mbed TLS v2.16.12
ctr_drbg.h
Go to the documentation of this file.
1 
40 /*
41  * Copyright The Mbed TLS Contributors
42  * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
43  *
44  * This file is provided under the Apache License 2.0, or the
45  * GNU General Public License v2.0 or later.
46  *
47  * **********
48  * Apache License 2.0:
49  *
50  * Licensed under the Apache License, Version 2.0 (the "License"); you may
51  * not use this file except in compliance with the License.
52  * You may obtain a copy of the License at
53  *
54  * http://www.apache.org/licenses/LICENSE-2.0
55  *
56  * Unless required by applicable law or agreed to in writing, software
57  * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
58  * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
59  * See the License for the specific language governing permissions and
60  * limitations under the License.
61  *
62  * **********
63  *
64  * **********
65  * GNU General Public License v2.0 or later:
66  *
67  * This program is free software; you can redistribute it and/or modify
68  * it under the terms of the GNU General Public License as published by
69  * the Free Software Foundation; either version 2 of the License, or
70  * (at your option) any later version.
71  *
72  * This program is distributed in the hope that it will be useful,
73  * but WITHOUT ANY WARRANTY; without even the implied warranty of
74  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
75  * GNU General Public License for more details.
76  *
77  * You should have received a copy of the GNU General Public License along
78  * with this program; if not, write to the Free Software Foundation, Inc.,
79  * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
80  *
81  * **********
82  */
83 
84 #ifndef MBEDTLS_CTR_DRBG_H
85 #define MBEDTLS_CTR_DRBG_H
86 
87 #if !defined(MBEDTLS_CONFIG_FILE)
88 #include "config.h"
89 #else
90 #include MBEDTLS_CONFIG_FILE
91 #endif
92 
93 #include "aes.h"
94 
95 #if defined(MBEDTLS_THREADING_C)
96 #include "threading.h"
97 #endif
98 
100 #define MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED -0x0034
101 
102 #define MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG -0x0036
103 
104 #define MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG -0x0038
105 
106 #define MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR -0x003A
107 
108 #define MBEDTLS_CTR_DRBG_BLOCKSIZE 16
110 #if defined(MBEDTLS_CTR_DRBG_USE_128_BIT_KEY)
111 #define MBEDTLS_CTR_DRBG_KEYSIZE 16
112 
117 #else
118 #define MBEDTLS_CTR_DRBG_KEYSIZE 32
119 
124 #endif
125 
126 #define MBEDTLS_CTR_DRBG_KEYBITS ( MBEDTLS_CTR_DRBG_KEYSIZE * 8 )
127 #define MBEDTLS_CTR_DRBG_SEEDLEN ( MBEDTLS_CTR_DRBG_KEYSIZE + MBEDTLS_CTR_DRBG_BLOCKSIZE )
142 #if !defined(MBEDTLS_CTR_DRBG_ENTROPY_LEN)
143 #if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_ENTROPY_FORCE_SHA256)
144 
147 #define MBEDTLS_CTR_DRBG_ENTROPY_LEN 48
148 
149 #else /* defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_ENTROPY_FORCE_SHA256) */
150 
155 #if !defined(MBEDTLS_CTR_DRBG_USE_128_BIT_KEY)
156 
159 #endif /* !defined(MBEDTLS_CTR_DRBG_USE_128_BIT_KEY) */
160 #define MBEDTLS_CTR_DRBG_ENTROPY_LEN 32
161 #endif /* defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_ENTROPY_FORCE_SHA256) */
162 #endif /* !defined(MBEDTLS_CTR_DRBG_ENTROPY_LEN) */
163 
164 #if !defined(MBEDTLS_CTR_DRBG_RESEED_INTERVAL)
165 #define MBEDTLS_CTR_DRBG_RESEED_INTERVAL 10000
166 
167 #endif
168 
169 #if !defined(MBEDTLS_CTR_DRBG_MAX_INPUT)
170 #define MBEDTLS_CTR_DRBG_MAX_INPUT 256
171 
172 #endif
173 
174 #if !defined(MBEDTLS_CTR_DRBG_MAX_REQUEST)
175 #define MBEDTLS_CTR_DRBG_MAX_REQUEST 1024
176 
177 #endif
178 
179 #if !defined(MBEDTLS_CTR_DRBG_MAX_SEED_INPUT)
180 #define MBEDTLS_CTR_DRBG_MAX_SEED_INPUT 384
181 
182 #endif
183 
184 /* \} name SECTION: Module settings */
185 
186 #define MBEDTLS_CTR_DRBG_PR_OFF 0
187 
188 #define MBEDTLS_CTR_DRBG_PR_ON 1
189 
191 #ifdef __cplusplus
192 extern "C" {
193 #endif
194 
199 {
200  unsigned char counter[16];
206  size_t entropy_len;
212  /*
213  * Callbacks (Entropy)
214  */
215  int (*f_entropy)(void *, unsigned char *, size_t);
218  void *p_entropy;
220 #if defined(MBEDTLS_THREADING_C)
221  /* Invariant: the mutex is initialized if and only if f_entropy != NULL.
222  * This means that the mutex is initialized during the initial seeding
223  * in mbedtls_ctr_drbg_seed() and freed in mbedtls_ctr_drbg_free().
224  *
225  * Note that this invariant may change without notice. Do not rely on it
226  * and do not access the mutex directly in application code.
