aboutsummaryrefslogtreecommitdiff
path: root/include/mbedtls/hmac_drbg.h
diff options
context:
space:
mode:
authorLibravatar vnugent <public@vaughnnugent.com>2024-04-23 18:19:31 -0400
committerLibravatar vnugent <public@vaughnnugent.com>2024-04-23 18:19:31 -0400
commit7cb7a93de4f6f5e741bc5129e3d928e44f050930 (patch)
treeae5c564a0c3c60d0b4dac13ac8e8e3ebf7906ab1 /include/mbedtls/hmac_drbg.h
parent30e8dda6cbea86bdee6d5dfe48514385d3b9f81b (diff)
refactor!: MbedTLS on Windows, switch to uint32
Diffstat (limited to 'include/mbedtls/hmac_drbg.h')
-rw-r--r--include/mbedtls/hmac_drbg.h434
1 files changed, 0 insertions, 434 deletions
diff --git a/include/mbedtls/hmac_drbg.h b/include/mbedtls/hmac_drbg.h
deleted file mode 100644
index 18b1b75..0000000
--- a/include/mbedtls/hmac_drbg.h
+++ /dev/null
@@ -1,434 +0,0 @@
-/**
- * \file hmac_drbg.h
- *
- * \brief The HMAC_DRBG pseudorandom generator.
- *
- * This module implements the HMAC_DRBG pseudorandom generator described
- * in <em>NIST SP 800-90A: Recommendation for Random Number Generation Using
- * Deterministic Random Bit Generators</em>.
- */
-/*
- * Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
- */
-#ifndef MBEDTLS_HMAC_DRBG_H
-#define MBEDTLS_HMAC_DRBG_H
-#include "mbedtls/private_access.h"
-
-#include "mbedtls/build_info.h"
-
-#include "mbedtls/md.h"
-
-#if defined(MBEDTLS_THREADING_C)
-#include "mbedtls/threading.h"
-#endif
-
-/*
- * Error codes
- */
-/** Too many random requested in single call. */
-#define MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG -0x0003
-/** Input too large (Entropy + additional). */
-#define MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG -0x0005
-/** Read/write error in file. */
-#define MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR -0x0007
-/** The entropy source failed. */
-#define MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED -0x0009
-
-/**
- * \name SECTION: Module settings
- *
- * The configuration options you can set for this module are in this section.
- * Either change them in mbedtls_config.h or define them on the compiler command line.
- * \{
- */
-
-#if !defined(MBEDTLS_HMAC_DRBG_RESEED_INTERVAL)
-#define MBEDTLS_HMAC_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
-#endif
-
-#if !defined(MBEDTLS_HMAC_DRBG_MAX_INPUT)
-#define MBEDTLS_HMAC_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
-#endif
-
-#if !defined(MBEDTLS_HMAC_DRBG_MAX_REQUEST)
-#define MBEDTLS_HMAC_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
-#endif
-
-#if !defined(MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT)
-#define MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
-#endif
-
-/** \} name SECTION: Module settings */
-
-#define MBEDTLS_HMAC_DRBG_PR_OFF 0 /**< No prediction resistance */
-#define MBEDTLS_HMAC_DRBG_PR_ON 1 /**< Prediction resistance enabled */
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/**
- * HMAC_DRBG context.
- */
-typedef struct mbedtls_hmac_drbg_context {
- /* Working state: the key K is not stored explicitly,
- * but is implied by the HMAC context */
- mbedtls_md_context_t MBEDTLS_PRIVATE(md_ctx); /*!< HMAC context (inc. K) */
- unsigned char MBEDTLS_PRIVATE(V)[MBEDTLS_MD_MAX_SIZE]; /*!< V in the spec */
- int MBEDTLS_PRIVATE(reseed_counter); /*!< reseed counter */
-
- /* Administrative state */
- size_t MBEDTLS_PRIVATE(entropy_len); /*!< entropy bytes grabbed on each (re)seed */
- int MBEDTLS_PRIVATE(prediction_resistance); /*!< enable prediction resistance (Automatic
- reseed before every random generation) */
- int MBEDTLS_PRIVATE(reseed_interval); /*!< reseed interval */
-
- /* Callbacks */
- int(*MBEDTLS_PRIVATE(f_entropy))(void *, unsigned char *, size_t); /*!< entropy function */
- void *MBEDTLS_PRIVATE(p_entropy); /*!< context for the entropy function */
-
-#if defined(MBEDTLS_THREADING_C)
- /* Invariant: the mutex is initialized if and only if
- * md_ctx->md_info != NULL. This means that the mutex is initialized
- * during the initial seeding in mbedtls_hmac_drbg_seed() or
- * mbedtls_hmac_drbg_seed_buf() and freed in mbedtls_ctr_drbg_free().
