Mbed TLS v2.28.9
ctr_drbg.h
Go to the documentation of this file.
1 
24 /*
25  * Copyright The Mbed TLS Contributors
26  * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
27  */
28 
29 #ifndef MBEDTLS_CTR_DRBG_H
30 #define MBEDTLS_CTR_DRBG_H
31 
32 #if !defined(MBEDTLS_CONFIG_FILE)
33 #include "mbedtls/config.h"
34 #else
35 #include MBEDTLS_CONFIG_FILE
36 #endif
37 
38 #include "mbedtls/aes.h"
39 
40 #if defined(MBEDTLS_THREADING_C)
41 #include "mbedtls/threading.h"
42 #endif
43 
45 #define MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED -0x0034
46 
47 #define MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG -0x0036
48 
49 #define MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG -0x0038
50 
51 #define MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR -0x003A
52 
53 #define MBEDTLS_CTR_DRBG_BLOCKSIZE 16
55 #if defined(MBEDTLS_CTR_DRBG_USE_128_BIT_KEY)
56 #define MBEDTLS_CTR_DRBG_KEYSIZE 16
57 
62 #else
63 #define MBEDTLS_CTR_DRBG_KEYSIZE 32
64 
69 #endif
70 
71 #define MBEDTLS_CTR_DRBG_KEYBITS (MBEDTLS_CTR_DRBG_KEYSIZE * 8)
72 #define MBEDTLS_CTR_DRBG_SEEDLEN (MBEDTLS_CTR_DRBG_KEYSIZE + MBEDTLS_CTR_DRBG_BLOCKSIZE)
87 #if !defined(MBEDTLS_CTR_DRBG_ENTROPY_LEN)
88 #if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_ENTROPY_FORCE_SHA256)
89 
92 #define MBEDTLS_CTR_DRBG_ENTROPY_LEN 48
93 
94 #else /* defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_ENTROPY_FORCE_SHA256) */
95 
100 #if !defined(MBEDTLS_CTR_DRBG_USE_128_BIT_KEY)
101 
104 #endif /* !defined(MBEDTLS_CTR_DRBG_USE_128_BIT_KEY) */
105 #define MBEDTLS_CTR_DRBG_ENTROPY_LEN 32
106 #endif /* defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_ENTROPY_FORCE_SHA256) */
107 #endif /* !defined(MBEDTLS_CTR_DRBG_ENTROPY_LEN) */
108 
109 #if !defined(MBEDTLS_CTR_DRBG_RESEED_INTERVAL)
110 #define MBEDTLS_CTR_DRBG_RESEED_INTERVAL 10000
111 
112 #endif
113 
114 #if !defined(MBEDTLS_CTR_DRBG_MAX_INPUT)
115 #define MBEDTLS_CTR_DRBG_MAX_INPUT 256
116 
117 #endif
118 
119 #if !defined(MBEDTLS_CTR_DRBG_MAX_REQUEST)
120 #define MBEDTLS_CTR_DRBG_MAX_REQUEST 1024
121 
122 #endif
123 
124 #if !defined(MBEDTLS_CTR_DRBG_MAX_SEED_INPUT)
125 #define MBEDTLS_CTR_DRBG_MAX_SEED_INPUT 384
126 
127 #endif
128 
131 #define MBEDTLS_CTR_DRBG_PR_OFF 0
132 
133 #define MBEDTLS_CTR_DRBG_PR_ON 1
134 
136 #ifdef __cplusplus
137 extern "C" {
138 #endif
139 
140 #if MBEDTLS_CTR_DRBG_ENTROPY_LEN >= MBEDTLS_CTR_DRBG_KEYSIZE * 3 / 2
141 
147 #define MBEDTLS_CTR_DRBG_ENTROPY_NONCE_LEN 0
148 #else
149 
155 #define MBEDTLS_CTR_DRBG_ENTROPY_NONCE_LEN (MBEDTLS_CTR_DRBG_ENTROPY_LEN + 1) / 2
156 #endif
157 
161 typedef struct mbedtls_ctr_drbg_context {
162  unsigned char counter[16];
177  size_t entropy_len;
185  /*
186  * Callbacks (Entropy)
187  */
188  int (*f_entropy)(void *, unsigned char *, size_t);
191  void *p_entropy;
193 #if defined(MBEDTLS_THREADING_C)
194  /* Invariant: the mutex is initialized if and only if f_entropy != NULL.
195  * This means that the mutex is initialized during the initial seeding
196  * in mbedtls_ctr_drbg_seed() and freed in mbedtls_ctr_drbg_free().
197  *
198  * Note that this invariant may change without notice. Do not rely on it
199  * and do not access the mutex directly in application code.
