43 for(i = 0; i < DRBG_MAX_INTERNAL_STATES; i++)
45 if(drbg_internal_states[i]->type ==
DRBG_UNSET)
62 int16_t highest_supported_security_strength;
67 highest_supported_security_strength = 128;
71 highest_supported_security_strength = 256;
75 highest_supported_security_strength = 128;
79 highest_supported_security_strength = 192;
83 highest_supported_security_strength = 256;
87 highest_supported_security_strength = -1;
91 return highest_supported_security_strength;
96 const uint16_t requested_instantiation_security_strength,
98 const uint8_t * entropy,
const uint16_t entropy_length,
99 const uint8_t * nonce,
const uint16_t nonce_length,
100 const uint8_t* personalization_string,
const uint64_t pers_length)
102 uint8_t security_strength;
104 uint8_t *entropy_input = NULL;
111 char *text =
"drbg_instantiate : Invalid DRBG type specified";
112 ret->info = malloc(strlen(text));
113 memcpy(ret->info, text, strlen(text));
117 if(requested_instantiation_security_strength > (entropy_length * 8))
120 char *text =
"drbg_instantiate : Requested security_strength is \ 121 greater than the provided entropy";
122 ret->info = malloc(strlen(text));
123 memcpy(ret->info, text, strlen(text));
127 if(requested_instantiation_security_strength >
131 char *text =
"drbg_instantiate : Requested security_strength is \ 132 greater than the highest security strength supported \ 133 by the drbg type specified";
134 ret->info = malloc(strlen(text));
135 memcpy(ret->info, text, strlen(text));
139 if(pers_length > DRBG_MAX_PERSONALIZATION_STRING_LENGTH)
142 char *text =
"drbg_instantiate : The length of the personalization \ 144 ret->info = malloc(strlen(text));
145 memcpy(ret->info, text, strlen(text));
150 if((reseed_interval > DRBG_MAX_RESEED_INTERVAL) || (reseed_interval == 0))
153 char *text =
"drbg_instantiate : The reseed interval must be 1 <= reseed_interval <= DRBG_MAX_RESEED_INTERVAL";
154 ret->info = malloc(strlen(text));
155 memcpy(ret->info, text, strlen(text));
165 char *text =
"drbg_instantiate : There is no available empty \ 167 ret->info = malloc(strlen(text));
168 memcpy(ret->info, text, strlen(text));
176 if(requested_instantiation_security_strength > 192)
178 security_strength = 256 / 8;
180 else if(requested_instantiation_security_strength > 128)
182 security_strength = 192 / 8;
184 else if(requested_instantiation_security_strength > 112)
186 security_strength = 128 / 8;
190 security_strength = 112 / 8;
194 entropy_input = malloc(entropy_length + nonce_length);
196 memcpy(entropy_input, entropy, entropy_length);
197 memcpy(entropy_input + entropy_length, nonce, nonce_length);
199 drbg_internal_states[handle]->entropy_src = entropy_src;
208 security_strength, entropy_input, entropy_length + nonce_length,
209 personalization_string, pers_length, type);
216 security_strength, entropy_input, entropy_length + nonce_length,
217 personalization_string, pers_length, type);
221 char *text =
"drbg_instantiate : Invalid drbg type, only \ 222 supported DRBG_SHA1, DRBG_SHA256, DRBG_AES128, DRBG_AES192,\ 224 ret->info = malloc(strlen(text));
225 memcpy(ret->info, text, strlen(text));
227 if(entropy_input != NULL)
233 *state_handle = handle;
234 drbg_internal_states[handle]->type = type;
235 drbg_internal_states[handle]->info->security_strength =
237 drbg_internal_states[handle]->info->reseed_interval =
244 const uint8_t * entropy,
const uint16_t entropy_length,
245 const uint8_t* additional_input,
const uint64_t add_length)
249 if((state_handle < 0) || (state_handle > DRBG_MAX_INTERNAL_STATES) ||
250 ((drbg_internal_states[state_handle])->type ==
DRBG_UNSET))
253 char *text =
"drbg_reseed : Invalid state handle specified";
254 ret->info = malloc(strlen(text));
255 memcpy(ret->info, text, strlen(text));
263 if(internal_state->
info->security_strength > entropy_length)
266 char *text =
"drbg_reseed : security_strength is \ 267 greater than the provided entropy";