- *
- * Note that this invariant may change without notice. Do not rely on it
- * and do not access the mutex directly in application code.
- */
- mbedtls_threading_mutex_t MBEDTLS_PRIVATE(mutex);
-#endif
-} mbedtls_hmac_drbg_context;
-
-/**
- * \brief HMAC_DRBG context initialization.
- *
- * This function makes the context ready for mbedtls_hmac_drbg_seed(),
- * mbedtls_hmac_drbg_seed_buf() or mbedtls_hmac_drbg_free().
- *
- * \note The reseed interval is #MBEDTLS_HMAC_DRBG_RESEED_INTERVAL
- * by default. Override this value by calling
- * mbedtls_hmac_drbg_set_reseed_interval().
- *
- * \param ctx HMAC_DRBG context to be initialized.
- */
-void mbedtls_hmac_drbg_init(mbedtls_hmac_drbg_context *ctx);
-
-/**
- * \brief HMAC_DRBG initial seeding.
- *
- * Set the initial seed and set up the entropy source for future reseeds.
- *
- * A typical choice for the \p f_entropy and \p p_entropy parameters is
- * to use the entropy module:
- * - \p f_entropy is mbedtls_entropy_func();
- * - \p p_entropy is an instance of ::mbedtls_entropy_context initialized
- * with mbedtls_entropy_init() (which registers the platform's default
- * entropy sources).
- *
- * You can provide a personalization string in addition to the
- * entropy source, to make this instantiation as unique as possible.
- *
- * \note By default, the security strength as defined by NIST is:
- * - 128 bits if \p md_info is SHA-1;
- * - 192 bits if \p md_info is SHA-224;
- * - 256 bits if \p md_info is SHA-256, SHA-384 or SHA-512.
- * Note that SHA-256 is just as efficient as SHA-224.
- * The security strength can be reduced if a smaller
- * entropy length is set with
- * mbedtls_hmac_drbg_set_entropy_len().
- *
- * \note The default entropy length is the security strength
- * (converted from bits to bytes). You can override
- * it by calling mbedtls_hmac_drbg_set_entropy_len().
- *
- * \note During the initial seeding, this function calls
- * the entropy source to obtain a nonce
- * whose length is half the entropy length.
- */
-#if defined(MBEDTLS_THREADING_C)
-/**
- * \note When Mbed TLS is built with threading support,
- * after this function returns successfully,
- * it is safe to call mbedtls_hmac_drbg_random()
- * from multiple threads. Other operations, including
- * reseeding, are not thread-safe.
- */
-#endif /* MBEDTLS_THREADING_C */
-/**
- * \param ctx HMAC_DRBG context to be seeded.
- * \param md_info MD algorithm to use for HMAC_DRBG.
- * \param f_entropy The entropy callback, taking as arguments the
- * \p p_entropy context, the buffer to fill, and the
- * length of the buffer.
- * \p f_entropy is always called with a length that is
- * less than or equal to the entropy length.
- * \param p_entropy The entropy context to pass to \p f_entropy.
- * \param custom The personalization string.
- * This can be \c NULL, in which case the personalization
- * string is empty regardless of the value of \p len.
- * \param len The length of the personalization string.
- * This must be at most #MBEDTLS_HMAC_DRBG_MAX_INPUT
- * and also at most
- * #MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT - \c entropy_len * 3 / 2
- * where \c entropy_len is the entropy length
- * described above.
- *
- * \return \c 0 if successful.
- * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA if \p md_info is
- * invalid.
- * \return #MBEDTLS_ERR_MD_ALLOC_FAILED if there was not enough
- * memory to allocate context data.
- * \return #MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED
- * if the call to \p f_entropy failed.
- */
-int mbedtls_hmac_drbg_seed(mbedtls_hmac_drbg_context *ctx,
- const mbedtls_md_info_t *md_info,
- int (*f_entropy)(void *, unsigned char *, size_t),
- void *p_entropy,
- const unsigned char *custom,
- size_t len);
-
-/**
- * \brief Initialisation of simplified HMAC_DRBG (never reseeds).
