Mbed TLS v2.28.7
hmac_drbg.h
Go to the documentation of this file.
1 
10 /*
11  * Copyright The Mbed TLS Contributors
12  * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
13  */
14 #ifndef MBEDTLS_HMAC_DRBG_H
15 #define MBEDTLS_HMAC_DRBG_H
16 
17 #if !defined(MBEDTLS_CONFIG_FILE)
18 #include "mbedtls/config.h"
19 #else
20 #include MBEDTLS_CONFIG_FILE
21 #endif
22 
23 #include "mbedtls/md.h"
24 
25 #if defined(MBEDTLS_THREADING_C)
26 #include "mbedtls/threading.h"
27 #endif
28 
29 /*
30  * Error codes
31  */
33 #define MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG -0x0003
34 
35 #define MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG -0x0005
36 
37 #define MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR -0x0007
38 
39 #define MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED -0x0009
40 
49 #if !defined(MBEDTLS_HMAC_DRBG_RESEED_INTERVAL)
50 #define MBEDTLS_HMAC_DRBG_RESEED_INTERVAL 10000
51 #endif
52 
53 #if !defined(MBEDTLS_HMAC_DRBG_MAX_INPUT)
54 #define MBEDTLS_HMAC_DRBG_MAX_INPUT 256
55 #endif
56 
57 #if !defined(MBEDTLS_HMAC_DRBG_MAX_REQUEST)
58 #define MBEDTLS_HMAC_DRBG_MAX_REQUEST 1024
59 #endif
60 
61 #if !defined(MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT)
62 #define MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT 384
63 #endif
64 
67 #define MBEDTLS_HMAC_DRBG_PR_OFF 0
68 #define MBEDTLS_HMAC_DRBG_PR_ON 1
70 #ifdef __cplusplus
71 extern "C" {
72 #endif
73 
77 typedef struct mbedtls_hmac_drbg_context {
78  /* Working state: the key K is not stored explicitly,
79  * but is implied by the HMAC context */
81  unsigned char V[MBEDTLS_MD_MAX_SIZE];
84  /* Administrative state */
85  size_t entropy_len;
90  /* Callbacks */
91  int (*f_entropy)(void *, unsigned char *, size_t);
92  void *p_entropy;
94 #if defined(MBEDTLS_THREADING_C)
95  /* Invariant: the mutex is initialized if and only if
96  * md_ctx->md_info != NULL. This means that the mutex is initialized
97  * during the initial seeding in mbedtls_hmac_drbg_seed() or
98  * mbedtls_hmac_drbg_seed_buf() and freed in mbedtls_ctr_drbg_free().
99  *
100  * Note that this invariant may change without notice. Do not rely on it
101  * and do not access the mutex directly in application code.
102  */
104 #endif
106 
120 
153 #if defined(MBEDTLS_THREADING_C)
154 
161 #endif /* MBEDTLS_THREADING_C */
162 
190  const mbedtls_md_info_t *md_info,
191  int (*f_entropy)(void *, unsigned char *, size_t),
192  void *p_entropy,
193  const unsigned char *custom,
194  size_t len);
195 
202 #if defined(MBEDTLS_THREADING_C)
203 
210 #endif /* MBEDTLS_THREADING_C */
211 
225  const mbedtls_md_info_t *md_info,
226  const unsigned char *data, size_t data_len);
227 
242  int resistance);
243 
254  size_t len);
255 
269  int interval);
270 
289  const unsigned char *additional, size_t add_len);
290 
316  const unsigned char *additional, size_t len);
317 
349 int mbedtls_hmac_drbg_random_with_add(void *p_rng,
350  unsigned char *output, size_t output_len,
351  const unsigned char *additional,
352  size_t add_len);
353 
360 #if defined(MBEDTLS_THREADING_C)
361 
367 #endif /* MBEDTLS_THREADING_C */
368 
381 int mbedtls_hmac_drbg_random(void *p_rng, unsigned char *output, size_t out_len);
382 
390 
391 #if !defined(MBEDTLS_DEPRECATED_REMOVED)
392 #if defined(MBEDTLS_DEPRECATED_WARNING)
393 #define MBEDTLS_DEPRECATED __attribute__((deprecated))
394 #else
395 #define MBEDTLS_DEPRECATED
396 #endif
397 
411  const unsigned char *additional, size_t add_len);
412 #undef MBEDTLS_DEPRECATED
413 #endif /* !MBEDTLS_DEPRECATED_REMOVED */
414 
415 #if defined(MBEDTLS_FS_IO)
416 
428 
444 #endif /* MBEDTLS_FS_IO */
445 
446 
447 #if defined(MBEDTLS_SELF_TEST)
448 
454 int mbedtls_hmac_drbg_self_test(int verbose);
455 #endif
456 
457 #ifdef __cplusplus
458 }
459 #endif
460 
461 #endif /* hmac_drbg.h */
int mbedtls_hmac_drbg_seed(mbedtls_hmac_drbg_context *ctx, const mbedtls_md_info_t *md_info, int(*f_entropy)(void *, unsigned char *, size_t), void *p_entropy, const unsigned char *custom, size_t len)
HMAC_DRBG initial seeding.