268 ret->info = malloc(strlen(text));
269 memcpy(ret->info, text, strlen(text));
273 if(additional_input != NULL &&
274 (add_length > DRBG_MAX_ADDITIONAL_INPUT_LENGTH))
277 char *text =
"drbg_reseed : The length of the additional_input \ 279 ret->info = malloc(strlen(text));
280 memcpy(ret->info, text, strlen(text));
286 switch(internal_state->
type)
291 additional_input, add_length);
298 additional_input, add_length);
303 char *text =
"drbg_reseed : Invalid drbg type, only \ 304 supported DRBG_SHA1, DRBG_SHA256, DRBG_AES128, DRBG_AES192,\ 306 ret->info = malloc(strlen(text));
307 memcpy(ret->info, text, strlen(text));
312 const int8_t state_handle,
const uint32_t requested_number_of_bytes,
313 const uint16_t requested_security_strength,
314 const uint8_t* additional_input,
const uint64_t add_length)
318 if((state_handle < 0) || (state_handle > DRBG_MAX_INTERNAL_STATES) ||
319 ((drbg_internal_states[state_handle])->type ==
DRBG_UNSET))
322 char *text =
"drbg_generate : Invalid state handle specified";
323 ret->info = malloc(strlen(text));
324 memcpy(ret->info, text, strlen(text));
332 if(requested_number_of_bytes > DRBG_MAX_NUMBER_OF_BYTES_PER_REQUEST)
335 char *text =
"drbg_generate : requested_number_of bytes is greater \ 336 than DRBG_MAX_NUMBER_OF_BYTES_PER_REQUEST";
337 ret->info = malloc(strlen(text));
338 memcpy(ret->info, text, strlen(text));
342 if((requested_security_strength / 8) >
343 internal_state->
info->security_strength)
346 char *text =
"drbg_generate : requested_security_strength is greater \ 347 than security strength specified in internal state";
348 ret->info = malloc(strlen(text));
349 memcpy(ret->info, text, strlen(text));
353 if(additional_input != NULL &&
354 (add_length > DRBG_MAX_ADDITIONAL_INPUT_LENGTH))
357 char *text =
"drbg_generate : The length of the additional_input \ 359 ret->info = malloc(strlen(text));
360 memcpy(ret->info, text, strlen(text));
366 switch(internal_state->
type)
371 requested_number_of_bytes, additional_input, add_length);
378 requested_number_of_bytes, additional_input, add_length);
383 char *text =
"drbg_generate : Invalid drbg type, only \ 384 supported DRBG_SHA1, DRBG_SHA256, DRBG_AES128, DRBG_AES192,\ 386 ret->info = malloc(strlen(text));
387 memcpy(ret->info, text, strlen(text));
396 uint8_t* entropy_input = malloc(2 * internal_state->
info->security_strength);
402 if(entropy_input != NULL)
407 text =
"drbg_generate : get_entropy_input failed";
408 ret->info = malloc(strlen(text));
409 memcpy(ret->info, text, strlen(text));
412 drbg_reseed(ret, state_handle, entropy_input, 2 * internal_state->
info->security_strength, additional_input, add_length);
413 if(entropy_input != NULL)
424 switch(internal_state->
type)
429 requested_number_of_bytes, NULL, 0);
436 requested_number_of_bytes, NULL, 0);
441 char *text =
"drbg_generate : Invalid drbg type, only \ 442 supported DRBG_SHA1, DRBG_SHA256, DRBG_AES128, DRBG_AES192,\ 444 ret->info = malloc(strlen(text));
445 memcpy(ret->info, text, strlen(text));
455 if((state_handle < 0) || (state_handle > DRBG_MAX_INTERNAL_STATES))
458 char *text =
"drbg_unsinstantiate : Invalid state handle specified";
459 ret->info = malloc(strlen(text));
460 memcpy(ret->info, text, strlen(text));
464 if(drbg_internal_states[state_handle]->type ==
DRBG_UNSET)
471 memset(internal_state->
state->V, 0, internal_state->
info->outlen);
472 memset(internal_state->
state->C_Key, 0, internal_state->
info->seedlen - internal_state->
info->outlen);
473 free(internal_state->
state->V);
474 free(internal_state->
state->C_Key);
475 internal_state->
state->V = NULL;
476 internal_state->
state->C_Key = NULL;
477 internal_state->
state->reseed_counter = 0;
479 internal_state->
info->seedlen = 0;
480 internal_state->
info->outlen = 0;
481 internal_state->
info->security_strength = 0;
void drbg_uninstantiate(mphell_status ret, const int8_t state_handle)
Uninstantiate a DRBG state.
