mbed TLS v3.4.0
hmac_drbg.h
Go to the documentation of this file.
1 
10 /*
11  * Copyright The Mbed TLS Contributors
12  * SPDX-License-Identifier: Apache-2.0
13  *
14  * Licensed under the Apache License, Version 2.0 (the "License"); you may
15  * not use this file except in compliance with the License.
16  * You may obtain a copy of the License at
17  *
18  * http://www.apache.org/licenses/LICENSE-2.0
19  *
20  * Unless required by applicable law or agreed to in writing, software
21  * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
22  * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
23  * See the License for the specific language governing permissions and
24  * limitations under the License.
25  */
26 #ifndef MBEDTLS_HMAC_DRBG_H
27 #define MBEDTLS_HMAC_DRBG_H
28 #include "mbedtls/private_access.h"
29 
30 #include "mbedtls/build_info.h"
31 
32 #include "mbedtls/md.h"
33 
34 #if defined(MBEDTLS_THREADING_C)
35 #include "mbedtls/threading.h"
36 #endif
37 
38 /*
39  * Error codes
40  */
42 #define MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG -0x0003
43 
44 #define MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG -0x0005
45 
46 #define MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR -0x0007
47 
48 #define MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED -0x0009
49 
58 #if !defined(MBEDTLS_HMAC_DRBG_RESEED_INTERVAL)
59 #define MBEDTLS_HMAC_DRBG_RESEED_INTERVAL 10000
60 #endif
61 
62 #if !defined(MBEDTLS_HMAC_DRBG_MAX_INPUT)
63 #define MBEDTLS_HMAC_DRBG_MAX_INPUT 256
64 #endif
65 
66 #if !defined(MBEDTLS_HMAC_DRBG_MAX_REQUEST)
67 #define MBEDTLS_HMAC_DRBG_MAX_REQUEST 1024
68 #endif
69 
70 #if !defined(MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT)
71 #define MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT 384
72 #endif
73 
76 #define MBEDTLS_HMAC_DRBG_PR_OFF 0
77 #define MBEDTLS_HMAC_DRBG_PR_ON 1
79 #ifdef __cplusplus
80 extern "C" {
81 #endif
82 
86 typedef struct mbedtls_hmac_drbg_context {
87  /* Working state: the key K is not stored explicitly,
88  * but is implied by the HMAC context */
91  int MBEDTLS_PRIVATE(reseed_counter);
93  /* Administrative state */
94  size_t MBEDTLS_PRIVATE(entropy_len);
95  int MBEDTLS_PRIVATE(prediction_resistance);
97  int MBEDTLS_PRIVATE(reseed_interval);
99  /* Callbacks */
100  int(*MBEDTLS_PRIVATE(f_entropy))(void *, unsigned char *, size_t);
101  void *MBEDTLS_PRIVATE(p_entropy);
103 #if defined(MBEDTLS_THREADING_C)
104  /* Invariant: the mutex is initialized if and only if
105  * md_ctx->md_info != NULL. This means that the mutex is initialized
106  * during the initial seeding in mbedtls_hmac_drbg_seed() or
107  * mbedtls_hmac_drbg_seed_buf() and freed in mbedtls_ctr_drbg_free().
108  *
109  * Note that this invariant may change without notice. Do not rely on it
110  * and do not access the mutex directly in application code.
