53#if !defined(MBEDTLS_CONFIG_FILE)
56#include MBEDTLS_CONFIG_FILE
59#if defined(MBEDTLS_HMAC_DRBG_C)
66#if defined(MBEDTLS_FS_IO)
70#if defined(MBEDTLS_SELF_TEST)
71#if defined(MBEDTLS_PLATFORM_C)
75#define mbedtls_printf printf
93 const unsigned char *additional,
97 unsigned char rounds = ( additional !=
NULL && add_len != 0 ) ? 2 : 1;
102 for( sep[0] = 0; sep[0] < rounds; sep[0]++ )
108 ctx->V, md_len ) ) != 0 )
116 additional, add_len ) ) != 0 )
126 ctx->V, md_len ) ) != 0 )
137#if !defined(MBEDTLS_DEPRECATED_REMOVED)
139 const unsigned char *additional,
151 const unsigned char *
data,
size_t data_len )
158#if defined(MBEDTLS_THREADING_C)
159 mbedtls_mutex_init( &
ctx->mutex );
184 const unsigned char *additional,
size_t len,
192 size_t total_entropy_len;
195 total_entropy_len =
ctx->entropy_len;
197 total_entropy_len =
ctx->entropy_len * 3 / 2;
210 if( (
ret =
ctx->f_entropy(
ctx->p_entropy,
211 seed,
ctx->entropy_len ) ) != 0 )
215 seedlen +=
ctx->entropy_len;
228 if( (
ret =
ctx->f_entropy(
ctx->p_entropy,
230 ctx->entropy_len / 2 ) ) != 0 )
235 seedlen +=
ctx->entropy_len / 2;
240 if( additional !=
NULL &&
len != 0 )
242 memcpy( seed + seedlen, additional,
len );
251 ctx->reseed_counter = 1;
263 const unsigned char *additional,
size_t len )
265 return( hmac_drbg_reseed_core(
ctx, additional,
len, 0 ) );
276 int (*f_entropy)(
void *,
unsigned char *,
size_t),
278 const unsigned char *custom,
288#if defined(MBEDTLS_THREADING_C)
289 mbedtls_mutex_init( &
ctx->mutex );
303 ctx->f_entropy = f_entropy;
304 ctx->p_entropy = p_entropy;
306 if(
ctx->entropy_len == 0 )
315 ctx->entropy_len = md_size <= 20 ? 16 :
320 if( (
ret = hmac_drbg_reseed_core(
ctx, custom,
len,
335 ctx->prediction_resistance = resistance;
359 unsigned char *output,
size_t out_len,
360 const unsigned char *additional,
size_t add_len )
365 size_t left = out_len;
366 unsigned char *
out = output;
379 ctx->reseed_counter >
ctx->reseed_interval ) )
388 if( additional !=
NULL && add_len != 0 )
391 additional, add_len ) ) != 0 )
398 size_t use_len =
left > md_len ? md_len :
left;
403 ctx->V, md_len ) ) != 0 )
415 additional, add_len ) ) != 0 )
419 ctx->reseed_counter++;
434#if defined(MBEDTLS_THREADING_C)
435 if( (
ret = mbedtls_mutex_lock( &
ctx->mutex ) ) != 0 )
441#if defined(MBEDTLS_THREADING_C)
442 if( mbedtls_mutex_unlock( &
ctx->mutex ) != 0 )
458#if defined(MBEDTLS_THREADING_C)
460 if(
ctx->md_ctx.md_info !=
NULL )
461 mbedtls_mutex_free( &
ctx->mutex );
468#if defined(MBEDTLS_FS_IO)
508 if(
fread( &
c, 1, 1,
f ) != 0 )
529 return( mbedtls_hmac_drbg_write_seed_file(
ctx,
path ) );
534#if defined(MBEDTLS_SELF_TEST)
536#if !defined(MBEDTLS_SHA1_C)
538int mbedtls_hmac_drbg_self_test(
int verbose )
548static const unsigned char entropy_pr[] = {
549 0xa0, 0xc9, 0xab, 0x58, 0xf1, 0xe2, 0xe5, 0xa4, 0xde, 0x3e, 0xbd, 0x4f,