227  */
229 #endif
230 }
232 
246 
281 #if MBEDTLS_CTR_DRBG_ENTROPY_LEN < MBEDTLS_CTR_DRBG_KEYSIZE * 3 / 2
282 
290 #endif
291 #if defined(MBEDTLS_THREADING_C)
292 
299 #endif /* MBEDTLS_THREADING_C */
300 
329  int (*f_entropy)(void *, unsigned char *, size_t),
330  void *p_entropy,
331  const unsigned char *custom,
332  size_t len );
333 
341 
356  int resistance );
357 
381  size_t len );
382 
396  int interval );
397 
419  const unsigned char *additional, size_t len );
420 
442  const unsigned char *additional,
443  size_t add_len );
444 
476 int mbedtls_ctr_drbg_random_with_add( void *p_rng,
477  unsigned char *output, size_t output_len,
478  const unsigned char *additional, size_t add_len );
479 
486 #if defined(MBEDTLS_THREADING_C)
487 
493 #endif /* MBEDTLS_THREADING_C */
494 
504 int mbedtls_ctr_drbg_random( void *p_rng,
505  unsigned char *output, size_t output_len );
506 
507 
508 #if ! defined(MBEDTLS_DEPRECATED_REMOVED)
509 #if defined(MBEDTLS_DEPRECATED_WARNING)
510 #define MBEDTLS_DEPRECATED __attribute__((deprecated))
511 #else
512 #define MBEDTLS_DEPRECATED
513 #endif
514 
531  const unsigned char *additional,
532  size_t add_len );
533 #undef MBEDTLS_DEPRECATED
534 #endif /* !MBEDTLS_DEPRECATED_REMOVED */
535 
536 #if defined(MBEDTLS_FS_IO)
537 
548 int mbedtls_ctr_drbg_write_seed_file( mbedtls_ctr_drbg_context *ctx, const char *path );
549 
564 int mbedtls_ctr_drbg_update_seed_file( mbedtls_ctr_drbg_context *ctx, const char *path );
565 #endif /* MBEDTLS_FS_IO */
566 
567 #if defined(MBEDTLS_SELF_TEST)
568 
575 int mbedtls_ctr_drbg_self_test( int verbose );
576 
577 #endif /* MBEDTLS_SELF_TEST */
578 
579 /* Internal functions (do not call directly) */
581  int (*)(void *, unsigned char *, size_t), void *,
582  const unsigned char *, size_t, size_t );
583 
584 #ifdef __cplusplus
585 }
586 #endif
587 
588 #endif /* ctr_drbg.h */
int(* f_entropy)(void *, unsigned char *, size_t)
Definition: ctr_drbg.h:215
The CTR_DRBG context structure.
Definition: ctr_drbg.h:198
void mbedtls_ctr_drbg_free(mbedtls_ctr_drbg_context *ctx)
This function resets CTR_DRBG context to the state immediately after initial call of mbedtls_ctr_drbg...
int mbedtls_ctr_drbg_seed_entropy_len(mbedtls_ctr_drbg_context *, int(*)(void *, unsigned char *, size_t), void *, const unsigned char *, size_t, size_t)
void mbedtls_ctr_drbg_init(mbedtls_ctr_drbg_context *ctx)
This function initializes the CTR_DRBG context, and prepares it for mbedtls_ctr_drbg_seed() or mbedtl...
mbedtls_threading_mutex_t mutex
Definition: ctr_drbg.h:228
#define MBEDTLS_DEPRECATED
Definition: ctr_drbg.h:512
Configuration options (set of defines)
int mbedtls_ctr_drbg_random(void *p_rng, unsigned char *output, size_t output_len)
This function uses CTR_DRBG to generate random data.
int mbedtls_ctr_drbg_write_seed_file(mbedtls_ctr_drbg_context *ctx, const char *path)
This function writes a seed file.
void mbedtls_ctr_drbg_set_reseed_interval(mbedtls_ctr_drbg_context *ctx, int interval)
This function sets the reseed interval.
void mbedtls_ctr_drbg_set_prediction_resistance(mbedtls_ctr_drbg_context *ctx, int resistance)
This function turns prediction resistance on or off. The default value is off.
int mbedtls_ctr_drbg_reseed(mbedtls_ctr_drbg_context *ctx, const unsigned char *additional, size_t len)
This function reseeds the CTR_DRBG context, that is extracts data from the entropy source...
Threading abstraction layer.
int mbedtls_ctr_drbg_update_seed_file(mbedtls_ctr_drbg_context *ctx, const char *path)
This function reads and updates a seed file. The seed is added to this instance.
int mbedtls_ctr_drbg_random_with_add(void *p_rng, unsigned char *output, size_t output_len, const unsigned char *additional, size_t add_len)
This function updates a CTR_DRBG instance with additional data and uses it to generate random data...
int mbedtls_ctr_drbg_update_ret(mbedtls_ctr_drbg_context *ctx, const unsigned char *additional, size_t add_len)
This function updates the state of the CTR_DRBG context.
void mbedtls_ctr_drbg_set_entropy_len(mbedtls_ctr_drbg_context *ctx, size_t len)
This function sets the amount of entropy grabbed on each seed or reseed.
This file contains AES definitions and functions.
struct mbedtls_ctr_drbg_context mbedtls_ctr_drbg_context
The CTR_DRBG context structure.
int mbedtls_ctr_drbg_seed(mbedtls_ctr_drbg_context *ctx, int(*f_entropy)(void *, unsigned char *, size_t), void *p_entropy, const unsigned char *custom, size_t len)
This function seeds and sets up the CTR_DRBG entropy source for future reseeds.
int mbedtls_ctr_drbg_self_test(int verbose)
The CTR_DRBG checkup routine.
unsigned char counter[16]
Definition: ctr_drbg.h:200
mbedtls_aes_context aes_ctx
Definition: ctr_drbg.h:210
MBEDTLS_DEPRECATED void mbedtls_ctr_drbg_update(mbedtls_ctr_drbg_context *ctx, const unsigned char *additional, size_t add_len)
This function updates the state of the CTR_DRBG context.
The AES context-type definition.
Definition: aes.h:117