Mbed TLS v2.28.9
Loading...
Searching...
No Matches
ctr_drbg.h
Go to the documentation of this file.
1
24/*
25 * Copyright The Mbed TLS Contributors
26 * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
27 */
28
29#ifndef MBEDTLS_CTR_DRBG_H
30#define MBEDTLS_CTR_DRBG_H
31
32#if !defined(MBEDTLS_CONFIG_FILE)
33#include "mbedtls/config.h"
34#else
35#include MBEDTLS_CONFIG_FILE
36#endif
37
38#include "mbedtls/aes.h"
39
40#if defined(MBEDTLS_THREADING_C)
41#include "mbedtls/threading.h"
42#endif
43
45#define MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED -0x0034
47#define MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG -0x0036
49#define MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG -0x0038
51#define MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR -0x003A
52
53#define MBEDTLS_CTR_DRBG_BLOCKSIZE 16
55#if defined(MBEDTLS_CTR_DRBG_USE_128_BIT_KEY)
56#define MBEDTLS_CTR_DRBG_KEYSIZE 16
62#else
63#define MBEDTLS_CTR_DRBG_KEYSIZE 32
69#endif
70
71#define MBEDTLS_CTR_DRBG_KEYBITS (MBEDTLS_CTR_DRBG_KEYSIZE * 8)
72#define MBEDTLS_CTR_DRBG_SEEDLEN (MBEDTLS_CTR_DRBG_KEYSIZE + MBEDTLS_CTR_DRBG_BLOCKSIZE)
87#if !defined(MBEDTLS_CTR_DRBG_ENTROPY_LEN)
88#if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_ENTROPY_FORCE_SHA256)
92#define MBEDTLS_CTR_DRBG_ENTROPY_LEN 48
93
94#else /* defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_ENTROPY_FORCE_SHA256) */
95
100#if !defined(MBEDTLS_CTR_DRBG_USE_128_BIT_KEY)
104#endif /* !defined(MBEDTLS_CTR_DRBG_USE_128_BIT_KEY) */
105#define MBEDTLS_CTR_DRBG_ENTROPY_LEN 32
106#endif /* defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_ENTROPY_FORCE_SHA256) */
107#endif /* !defined(MBEDTLS_CTR_DRBG_ENTROPY_LEN) */
108
109#if !defined(MBEDTLS_CTR_DRBG_RESEED_INTERVAL)
110#define MBEDTLS_CTR_DRBG_RESEED_INTERVAL 10000
112#endif
113
114#if !defined(MBEDTLS_CTR_DRBG_MAX_INPUT)
115#define MBEDTLS_CTR_DRBG_MAX_INPUT 256
117#endif
118
119#if !defined(MBEDTLS_CTR_DRBG_MAX_REQUEST)
120#define MBEDTLS_CTR_DRBG_MAX_REQUEST 1024
122#endif
123
124#if !defined(MBEDTLS_CTR_DRBG_MAX_SEED_INPUT)
125#define MBEDTLS_CTR_DRBG_MAX_SEED_INPUT 384
127#endif
128
131#define MBEDTLS_CTR_DRBG_PR_OFF 0
133#define MBEDTLS_CTR_DRBG_PR_ON 1
136#ifdef __cplusplus
137extern "C" {
138#endif
139
140#if MBEDTLS_CTR_DRBG_ENTROPY_LEN >= MBEDTLS_CTR_DRBG_KEYSIZE * 3 / 2
147#define MBEDTLS_CTR_DRBG_ENTROPY_NONCE_LEN 0
148#else
155#define MBEDTLS_CTR_DRBG_ENTROPY_NONCE_LEN (MBEDTLS_CTR_DRBG_ENTROPY_LEN + 1) / 2
156#endif
157
162 unsigned char counter[16];
177 size_t entropy_len;
185 /*
186 * Callbacks (Entropy)
187 */
188 int (*f_entropy)(void *, unsigned char *, size_t);
191 void *p_entropy;
193#if defined(MBEDTLS_THREADING_C)
194 /* Invariant: the mutex is initialized if and only if f_entropy != NULL.
195 * This means that the mutex is initialized during the initial seeding
196 * in mbedtls_ctr_drbg_seed() and freed in mbedtls_ctr_drbg_free().
197 *
198 * Note that this invariant may change without notice. Do not rely on it
199 * and do not access the mutex directly in application code.