550 0xf7, 0x3e, 0x9c, 0x5b, 0x64, 0xef, 0xd8, 0xca, 0x02, 0x8c, 0xf8, 0x11,
551 0x48, 0xa5, 0x84, 0xfe, 0x69, 0xab, 0x5a, 0xee, 0x42, 0xaa, 0x4d, 0x42,
552 0x17, 0x60, 0x99, 0xd4, 0x5e, 0x13, 0x97, 0xdc, 0x40, 0x4d, 0x86, 0xa3,
553 0x7b, 0xf5, 0x59, 0x54, 0x75, 0x69, 0x51, 0xe4 };
554static const unsigned char result_pr[OUTPUT_LEN] = {
555 0x9a, 0x00, 0xa2, 0xd0, 0x0e, 0xd5, 0x9b, 0xfe, 0x31, 0xec, 0xb1, 0x39,
556 0x9b, 0x60, 0x81, 0x48, 0xd1, 0x96, 0x9d, 0x25, 0x0d, 0x3c, 0x1e, 0x94,
557 0x10, 0x10, 0x98, 0x12, 0x93, 0x25, 0xca, 0xb8, 0xfc, 0xcc, 0x2d, 0x54,
558 0x73, 0x19, 0x70, 0xc0, 0x10, 0x7a, 0xa4, 0x89, 0x25, 0x19, 0x95, 0x5e,
559 0x4b, 0xc6, 0x00, 0x1d, 0x7f, 0x4e, 0x6a, 0x2b, 0xf8, 0xa3, 0x01, 0xab,
560 0x46, 0x05, 0x5c, 0x09, 0xa6, 0x71, 0x88, 0xf1, 0xa7, 0x40, 0xee, 0xf3,
561 0xe1, 0x5c, 0x02, 0x9b, 0x44, 0xaf, 0x03, 0x44 };
564static const unsigned char entropy_nopr[] = {
565 0x79, 0x34, 0x9b, 0xbf, 0x7c, 0xdd, 0xa5, 0x79, 0x95, 0x57, 0x86, 0x66,
566 0x21, 0xc9, 0x13, 0x83, 0x11, 0x46, 0x73, 0x3a, 0xbf, 0x8c, 0x35, 0xc8,
567 0xc7, 0x21, 0x5b, 0x5b, 0x96, 0xc4, 0x8e, 0x9b, 0x33, 0x8c, 0x74, 0xe3,
568 0xe9, 0x9d, 0xfe, 0xdf };
569static const unsigned char result_nopr[OUTPUT_LEN] = {
570 0xc6, 0xa1, 0x6a, 0xb8, 0xd4, 0x20, 0x70, 0x6f, 0x0f, 0x34, 0xab, 0x7f,
571 0xec, 0x5a, 0xdc, 0xa9, 0xd8, 0xca, 0x3a, 0x13, 0x3e, 0x15, 0x9c, 0xa6,
572 0xac, 0x43, 0xc6, 0xf8, 0xa2, 0xbe, 0x22, 0x83, 0x4a, 0x4c, 0x0a, 0x0a,
573 0xff, 0xb1, 0x0d, 0x71, 0x94, 0xf1, 0xc1, 0xa5, 0xcf, 0x73, 0x22, 0xec,
574 0x1a, 0xe0, 0x96, 0x4e, 0xd4, 0xbf, 0x12, 0x27, 0x46, 0xe0, 0x87, 0xfd,
575 0xb5, 0xb3, 0xe9, 0x1b, 0x34, 0x93, 0xd5, 0xbb, 0x98, 0xfa, 0xed, 0x49,
576 0xe8, 0x5f, 0x13, 0x0f, 0xc8, 0xa4, 0x59, 0xb7 };
579static size_t test_offset;
580static int hmac_drbg_self_test_entropy(
void *
data,
581 unsigned char *
buf,
size_t len )
583 const unsigned char *
p =
data;
589#define CHK( c ) if( (c) != 0 ) \
592 mbedtls_printf( "failed\n" ); \
599int mbedtls_hmac_drbg_self_test(
int verbose )
602 unsigned char buf[OUTPUT_LEN];
615 hmac_drbg_self_test_entropy, (
void *) entropy_pr,
620 CHK(
memcmp(
buf, result_pr, OUTPUT_LEN ) );
638 hmac_drbg_self_test_entropy, (
void *) entropy_nopr,
643 CHK(
memcmp(
buf, result_nopr, OUTPUT_LEN ) );
int memcmp(void *Buffer1, void *Buffer2, ACPI_SIZE Count)
GLint GLenum GLsizei GLsizei GLsizei GLint GLsizei const GLvoid * data
GLenum GLuint GLenum GLsizei const GLchar * buf
The HMAC_DRBG pseudorandom generator.
void mbedtls_hmac_drbg_set_prediction_resistance(mbedtls_hmac_drbg_context *ctx, int resistance)
This function turns prediction resistance on or off. The default value is off.
int mbedtls_hmac_drbg_seed(mbedtls_hmac_drbg_context *ctx, const mbedtls_md_info_t *md_info, int(*f_entropy)(void *, unsigned char *, size_t), void *p_entropy, const unsigned char *custom, size_t len)
HMAC_DRBG initial seeding.
