mbed TLS v3.4.0
ctr_drbg.h
Go to the documentation of this file.
1 
24 /*
25  * Copyright The Mbed TLS Contributors
26  * SPDX-License-Identifier: Apache-2.0
27  *
28  * Licensed under the Apache License, Version 2.0 (the "License"); you may
29  * not use this file except in compliance with the License.
30  * You may obtain a copy of the License at
31  *
32  * http://www.apache.org/licenses/LICENSE-2.0
33  *
34  * Unless required by applicable law or agreed to in writing, software
35  * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
36  * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
37  * See the License for the specific language governing permissions and
38  * limitations under the License.
39  */
40 
41 #ifndef MBEDTLS_CTR_DRBG_H
42 #define MBEDTLS_CTR_DRBG_H
43 #include "mbedtls/private_access.h"
44 
45 #include "mbedtls/build_info.h"
46 
47 #include "mbedtls/aes.h"
48 
49 #if defined(MBEDTLS_THREADING_C)
50 #include "mbedtls/threading.h"
51 #endif
52 
54 #define MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED -0x0034
55 
56 #define MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG -0x0036
57 
58 #define MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG -0x0038
59 
60 #define MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR -0x003A
61 
62 #define MBEDTLS_CTR_DRBG_BLOCKSIZE 16
64 #if defined(MBEDTLS_CTR_DRBG_USE_128_BIT_KEY)
65 #define MBEDTLS_CTR_DRBG_KEYSIZE 16
66 
71 #else
72 #define MBEDTLS_CTR_DRBG_KEYSIZE 32
73 
78 #endif
79 
80 #define MBEDTLS_CTR_DRBG_KEYBITS (MBEDTLS_CTR_DRBG_KEYSIZE * 8)
81 #define MBEDTLS_CTR_DRBG_SEEDLEN (MBEDTLS_CTR_DRBG_KEYSIZE + MBEDTLS_CTR_DRBG_BLOCKSIZE)
96 #if !defined(MBEDTLS_CTR_DRBG_ENTROPY_LEN)
97 #if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_ENTROPY_FORCE_SHA256)
98 
101 #define MBEDTLS_CTR_DRBG_ENTROPY_LEN 48
102 
103 #else /* defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_ENTROPY_FORCE_SHA256) */
104 
109 #if !defined(MBEDTLS_CTR_DRBG_USE_128_BIT_KEY)
110 
113 #endif /* !defined(MBEDTLS_CTR_DRBG_USE_128_BIT_KEY) */
114 #define MBEDTLS_CTR_DRBG_ENTROPY_LEN 32
115 #endif /* defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_ENTROPY_FORCE_SHA256) */
116 #endif /* !defined(MBEDTLS_CTR_DRBG_ENTROPY_LEN) */
117 
118 #if !defined(MBEDTLS_CTR_DRBG_RESEED_INTERVAL)
119 #define MBEDTLS_CTR_DRBG_RESEED_INTERVAL 10000
120 
121 #endif
122 
123 #if !defined(MBEDTLS_CTR_DRBG_MAX_INPUT)
124 #define MBEDTLS_CTR_DRBG_MAX_INPUT 256
125 
126 #endif
127 
128 #if !defined(MBEDTLS_CTR_DRBG_MAX_REQUEST)
129 #define MBEDTLS_CTR_DRBG_MAX_REQUEST 1024
130 
131 #endif
132 
133 #if !defined(MBEDTLS_CTR_DRBG_MAX_SEED_INPUT)
134 #define MBEDTLS_CTR_DRBG_MAX_SEED_INPUT 384
135 
136 #endif
137 
140 #define MBEDTLS_CTR_DRBG_PR_OFF 0
141 
142 #define MBEDTLS_CTR_DRBG_PR_ON 1
143 
145 #ifdef __cplusplus
146 extern "C" {
147 #endif
148 
149 #if MBEDTLS_CTR_DRBG_ENTROPY_LEN >= MBEDTLS_CTR_DRBG_KEYSIZE * 3 / 2
150 
156 #define MBEDTLS_CTR_DRBG_ENTROPY_NONCE_LEN 0
157 #else
158 
164 #define MBEDTLS_CTR_DRBG_ENTROPY_NONCE_LEN (MBEDTLS_CTR_DRBG_ENTROPY_LEN + 1) / 2
165 #endif
166 
170 typedef struct mbedtls_ctr_drbg_context {
171  unsigned char MBEDTLS_PRIVATE(counter)[16];
172  int MBEDTLS_PRIVATE(reseed_counter);
182  int MBEDTLS_PRIVATE(prediction_resistance);
186  size_t MBEDTLS_PRIVATE(entropy_len);
188  int MBEDTLS_PRIVATE(reseed_interval);
194  /*
195  * Callbacks (Entropy)
196  */
197  int(*MBEDTLS_PRIVATE(f_entropy))(void *, unsigned char *, size_t);
200  void *MBEDTLS_PRIVATE(p_entropy);
202 #if defined(MBEDTLS_THREADING_C)
203  /* Invariant: the mutex is initialized if and only if f_entropy != NULL.