200 */
202#endif
203}
205
219
253#if MBEDTLS_CTR_DRBG_ENTROPY_NONCE_LEN == 0
258#else
264#endif
265#if defined(MBEDTLS_THREADING_C)
273#endif /* MBEDTLS_THREADING_C */
320 int (*f_entropy)(void *, unsigned char *, size_t),
321 void *p_entropy,
322 const unsigned char *custom,
323 size_t len);
324
332
347 int resistance);
348
374 size_t len);
375
396 size_t len);
397
411 int interval);
412
434 const unsigned char *additional, size_t len);
435
457 const unsigned char *additional,
458 size_t add_len);
459
492 unsigned char *output, size_t output_len,
493 const unsigned char *additional, size_t add_len);
494
501#if defined(MBEDTLS_THREADING_C)
508#endif /* MBEDTLS_THREADING_C */
520 unsigned char *output, size_t output_len);
521
522
523#if !defined(MBEDTLS_DEPRECATED_REMOVED)
524#if defined(MBEDTLS_DEPRECATED_WARNING)
525#define MBEDTLS_DEPRECATED __attribute__((deprecated))
526#else
527#define MBEDTLS_DEPRECATED
528#endif
546 const unsigned char *additional,
547 size_t add_len);
548#undef MBEDTLS_DEPRECATED
549#endif /* !MBEDTLS_DEPRECATED_REMOVED */
550
551#if defined(MBEDTLS_FS_IO)
564
580#endif /* MBEDTLS_FS_IO */
581
582#if defined(MBEDTLS_SELF_TEST)
583
591
592#endif /* MBEDTLS_SELF_TEST */
593
594#ifdef __cplusplus
595}
596#endif
597
598#endif /* ctr_drbg.h */
This file contains AES definitions and functions.
Configuration options (set of defines)
int mbedtls_ctr_drbg_set_nonce_len(mbedtls_ctr_drbg_context *ctx, size_t len)
This function sets the amount of entropy grabbed as a nonce for the initial seeding.
int mbedtls_ctr_drbg_random_with_add(void *p_rng, unsigned char *output, size_t output_len, const unsigned char *additional, size_t add_len)
This function updates a CTR_DRBG instance with additional data and uses it to generate random data.
void mbedtls_ctr_drbg_free(mbedtls_ctr_drbg_context *ctx)
This function resets CTR_DRBG context to the state immediately after initial call of mbedtls_ctr_drbg...
int mbedtls_ctr_drbg_update_seed_file(mbedtls_ctr_drbg_context *ctx, const char *path)
This function reads and updates a seed file. The seed is added to this instance.
int mbedtls_ctr_drbg_reseed(mbedtls_ctr_drbg_context *ctx, const unsigned char *additional, size_t len)
This function reseeds the CTR_DRBG context, that is extracts data from the entropy source.
MBEDTLS_DEPRECATED void mbedtls_ctr_drbg_update(mbedtls_ctr_drbg_context *ctx, const unsigned char *additional, size_t add_len)
This function updates the state of the CTR_DRBG context.
struct mbedtls_ctr_drbg_context mbedtls_ctr_drbg_context
The CTR_DRBG context structure.
int mbedtls_ctr_drbg_self_test(int verbose)
The CTR_DRBG checkup routine.
void mbedtls_ctr_drbg_init(mbedtls_ctr_drbg_context *ctx)
This function initializes the CTR_DRBG context, and prepares it for mbedtls_ctr_drbg_seed() or mbedtl...
int mbedtls_ctr_drbg_update_ret(mbedtls_ctr_drbg_context *ctx, const unsigned char *additional, size_t add_len)
This function updates the state of the CTR_DRBG context.
#define MBEDTLS_DEPRECATED
Definition ctr_drbg.h:527
int mbedtls_ctr_drbg_seed(mbedtls_ctr_drbg_context *ctx, int(*f_entropy)(void *, unsigned char *, size_t), void *p_entropy, const unsigned char *custom, size_t len)
This function seeds and sets up the CTR_DRBG entropy source for future reseeds.
void mbedtls_ctr_drbg_set_prediction_resistance(mbedtls_ctr_drbg_context *ctx, int resistance)
This function turns prediction resistance on or off. The default value is off.
void mbedtls_ctr_drbg_set_reseed_interval(mbedtls_ctr_drbg_context *ctx, int interval)
This function sets the reseed interval.
void mbedtls_ctr_drbg_set_entropy_len(mbedtls_ctr_drbg_context *ctx, size_t len)
This function sets the amount of entropy grabbed on each seed or reseed.
int mbedtls_ctr_drbg_random(void *p_rng, unsigned char *output, size_t output_len)
This function uses CTR_DRBG to generate random data.
int mbedtls_ctr_drbg_write_seed_file(mbedtls_ctr_drbg_context *ctx, const char *path)
This function writes a seed file.
The AES context-type definition.
Definition aes.h:79
The CTR_DRBG context structure.
Definition ctr_drbg.h:161
unsigned char counter[16]
Definition ctr_drbg.h:162
mbedtls_threading_mutex_t mutex
Definition ctr_drbg.h:201
int(* f_entropy)(void *, unsigned char *, size_t)
Definition ctr_drbg.h:188
mbedtls_aes_context aes_ctx
Definition ctr_drbg.h:183
Threading abstraction layer.