ctr_drbg.h
Go to the documentation of this file.
1 /**
2  * @file ctr_drbg.h
3  * @brief CTR_DRBG pseudorandom number generator
4  *
5  * @section License
6  *
7  * SPDX-License-Identifier: GPL-2.0-or-later
8  *
9  * Copyright (C) 2010-2025 Oryx Embedded SARL. All rights reserved.
10  *
11  * This file is part of CycloneCRYPTO Open.
12  *
13  * This program is free software; you can redistribute it and/or
14  * modify it under the terms of the GNU General Public License
15  * as published by the Free Software Foundation; either version 2
16  * of the License, or (at your option) any later version.
17  *
18  * This program is distributed in the hope that it will be useful,
19  * but WITHOUT ANY WARRANTY; without even the implied warranty of
20  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21  * GNU General Public License for more details.
22  *
23  * You should have received a copy of the GNU General Public License
24  * along with this program; if not, write to the Free Software Foundation,
25  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
26  *
27  * @author Oryx Embedded SARL (www.oryx-embedded.com)
28  * @version 2.5.4
29  **/
30 
31 #ifndef _CTR_DRBG_H
32 #define _CTR_DRBG_H
33 
34 //Dependencies
35 #include "core/crypto.h"
36 #include "cipher/cipher_algorithms.h"
37 
38 //Maximum length of the key
39 #define CTR_DRBG_MAX_KEY_LEN 32
40 //Maximum length of the seed
41 #define CTR_DRBG_MAX_SEED_LEN 48
42 //Maximum number of requests between reseeds
43 #define CTR_DRBG_MAX_RESEED_INTERVAL 281474976710656ULL
44 
45 //Common interface for PRNG algorithms
46 #define CTR_DRBG_PRNG_ALGO (&ctrDrbgPrngAlgo)
47 
48 //C++ guard
49 #ifdef __cplusplus
50 extern "C" {
51 #endif
52 
53 
54 /**
55  * @brief CTR_DRBG PRNG context
56  **/
57 
58 typedef struct
59 {
60  OsMutex mutex; ///<Mutex preventing simultaneous access to the PRNG state
61  const CipherAlgo *cipherAlgo; ///<Cipher function
62  CipherContext cipherContext; ///<Cipher context
63  size_t keyLen; ///<Key length
64  size_t securityStrength; ///<Security strength
65  bool_t df; ///<Use key derivation function
66  size_t ctrLen; ///<Counter length
67  size_t seedLen; ///<Seed length
68  uint8_t v[MAX_CIPHER_BLOCK_SIZE]; ///<Value V
69  uint8_t k[CTR_DRBG_MAX_KEY_LEN]; ///<Key
70  uint64_t reseedCounter; ///<Reseed counter
71 } CtrDrbgContext;
72 
73 
74 //CTR_DRBG related constants
75 extern const PrngAlgo ctrDrbgPrngAlgo;
76 
77 //CTR_DRBG related functions
78 error_t ctrDrbgInit(CtrDrbgContext *context, const CipherAlgo *cipherAlgo,
79  size_t keyLen, bool_t df);
80 
81 error_t ctrDrbgSeed(CtrDrbgContext *context, const uint8_t *seed,
82  size_t length);
83 
84 error_t ctrDrbgSeedEx(CtrDrbgContext *context, const uint8_t *entropyInput,
85  size_t entropyInputLen, const uint8_t *nonce, size_t nonceLen,
86  const uint8_t *personalizationString, size_t personalizationStringLen);
87 
88 error_t ctrDrbgReseed(CtrDrbgContext *context, const uint8_t *seed,
89  size_t length);
90 
91 error_t ctrDrbgReseedEx(CtrDrbgContext *context, const uint8_t *entropyInput,
92  size_t entropyInputLen, const uint8_t *additionalInput,
93  size_t additionalInputLen);
94 
95 error_t ctrDrbgGenerate(CtrDrbgContext *context, uint8_t *output,
96  size_t length);
97 
98 error_t ctrDrbgGenerateEx(CtrDrbgContext *context,
99  const uint8_t *additionalInput, size_t additionalInputLen, uint8_t *output,
100  size_t outputLen);
101 
102 void ctrDrbgDeinit(CtrDrbgContext *context);
103 
104 error_t blockCipherDf(CtrDrbgContext *context, const DataChunk *input,
105  uint_t inputLen, uint8_t *output, size_t outputLen);
106 
107 error_t ctrDrbgBcc(CtrDrbgContext *context, const uint8_t *key,
108  const DataChunk *data, uint_t dataLen, uint8_t *output);
109 
110 error_t ctrDrbgUpdate(CtrDrbgContext *context, const uint8_t *providedData,
111  size_t providedDataLen);
112 
113 error_t ctrDrbgLoadKey(CtrDrbgContext *context, const uint8_t *key);
114 
115 void ctrDrbgIncBlock(uint8_t *ctr, size_t blockLen, size_t ctrLen);
116 void ctrDrbgXorBlock(uint8_t *x, const uint8_t *a, const uint8_t *b, size_t n);
117 
118 //C++ guard
119 #ifdef __cplusplus
120 }
121 #endif
122 
123 #endif
ctrDrbgUpdate
error_t ctrDrbgUpdate(CtrDrbgContext *context, const uint8_t *providedData, size_t providedDataLen)
Update internal state.
Definition: ctr_drbg.c:839
ctrDrbgXorBlock
void ctrDrbgXorBlock(uint8_t *x, const uint8_t *a, const uint8_t *b, size_t n)
XOR operation.
Definition: ctr_drbg.c:971
CtrDrbgContext::keyLen
size_t keyLen
Key length.