#define MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG
int mbedtls_hmac_drbg_reseed(mbedtls_hmac_drbg_context *ctx, const unsigned char *additional, size_t len)
This function reseeds the HMAC_DRBG context, that is extracts data from the entropy source.
void mbedtls_hmac_drbg_init(mbedtls_hmac_drbg_context *ctx)
HMAC_DRBG context initialization.
#define MBEDTLS_HMAC_DRBG_MAX_INPUT
void mbedtls_hmac_drbg_set_reseed_interval(mbedtls_hmac_drbg_context *ctx, int interval)
Set the reseed interval.
#define MBEDTLS_HMAC_DRBG_MAX_REQUEST
void mbedtls_hmac_drbg_free(mbedtls_hmac_drbg_context *ctx)
This function resets HMAC_DRBG context to the state immediately after initial call of mbedtls_hmac_dr...
int mbedtls_hmac_drbg_seed_buf(mbedtls_hmac_drbg_context *ctx, const mbedtls_md_info_t *md_info, const unsigned char *data, size_t data_len)
Initilisation of simpified HMAC_DRBG (never reseeds).
void mbedtls_hmac_drbg_set_entropy_len(mbedtls_hmac_drbg_context *ctx, size_t len)
This function sets the amount of entropy grabbed on each seed or reseed.
int mbedtls_hmac_drbg_random_with_add(void *p_rng, unsigned char *output, size_t output_len, const unsigned char *additional, size_t add_len)
This function updates an HMAC_DRBG instance with additional data and uses it to generate random data.
#define MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT
#define MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG
int mbedtls_hmac_drbg_random(void *p_rng, unsigned char *output, size_t out_len)
This function uses HMAC_DRBG to generate random data.
#define MBEDTLS_HMAC_DRBG_RESEED_INTERVAL
#define MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED
#define MBEDTLS_HMAC_DRBG_PR_ON
#define MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR
MBEDTLS_DEPRECATED void mbedtls_hmac_drbg_update(mbedtls_hmac_drbg_context *ctx, const unsigned char *additional, size_t add_len)
This function updates the state of the HMAC_DRBG context.
int mbedtls_hmac_drbg_update_ret(mbedtls_hmac_drbg_context *ctx, const unsigned char *additional, size_t add_len)
This function updates the state of the HMAC_DRBG context.
_Check_return_ _CRTIMP int __cdecl ferror(_In_ FILE *_File)
_Check_return_opt_ _CRTIMP size_t __cdecl fread(_Out_writes_bytes_(_ElementSize *_Count) void *_DstBuf, _In_ size_t _ElementSize, _In_ size_t _Count, _Inout_ FILE *_File)
_Check_return_ _CRTIMP FILE *__cdecl fopen(_In_z_ const char *_Filename, _In_z_ const char *_Mode)
_Check_return_opt_ _CRTIMP int __cdecl fclose(_Inout_ FILE *_File)
_Check_return_opt_ _CRTIMP size_t __cdecl fwrite(_In_reads_bytes_(_Size *_Count) const void *_Str, _In_ size_t _Size, _In_ size_t _Count, _Inout_ FILE *_File)
int mbedtls_md_setup(mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info, int hmac)
This function selects the message digest algorithm to use, and allocates internal structures.
int mbedtls_md_hmac_reset(mbedtls_md_context_t *ctx)
This function prepares to authenticate a new message with the same key as the previous HMAC operation...
int mbedtls_md_hmac_finish(mbedtls_md_context_t *ctx, unsigned char *output)
This function finishes the HMAC operation, and writes the result to the output buffer.
int mbedtls_md_hmac_update(mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen)
This function feeds an input buffer into an ongoing HMAC computation.
int mbedtls_md_hmac_starts(mbedtls_md_context_t *ctx, const unsigned char *key, size_t keylen)
This function sets the HMAC key and prepares to authenticate a new message.
#define MBEDTLS_MD_MAX_SIZE
unsigned char mbedtls_md_get_size(const mbedtls_md_info_t *md_info)
This function extracts the message-digest size from the message-digest information structure.
void mbedtls_md_free(mbedtls_md_context_t *ctx)
This function clears the internal structure of ctx and frees any embedded internal structure,...
#define memcpy(s1, s2, n)
#define mbedtls_md_info_from_type
Configuration options (set of defines)
#define MBEDTLS_ERR_THREADING_MUTEX_ERROR