mbedtls_ctr_drbg_context *ctx, const char *path)
This function writes a seed file.
Entropy accumulator implementation.
psa_key_id_t mbedtls_svc_key_id_t
Build-time configuration info.
Macro wrapper for struct's members.
#define MBEDTLS_PRIVATE(member)
The AES context-type definition.
The CTR_DRBG context structure.
Threading abstraction layer.