200  */
202 #endif
203 }
205 
219 
253 #if MBEDTLS_CTR_DRBG_ENTROPY_NONCE_LEN == 0
254 
258 #else
259 
264 #endif
265 #if defined(MBEDTLS_THREADING_C)
266 
273 #endif /* MBEDTLS_THREADING_C */
274 
320  int (*f_entropy)(void *, unsigned char *, size_t),
321  void *p_entropy,
322  const unsigned char *custom,
323  size_t len);
324 
332 
347  int resistance);
348 
374  size_t len);
375 
396  size_t len);
397 
411  int interval);
412 
434  const unsigned char *additional, size_t len);
435 
457  const unsigned char *additional,
458  size_t add_len);
459 
491 int mbedtls_ctr_drbg_random_with_add(void *p_rng,
492  unsigned char *output, size_t output_len,
493  const unsigned char *additional, size_t add_len);
494 
501 #if defined(MBEDTLS_THREADING_C)
502 
508 #endif /* MBEDTLS_THREADING_C */
509 
519 int mbedtls_ctr_drbg_random(void *p_rng,
520  unsigned char *output, size_t output_len);
521 
522 
523 #if !defined(MBEDTLS_DEPRECATED_REMOVED)
524 #if defined(MBEDTLS_DEPRECATED_WARNING)
525 #define MBEDTLS_DEPRECATED __attribute__((deprecated))
526 #else
527 #define MBEDTLS_DEPRECATED
528 #endif
529 
546  const unsigned char *additional,
547  size_t add_len);
548 #undef MBEDTLS_DEPRECATED
549 #endif /* !MBEDTLS_DEPRECATED_REMOVED */
550 
551 #if defined(MBEDTLS_FS_IO)
552 
564 
580 #endif /* MBEDTLS_FS_IO */
581 
582 #if defined(MBEDTLS_SELF_TEST)
583 
590 int mbedtls_ctr_drbg_self_test(int verbose);
591 
592 #endif /* MBEDTLS_SELF_TEST */
593 
594 #ifdef __cplusplus
595 }
596 #endif
597 
598 #endif /* ctr_drbg.h */
int(* f_entropy)(void *, unsigned char *, size_t)
Definition: ctr_drbg.h:188
The CTR_DRBG context structure.
Definition: ctr_drbg.h:161
void mbedtls_ctr_drbg_free(mbedtls_ctr_drbg_context *ctx)
This function resets CTR_DRBG context to the state immediately after initial call of mbedtls_ctr_drbg...
void mbedtls_ctr_drbg_init(mbedtls_ctr_drbg_context *ctx)
This function initializes the CTR_DRBG context, and prepares it for mbedtls_ctr_drbg_seed() or mbedtl...
mbedtls_threading_mutex_t mutex
Definition: ctr_drbg.h:201
#define MBEDTLS_DEPRECATED
Definition: ctr_drbg.h:527
Configuration options (set of defines)
int mbedtls_ctr_drbg_random(void *p_rng, unsigned char *output, size_t output_len)
This function uses CTR_DRBG to generate random data.
int mbedtls_ctr_drbg_write_seed_file(mbedtls_ctr_drbg_context *ctx, const char *path)
This function writes a seed file.
void mbedtls_ctr_drbg_set_reseed_interval(mbedtls_ctr_drbg_context *ctx, int interval)
This function sets the reseed interval.
void mbedtls_ctr_drbg_set_prediction_resistance(mbedtls_ctr_drbg_context *ctx, int resistance)
This function turns prediction resistance on or off. The default value is off.
int mbedtls_ctr_drbg_reseed(mbedtls_ctr_drbg_context *ctx, const unsigned char *additional, size_t len)
This function reseeds the CTR_DRBG context, that is extracts data from the entropy source...
Threading abstraction layer.
int mbedtls_ctr_drbg_update_seed_file(mbedtls_ctr_drbg_context *ctx, const char *path)
This function reads and updates a seed file. The seed is added to this instance.
int mbedtls_ctr_drbg_random_with_add(void *p_rng, unsigned char *output, size_t output_len, const unsigned char *additional, size_t add_len)
This function updates a CTR_DRBG instance with additional data and uses it to generate random data...
int mbedtls_ctr_drbg_update_ret(mbedtls_ctr_drbg_context *ctx, const unsigned char *additional, size_t add_len)
This function updates the state of the CTR_DRBG context.
void mbedtls_ctr_drbg_set_entropy_len(mbedtls_ctr_drbg_context *ctx, size_t len)
This function sets the amount of entropy grabbed on each seed or reseed.
This file contains AES definitions and functions.
int mbedtls_ctr_drbg_set_nonce_len(mbedtls_ctr_drbg_context *ctx, size_t len)
This function sets the amount of entropy grabbed as a nonce for the initial seeding.
struct mbedtls_ctr_drbg_context mbedtls_ctr_drbg_context
The CTR_DRBG context structure.
int mbedtls_ctr_drbg_seed(mbedtls_ctr_drbg_context *ctx, int(*f_entropy)(void *, unsigned char *, size_t), void *p_entropy, const unsigned char *custom, size_t len)
This function seeds and sets up the CTR_DRBG entropy source for future reseeds.
int mbedtls_ctr_drbg_self_test(int verbose)
The CTR_DRBG checkup routine.
unsigned char counter[16]
Definition: ctr_drbg.h:162
mbedtls_aes_context aes_ctx
Definition: ctr_drbg.h:183
MBEDTLS_DEPRECATED void mbedtls_ctr_drbg_update(mbedtls_ctr_drbg_context *ctx, const unsigned char *additional, size_t add_len)
This function updates the state of the CTR_DRBG context.
The AES context-type definition.
Definition: aes.h:79