204  * This means that the mutex is initialized during the initial seeding
205  * in mbedtls_ctr_drbg_seed() and freed in mbedtls_ctr_drbg_free().
206  *
207  * Note that this invariant may change without notice. Do not rely on it
208  * and do not access the mutex directly in application code.
209  */
210  mbedtls_threading_mutex_t MBEDTLS_PRIVATE(mutex);
211 #endif
212 }
214 
228 
262 #if MBEDTLS_CTR_DRBG_ENTROPY_NONCE_LEN == 0
263 
267 #else
268 
273 #endif
274 #if defined(MBEDTLS_THREADING_C)
275 
282 #endif /* MBEDTLS_THREADING_C */
283 
329  int (*f_entropy)(void *, unsigned char *, size_t),
330  void *p_entropy,
331  const unsigned char *custom,
332  size_t len);
333 
341 
356  int resistance);
357 
383  size_t len);
384 
405  size_t len);
406 
420  int interval);
421 
443  const unsigned char *additional, size_t len);
444 
466  const unsigned char *additional,
467  size_t add_len);
468 
500 int mbedtls_ctr_drbg_random_with_add(void *p_rng,
501  unsigned char *output, size_t output_len,
502  const unsigned char *additional, size_t add_len);
503 
510 #if defined(MBEDTLS_THREADING_C)
511 
517 #endif /* MBEDTLS_THREADING_C */
518 
528 int mbedtls_ctr_drbg_random(void *p_rng,
529  unsigned char *output, size_t output_len);
530 
531 #if defined(MBEDTLS_FS_IO)
532 
544 
560 #endif /* MBEDTLS_FS_IO */
561 
562 #if defined(MBEDTLS_SELF_TEST)
563 
570 int mbedtls_ctr_drbg_self_test(int verbose);
571 
572 #endif /* MBEDTLS_SELF_TEST */
573 
574 #ifdef __cplusplus
575 }
576 #endif
577 
578 #endif /* ctr_drbg.h */
The CTR_DRBG context structure.
Definition: ctr_drbg.h:170
int mbedtls_ctr_drbg_update(mbedtls_ctr_drbg_context *ctx, const unsigned char *additional, size_t add_len)
This function updates the state of the CTR_DRBG context.
void mbedtls_ctr_drbg_free(mbedtls_ctr_drbg_context *ctx)
This function resets CTR_DRBG context to the state immediately after initial call of mbedtls_ctr_drbg...
void mbedtls_ctr_drbg_init(mbedtls_ctr_drbg_context *ctx)
This function initializes the CTR_DRBG context, and prepares it for mbedtls_ctr_drbg_seed() or mbedtl...
#define MBEDTLS_PRIVATE(member)
int mbedtls_ctr_drbg_random(void *p_rng, unsigned char *output, size_t output_len)
This function uses CTR_DRBG to generate random data.
int mbedtls_ctr_drbg_write_seed_file(mbedtls_ctr_drbg_context *ctx, const char *path)
This function writes a seed file.
void mbedtls_ctr_drbg_set_reseed_interval(mbedtls_ctr_drbg_context *ctx, int interval)
This function sets the reseed interval.
void mbedtls_ctr_drbg_set_prediction_resistance(mbedtls_ctr_drbg_context *ctx, int resistance)
This function turns prediction resistance on or off. The default value is off.
int mbedtls_ctr_drbg_reseed(mbedtls_ctr_drbg_context *ctx, const unsigned char *additional, size_t len)
This function reseeds the CTR_DRBG context, that is extracts data from the entropy source...
Threading abstraction layer.
int mbedtls_ctr_drbg_update_seed_file(mbedtls_ctr_drbg_context *ctx, const char *path)
This function reads and updates a seed file. The seed is added to this instance.
int mbedtls_ctr_drbg_random_with_add(void *p_rng, unsigned char *output, size_t output_len, const unsigned char *additional, size_t add_len)
This function updates a CTR_DRBG instance with additional data and uses it to generate random data...
void mbedtls_ctr_drbg_set_entropy_len(mbedtls_ctr_drbg_context *ctx, size_t len)
This function sets the amount of entropy grabbed on each seed or reseed.
This file contains AES definitions and functions.
Macro wrapper for struct's members.
int mbedtls_ctr_drbg_set_nonce_len(mbedtls_ctr_drbg_context *ctx, size_t len)
This function sets the amount of entropy grabbed as a nonce for the initial seeding.
struct mbedtls_ctr_drbg_context mbedtls_ctr_drbg_context
The CTR_DRBG context structure.
int mbedtls_ctr_drbg_seed(mbedtls_ctr_drbg_context *ctx, int(*f_entropy)(void *, unsigned char *, size_t), void *p_entropy, const unsigned char *custom, size_t len)
This function seeds and sets up the CTR_DRBG entropy source for future reseeds.
Build-time configuration info.
int mbedtls_ctr_drbg_self_test(int verbose)
The CTR_DRBG checkup routine.
The AES context-type definition.
Definition: aes.h:75