Definition: ctr_drbg.h:63
bool_t
int bool_t
Definition: compiler_port.h:61
b
uint8_t b
Definition: nbns_common.h:122
a
uint8_t a
Definition: ndp.h:411
PrngAlgo
#define PrngAlgo
Definition: crypto.h:1008
x
uint8_t x
Definition: lldp_ext_med.h:211
cipher_algorithms.h
Collection of AEAD algorithms.
data
uint8_t data[]
Definition: ethernet.h:224
CipherContext
Generic cipher algorithm context.
Definition: cipher_algorithms.h:209
MAX_CIPHER_BLOCK_SIZE
#define MAX_CIPHER_BLOCK_SIZE
Definition: cipher_algorithms.h:159
CTR_DRBG_MAX_KEY_LEN
#define CTR_DRBG_MAX_KEY_LEN
Definition: ctr_drbg.h:39
error_t
error_t
Error codes.
Definition: error.h:43
CtrDrbgContext::securityStrength
size_t securityStrength
Security strength.
Definition: ctr_drbg.h:64
CtrDrbgContext::cipherContext
CipherContext cipherContext
Cipher context.
Definition: ctr_drbg.h:62
CtrDrbgContext::ctrLen
size_t ctrLen
Counter length.
Definition: ctr_drbg.h:66
ctrDrbgLoadKey
error_t ctrDrbgLoadKey(CtrDrbgContext *context, const uint8_t *key)
Load encryption key.
Definition: ctr_drbg.c:905
CtrDrbgContext::reseedCounter
uint64_t reseedCounter
Reseed counter.
Definition: ctr_drbg.h:70
CtrDrbgContext::mutex
OsMutex mutex
Mutex preventing simultaneous access to the PRNG state.
Definition: ctr_drbg.h:60
CtrDrbgContext::cipherAlgo
const CipherAlgo * cipherAlgo
Cipher function.
Definition: ctr_drbg.h:61
ctrDrbgDeinit
void ctrDrbgDeinit(CtrDrbgContext *context)
Release PRNG context.
Definition: ctr_drbg.c:570
ctrDrbgSeed
error_t ctrDrbgSeed(CtrDrbgContext *context, const uint8_t *seed, size_t length)
Seed the PRNG state.
Definition: ctr_drbg.c:138
ctrDrbgGenerateEx
error_t ctrDrbgGenerateEx(CtrDrbgContext *context, const uint8_t *additionalInput, size_t additionalInputLen, uint8_t *output, size_t outputLen)
Generate pseudorandom data (with additional input)
Definition: ctr_drbg.c:423
crypto.h
General definitions for cryptographic algorithms.
length
uint8_t length
Definition: tcp.h:375
blockCipherDf
error_t blockCipherDf(CtrDrbgContext *context, const DataChunk *input, uint_t inputLen, uint8_t *output, size_t outputLen)
Block cipher derivation function.
Definition: ctr_drbg.c:594
ctrDrbgPrngAlgo
const PrngAlgo ctrDrbgPrngAlgo
Definition: ctr_drbg.c:46
dataLen
uint32_t dataLen
Definition: sftp_common.h:229
ctrDrbgGenerate
error_t ctrDrbgGenerate(CtrDrbgContext *context, uint8_t *output, size_t length)
Generate pseudorandom data.
Definition: ctr_drbg.c:404
CtrDrbgContext::df
bool_t df
Use key derivation function.
Definition: ctr_drbg.h:65
OsMutex
Mutex object.
Definition: os_port_cmsis_rtos.h:136
DataChunk
Data chunk descriptor.
Definition: crypto.h:1052
ctrDrbgIncBlock
void ctrDrbgIncBlock(uint8_t *ctr, size_t blockLen, size_t ctrLen)
Increment counter block.
Definition: ctr_drbg.c:946
ctrDrbgBcc
error_t ctrDrbgBcc(CtrDrbgContext *context, const uint8_t *key, const DataChunk *data, uint_t dataLen, uint8_t *output)
BCC function.
Definition: ctr_drbg.c:754
ctrDrbgReseedEx
error_t ctrDrbgReseedEx(CtrDrbgContext *context, const uint8_t *entropyInput, size_t entropyInputLen, const uint8_t *additionalInput, size_t additionalInputLen)
Reseed the PRNG state (with additional input)
Definition: ctr_drbg.c:298
n
uint8_t n
Definition: dhcpv6_common.h:416
CipherAlgo
Common interface for encryption algorithms.
Definition: crypto.h:1164
CtrDrbgContext
CTR_DRBG PRNG context.
Definition: ctr_drbg.h:59
CtrDrbgContext::seedLen
size_t seedLen
Seed length.
Definition: ctr_drbg.h:67
uint_t
unsigned int uint_t
Definition: compiler_port.h:57
ctrDrbgSeedEx
error_t ctrDrbgSeedEx(CtrDrbgContext *context, const uint8_t *entropyInput, size_t entropyInputLen, const uint8_t *nonce, size_t nonceLen, const uint8_t *personalizationString, size_t personalizationStringLen)
Seed the PRNG state (with nonce and personalization string)
Definition: ctr_drbg.c:160
nonce
uint8_t nonce[]
Definition: ntp_common.h:239
ctrDrbgReseed
error_t ctrDrbgReseed(CtrDrbgContext *context, const uint8_t *seed, size_t length)
Reseed the PRNG state.
Definition: ctr_drbg.c:279
ctrDrbgInit
error_t ctrDrbgInit(CtrDrbgContext *context, const CipherAlgo *cipherAlgo, size_t keyLen, bool_t df)
Initialize PRNG context.
Definition: ctr_drbg.c:67