111  */
112  mbedtls_threading_mutex_t MBEDTLS_PRIVATE(mutex);
113 #endif
115 
129 
162 #if defined(MBEDTLS_THREADING_C)
163 
170 #endif /* MBEDTLS_THREADING_C */
171 
199  const mbedtls_md_info_t *md_info,
200  int (*f_entropy)(void *, unsigned char *, size_t),
201  void *p_entropy,
202  const unsigned char *custom,
203  size_t len);
204 
211 #if defined(MBEDTLS_THREADING_C)
212 
219 #endif /* MBEDTLS_THREADING_C */
220 
234  const mbedtls_md_info_t *md_info,
235  const unsigned char *data, size_t data_len);
236 
251  int resistance);
252 
263  size_t len);
264 
278  int interval);
279 
298  const unsigned char *additional, size_t add_len);
299 
325  const unsigned char *additional, size_t len);
326 
358 int mbedtls_hmac_drbg_random_with_add(void *p_rng,
359  unsigned char *output, size_t output_len,
360  const unsigned char *additional,
361  size_t add_len);
362 
369 #if defined(MBEDTLS_THREADING_C)
370 
376 #endif /* MBEDTLS_THREADING_C */
377 
390 int mbedtls_hmac_drbg_random(void *p_rng, unsigned char *output, size_t out_len);
391 
399 
400 #if defined(MBEDTLS_FS_IO)
401 
413 
429 #endif /* MBEDTLS_FS_IO */
430 
431 
432 #if defined(MBEDTLS_SELF_TEST)
433 
439 int mbedtls_hmac_drbg_self_test(int verbose);
440 #endif
441 
442 #ifdef __cplusplus
443 }
444 #endif
445 
446 #endif /* hmac_drbg.h */
int mbedtls_hmac_drbg_seed(mbedtls_hmac_drbg_context *ctx, const mbedtls_md_info_t *md_info, int(*f_entropy)(void *, unsigned char *, size_t), void *p_entropy, const unsigned char *custom, size_t len)
HMAC_DRBG initial seeding.
#define MBEDTLS_MD_MAX_SIZE
Definition: md.h:155
int mbedtls_hmac_drbg_seed_buf(mbedtls_hmac_drbg_context *ctx, const mbedtls_md_info_t *md_info, const unsigned char *data, size_t data_len)
Initialisation of simplified HMAC_DRBG (never reseeds).
void mbedtls_hmac_drbg_set_reseed_interval(mbedtls_hmac_drbg_context *ctx, int interval)
Set the reseed interval.
void mbedtls_hmac_drbg_free(mbedtls_hmac_drbg_context *ctx)
This function resets HMAC_DRBG context to the state immediately after initial call of mbedtls_hmac_dr...
int mbedtls_hmac_drbg_random(void *p_rng, unsigned char *output, size_t out_len)
This function uses HMAC_DRBG to generate random data.
#define MBEDTLS_PRIVATE(member)
int mbedtls_hmac_drbg_self_test(int verbose)
The HMAC_DRBG Checkup routine.
Threading abstraction layer.
struct mbedtls_hmac_drbg_context mbedtls_hmac_drbg_context
Macro wrapper for struct's members.
Build-time configuration info.
int mbedtls_hmac_drbg_update(mbedtls_hmac_drbg_context *ctx, const unsigned char *additional, size_t add_len)
This function updates the state of the HMAC_DRBG context.
int mbedtls_hmac_drbg_update_seed_file(mbedtls_hmac_drbg_context *ctx, const char *path)
This function reads and updates a seed file. The seed is added to this instance.
This file contains the generic functions for message-digest (hashing) and HMAC.
void mbedtls_hmac_drbg_init(mbedtls_hmac_drbg_context *ctx)
HMAC_DRBG context initialization.
int mbedtls_hmac_drbg_random_with_add(void *p_rng, unsigned char *output, size_t output_len, const unsigned char *additional, size_t add_len)
This function updates an HMAC_DRBG instance with additional data and uses it to generate random data...
int mbedtls_hmac_drbg_reseed(mbedtls_hmac_drbg_context *ctx, const unsigned char *additional, size_t len)
This function reseeds the HMAC_DRBG context, that is extracts data from the entropy source...
struct mbedtls_md_info_t mbedtls_md_info_t
Definition: md.h:183
int mbedtls_hmac_drbg_write_seed_file(mbedtls_hmac_drbg_context *ctx, const char *path)
This function writes a seed file.
void mbedtls_hmac_drbg_set_entropy_len(mbedtls_hmac_drbg_context *ctx, size_t len)
This function sets the amount of entropy grabbed on each seed or reseed.
void mbedtls_hmac_drbg_set_prediction_resistance(mbedtls_hmac_drbg_context *ctx, int resistance)
This function turns prediction resistance on or off. The default value is off.