- *
- * This function is meant for use in algorithms that need a pseudorandom
- * input such as deterministic ECDSA.
- */
-#if defined(MBEDTLS_THREADING_C)
-/**
- * \note When Mbed TLS is built with threading support,
- * after this function returns successfully,
- * it is safe to call mbedtls_hmac_drbg_random()
- * from multiple threads. Other operations, including
- * reseeding, are not thread-safe.
- */
-#endif /* MBEDTLS_THREADING_C */
-/**
- * \param ctx HMAC_DRBG context to be initialised.
- * \param md_info MD algorithm to use for HMAC_DRBG.
- * \param data Concatenation of the initial entropy string and
- * the additional data.
- * \param data_len Length of \p data in bytes.
- *
- * \return \c 0 if successful. or
- * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA if \p md_info is
- * invalid.
- * \return #MBEDTLS_ERR_MD_ALLOC_FAILED if there was not enough
- * memory to allocate context data.
- */
-int mbedtls_hmac_drbg_seed_buf(mbedtls_hmac_drbg_context *ctx,
- const mbedtls_md_info_t *md_info,
- const unsigned char *data, size_t data_len);
-
-/**
- * \brief This function turns prediction resistance on or off.
- * The default value is off.
- *
- * \note If enabled, entropy is gathered at the beginning of
- * every call to mbedtls_hmac_drbg_random_with_add()
- * or mbedtls_hmac_drbg_random().
- * Only use this if your entropy source has sufficient
- * throughput.
- *
- * \param ctx The HMAC_DRBG context.
- * \param resistance #MBEDTLS_HMAC_DRBG_PR_ON or #MBEDTLS_HMAC_DRBG_PR_OFF.
- */
-void mbedtls_hmac_drbg_set_prediction_resistance(mbedtls_hmac_drbg_context *ctx,
- int resistance);
-
-/**
- * \brief This function sets the amount of entropy grabbed on each
- * seed or reseed.
- *
- * See the documentation of mbedtls_hmac_drbg_seed() for the default value.
- *
- * \param ctx The HMAC_DRBG context.
- * \param len The amount of entropy to grab, in bytes.
- */
-void mbedtls_hmac_drbg_set_entropy_len(mbedtls_hmac_drbg_context *ctx,
- size_t len);
-
-/**
- * \brief Set the reseed interval.
- *
- * The reseed interval is the number of calls to mbedtls_hmac_drbg_random()
- * or mbedtls_hmac_drbg_random_with_add() after which the entropy function
- * is called again.
- *
- * The default value is #MBEDTLS_HMAC_DRBG_RESEED_INTERVAL.
- *
- * \param ctx The HMAC_DRBG context.
- * \param interval The reseed interval.
- */
-void mbedtls_hmac_drbg_set_reseed_interval(mbedtls_hmac_drbg_context *ctx,
- int interval);
-
-/**
- * \brief This function updates the state of the HMAC_DRBG context.
- *
- * \note This function is not thread-safe. It is not safe
- * to call this function if another thread might be
- * concurrently obtaining random numbers from the same
- * context or updating or reseeding the same context.
- *
- * \param ctx The HMAC_DRBG context.
- * \param additional The data to update the state with.
- * If this is \c NULL, there is no additional data.
- * \param add_len Length of \p additional in bytes.
- * Unused if \p additional is \c NULL.
- *
- * \return \c 0 on success, or an error from the underlying
- * hash calculation.
- */
-int mbedtls_hmac_drbg_update(mbedtls_hmac_drbg_context *ctx,
- const unsigned char *additional, size_t add_len);
-
-/**
- * \brief This function reseeds the HMAC_DRBG context, that is
- * extracts data from the entropy source.
- *
- * \note This function is not thread-safe. It is not safe
- * to call this function if another thread might be
- * concurrently obtaining random numbers from the same
- * context or updating or reseeding the same context.
- *
- * \param ctx The HMAC_DRBG context.
- * \param additional Additional data to add to the state.
- * If this is \c NULL, there is no additional data
- * and \p len should be \c 0.
- * \param len The length of the additional data.
- * This must be at most #MBEDTLS_HMAC_DRBG_MAX_INPUT
- * and also at most
- * #MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT - \c entropy_len
- * where \c entropy_len is the entropy length
- * (see mbedtls_hmac_drbg_set_entropy_len()).
- *
- * \return \c 0 if successful.
- * \return #MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED
- * if a call to the entropy function failed.