Declaration of the Deterministic Random Bit Generator functions. Details can be found in "NIST Specia...
void ctr_drbg_reseed(mphell_status ret, drbg_internal_state working_state, const uint8_t *entropy_input, const uint16_t entropy_length, const uint8_t *additional_input, const uint64_t add_length)
Reseed the DRBG state (V, C_Key) using entropy_input and additional_input.
int8_t drbg_find_empty_state()
Find an empty DRBG state.
void ctr_drbg_generate(mphell_status ret, uint8_t *returned_bytes, drbg_internal_state working_state, const uint32_t requested_no_of_bytes, const uint8_t *additional_input, const uint64_t add_length)
"Generates pseudorandom bits upon request, using the current internal state, and generates a new inte...
void hash_drbg_instantiate(mphell_status ret, drbg_internal_state initial_state, const uint8_t security_strength, const uint8_t *entropy_input, const uint16_t entropy_length, const uint8_t *personalization_string, const uint64_t pers_length, const drbg_type type)
Instantiate the DRBG state (V, C_Key) using entropy_input and personalization_string.
void get_entropy_input(mphell_status ret, uint8_t *data, const entropy_type entropy_src, const uint16_t length)
Get length bit of entropy from the entropy source selected.
void drbg_generate(mphell_status ret, uint8_t *returned_bytes, const int8_t state_handle, const uint32_t requested_number_of_bytes, const uint16_t requested_security_strength, const uint8_t *additional_input, const uint64_t add_length)
"Generates pseudorandom bits upon request, using the current internal state, and generates a new inte...
int16_t drbg_find_highest_supported_security_strength(const drbg_type type)
Give the highest supported security strength according to the DRBG type.
enum drbg_algorithm drbg_type
Define the DRBG algorithm.
void drbg_reseed(mphell_status ret, const int8_t state_handle, const uint8_t *entropy, const uint16_t entropy_length, const uint8_t *additional_input, const uint64_t add_length)
Reseed the DRBG, "acquires new entropy input and combines it with the current internal state and any ...
mphell_status_t mphell_status[1]
The status is a couple (flag, information)
void hash_drbg_reseed(mphell_status ret, drbg_internal_state working_state, const uint8_t *entropy_input, const uint16_t entropy_length, const uint8_t *additional_input, const uint64_t add_length)
Reseed the DRBG state (V, C_Key) using entropy_input and additional_input.
void ctr_drbg_instantiate(mphell_status ret, drbg_internal_state initial_state, const uint8_t security_strength, const uint8_t *entropy_input, const uint16_t entropy_length, const uint8_t *personalization_string, const uint64_t pers_length, const drbg_type type)
Instantiate the DRBG state (V, C_Key) using entropy_input and personalization_string.
enum entropy_source entropy_type
Define the entropy source.
drbg_internal_state_t drbg_internal_state[1]
Address of a drbg_internal_state_t structure.
void hash_drbg_generate(mphell_status ret, uint8_t *returned_bytes, drbg_internal_state working_state, const uint32_t requested_no_of_bytes, const uint8_t *additional_input, const uint64_t add_length)
"Generates pseudorandom bits upon request, using the current internal state, and generates a new inte...
The working state and administrative informations.