#define MBEDTLS_MD_MAX_SIZE
Definition: md.h:64
int mbedtls_hmac_drbg_seed_buf(mbedtls_hmac_drbg_context *ctx, const mbedtls_md_info_t *md_info, const unsigned char *data, size_t data_len)
Initialisation of simplified HMAC_DRBG (never reseeds).
void mbedtls_hmac_drbg_set_reseed_interval(mbedtls_hmac_drbg_context *ctx, int interval)
Set the reseed interval.
void mbedtls_hmac_drbg_free(mbedtls_hmac_drbg_context *ctx)
This function resets HMAC_DRBG context to the state immediately after initial call of mbedtls_hmac_dr...
int mbedtls_hmac_drbg_random(void *p_rng, unsigned char *output, size_t out_len)
This function uses HMAC_DRBG to generate random data.
Configuration options (set of defines)
int mbedtls_hmac_drbg_self_test(int verbose)
The HMAC_DRBG Checkup routine.
mbedtls_threading_mutex_t mutex
Definition: hmac_drbg.h:103
int(* f_entropy)(void *, unsigned char *, size_t)
Definition: hmac_drbg.h:91
unsigned char V[MBEDTLS_MD_MAX_SIZE]
Definition: hmac_drbg.h:81
Threading abstraction layer.
struct mbedtls_hmac_drbg_context mbedtls_hmac_drbg_context
#define MBEDTLS_DEPRECATED
Definition: hmac_drbg.h:395
MBEDTLS_DEPRECATED void mbedtls_hmac_drbg_update(mbedtls_hmac_drbg_context *ctx, const unsigned char *additional, size_t add_len)
This function updates the state of the HMAC_DRBG context.
int mbedtls_hmac_drbg_update_seed_file(mbedtls_hmac_drbg_context *ctx, const char *path)
This function reads and updates a seed file. The seed is added to this instance.
This file contains the generic message-digest wrapper.
void mbedtls_hmac_drbg_init(mbedtls_hmac_drbg_context *ctx)
HMAC_DRBG context initialization.
int mbedtls_hmac_drbg_random_with_add(void *p_rng, unsigned char *output, size_t output_len, const unsigned char *additional, size_t add_len)
This function updates an HMAC_DRBG instance with additional data and uses it to generate random data...
int mbedtls_hmac_drbg_reseed(mbedtls_hmac_drbg_context *ctx, const unsigned char *additional, size_t len)
This function reseeds the HMAC_DRBG context, that is extracts data from the entropy source...
struct mbedtls_md_info_t mbedtls_md_info_t
Definition: md.h:78
mbedtls_md_context_t md_ctx
Definition: hmac_drbg.h:80
int mbedtls_hmac_drbg_write_seed_file(mbedtls_hmac_drbg_context *ctx, const char *path)
This function writes a seed file.
int mbedtls_hmac_drbg_update_ret(mbedtls_hmac_drbg_context *ctx, const unsigned char *additional, size_t add_len)
This function updates the state of the HMAC_DRBG context.
void mbedtls_hmac_drbg_set_entropy_len(mbedtls_hmac_drbg_context *ctx, size_t len)
This function sets the amount of entropy grabbed on each seed or reseed.
void mbedtls_hmac_drbg_set_prediction_resistance(mbedtls_hmac_drbg_context *ctx, int resistance)
This function turns prediction resistance on or off. The default value is off.