- */
-int mbedtls_hmac_drbg_reseed(mbedtls_hmac_drbg_context *ctx,
- const unsigned char *additional, size_t len);
-
-/**
- * \brief This function updates an HMAC_DRBG instance with additional
- * data and uses it to generate random data.
- *
- * This function automatically reseeds if the reseed counter is exceeded
- * or prediction resistance is enabled.
- *
- * \note This function is not thread-safe. It is not safe
- * to call this function if another thread might be
- * concurrently obtaining random numbers from the same
- * context or updating or reseeding the same context.
- *
- * \param p_rng The HMAC_DRBG context. This must be a pointer to a
- * #mbedtls_hmac_drbg_context structure.
- * \param output The buffer to fill.
- * \param output_len The length of the buffer in bytes.
- * This must be at most #MBEDTLS_HMAC_DRBG_MAX_REQUEST.
- * \param additional Additional data to update with.
- * If this is \c NULL, there is no additional data
- * and \p add_len should be \c 0.
- * \param add_len The length of the additional data.
- * This must be at most #MBEDTLS_HMAC_DRBG_MAX_INPUT.
- *
- * \return \c 0 if successful.
- * \return #MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED
- * if a call to the entropy source failed.
- * \return #MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG if
- * \p output_len > #MBEDTLS_HMAC_DRBG_MAX_REQUEST.
- * \return #MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG if
- * \p add_len > #MBEDTLS_HMAC_DRBG_MAX_INPUT.
- */
-int mbedtls_hmac_drbg_random_with_add(void *p_rng,
- unsigned char *output, size_t output_len,
- const unsigned char *additional,
- size_t add_len);
-
-/**
- * \brief This function uses HMAC_DRBG to generate random data.
- *
- * This function automatically reseeds if the reseed counter is exceeded
- * or prediction resistance is enabled.
- */
-#if defined(MBEDTLS_THREADING_C)
-/**
- * \note When Mbed TLS is built with threading support,
- * it is safe to call mbedtls_ctr_drbg_random()
- * from multiple threads. Other operations, including
- * reseeding, are not thread-safe.
- */
-#endif /* MBEDTLS_THREADING_C */
-/**
- * \param p_rng The HMAC_DRBG context. This must be a pointer to a
- * #mbedtls_hmac_drbg_context structure.
- * \param output The buffer to fill.
- * \param out_len The length of the buffer in bytes.
- * This must be at most #MBEDTLS_HMAC_DRBG_MAX_REQUEST.
- *
- * \return \c 0 if successful.
- * \return #MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED
- * if a call to the entropy source failed.
- * \return #MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG if
- * \p out_len > #MBEDTLS_HMAC_DRBG_MAX_REQUEST.
- */
-int mbedtls_hmac_drbg_random(void *p_rng, unsigned char *output, size_t out_len);
-
-/**
- * \brief This function resets HMAC_DRBG context to the state immediately
- * after initial call of mbedtls_hmac_drbg_init().
- *
- * \param ctx The HMAC_DRBG context to free.
- */
-void mbedtls_hmac_drbg_free(mbedtls_hmac_drbg_context *ctx);
-
-#if defined(MBEDTLS_FS_IO)
-/**
- * \brief This function writes a seed file.
- *
- * \param ctx The HMAC_DRBG context.
- * \param path The name of the file.
- *
- * \return \c 0 on success.
- * \return #MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR on file error.
- * \return #MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED on reseed
- * failure.
- */
-int mbedtls_hmac_drbg_write_seed_file(mbedtls_hmac_drbg_context *ctx, const char *path);
-
-/**
- * \brief This function reads and updates a seed file. The seed
- * is added to this instance.
- *
- * \param ctx The HMAC_DRBG context.
- * \param path The name of the file.
- *
- * \return \c 0 on success.
- * \return #MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR on file error.
- * \return #MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED on
- * reseed failure.
- * \return #MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG if the existing
- * seed file is too large.
- */
-int mbedtls_hmac_drbg_update_seed_file(mbedtls_hmac_drbg_context *ctx, const char *path);
-#endif /* MBEDTLS_FS_IO */
-
-
-#if defined(MBEDTLS_SELF_TEST)
-/**
- * \brief The HMAC_DRBG Checkup routine.
- *
- * \return \c 0 if successful.
- * \return \c 1 if the test failed.
- */
-int mbedtls_hmac_drbg_self_test(int verbose);
-#endif
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* hmac_drbg.h */