rand_drbg.h
5.39 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
/*
* Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#ifndef HEADER_DRBG_RAND_H
# define HEADER_DRBG_RAND_H
# include <time.h>
# include <openssl/ossl_typ.h>
/*
* RAND_DRBG flags
*
* Note: if new flags are added, the constant `rand_drbg_used_flags`
* in drbg_lib.c needs to be updated accordingly.
*/
/* In CTR mode, disable derivation function ctr_df */
# define RAND_DRBG_FLAG_CTR_NO_DF 0x1
/*
* This flag is only used when a digest NID is specified (i.e: not a CTR cipher)
* Selects DRBG_HMAC if this is set otherwise use DRBG_HASH.
*/
# define RAND_DRBG_FLAG_HMAC 0x2
/* Used by RAND_DRBG_set_defaults() to set the master DRBG type and flags. */
# define RAND_DRBG_FLAG_MASTER 0x4
/* Used by RAND_DRBG_set_defaults() to set the public DRBG type and flags. */
# define RAND_DRBG_FLAG_PUBLIC 0x8
/* Used by RAND_DRBG_set_defaults() to set the private DRBG type and flags. */
# define RAND_DRBG_FLAG_PRIVATE 0x10
# if OPENSSL_API_COMPAT < 0x10200000L
/* This #define was replaced by an internal constant and should not be used. */
# define RAND_DRBG_USED_FLAGS (RAND_DRBG_FLAG_CTR_NO_DF)
# endif
/*
* Default security strength (in the sense of [NIST SP 800-90Ar1])
*
* NIST SP 800-90Ar1 supports the strength of the DRBG being smaller than that
* of the cipher by collecting less entropy. The current DRBG implementation
* does not take RAND_DRBG_STRENGTH into account and sets the strength of the
* DRBG to that of the cipher.
*
* RAND_DRBG_STRENGTH is currently only used for the legacy RAND
* implementation.
*
* Currently supported ciphers are: NID_aes_128_ctr, NID_aes_192_ctr and
* NID_aes_256_ctr.
* The digest types for DRBG_hash or DRBG_hmac are: NID_sha1, NID_sha224,
* NID_sha256, NID_sha384, NID_sha512, NID_sha512_224, NID_sha512_256,
* NID_sha3_224, NID_sha3_256, NID_sha3_384 and NID_sha3_512.
*/
# define RAND_DRBG_STRENGTH 256
/* Default drbg type */
# define RAND_DRBG_TYPE NID_aes_256_ctr
/* Default drbg flags */
# define RAND_DRBG_FLAGS 0
# ifdef __cplusplus
extern "C" {
# endif
/*
* Object lifetime functions.
*/
RAND_DRBG *RAND_DRBG_new(int type, unsigned int flags, RAND_DRBG *parent);
RAND_DRBG *RAND_DRBG_secure_new(int type, unsigned int flags, RAND_DRBG *parent);
int RAND_DRBG_set(RAND_DRBG *drbg, int type, unsigned int flags);
int RAND_DRBG_set_defaults(int type, unsigned int flags);
int RAND_DRBG_instantiate(RAND_DRBG *drbg,
const unsigned char *pers, size_t perslen);
int RAND_DRBG_uninstantiate(RAND_DRBG *drbg);
void RAND_DRBG_free(RAND_DRBG *drbg);
/*
* Object "use" functions.
*/
int RAND_DRBG_reseed(RAND_DRBG *drbg,
const unsigned char *adin, size_t adinlen,
int prediction_resistance);
int RAND_DRBG_generate(RAND_DRBG *drbg, unsigned char *out, size_t outlen,
int prediction_resistance,
const unsigned char *adin, size_t adinlen);
int RAND_DRBG_bytes(RAND_DRBG *drbg, unsigned char *out, size_t outlen);
int RAND_DRBG_set_reseed_interval(RAND_DRBG *drbg, unsigned int interval);
int RAND_DRBG_set_reseed_time_interval(RAND_DRBG *drbg, time_t interval);
int RAND_DRBG_set_reseed_defaults(
unsigned int master_reseed_interval,
unsigned int slave_reseed_interval,
time_t master_reseed_time_interval,
time_t slave_reseed_time_interval
);
RAND_DRBG *RAND_DRBG_get0_master(void);
RAND_DRBG *RAND_DRBG_get0_public(void);
RAND_DRBG *RAND_DRBG_get0_private(void);
/*
* EXDATA
*/
# define RAND_DRBG_get_ex_new_index(l, p, newf, dupf, freef) \
CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_DRBG, l, p, newf, dupf, freef)
int RAND_DRBG_set_ex_data(RAND_DRBG *drbg, int idx, void *arg);
void *RAND_DRBG_get_ex_data(const RAND_DRBG *drbg, int idx);
/*
* Callback function typedefs
*/
typedef size_t (*RAND_DRBG_get_entropy_fn)(RAND_DRBG *drbg,
unsigned char **pout,
int entropy, size_t min_len,
size_t max_len,
int prediction_resistance);
typedef void (*RAND_DRBG_cleanup_entropy_fn)(RAND_DRBG *ctx,
unsigned char *out, size_t outlen);
typedef size_t (*RAND_DRBG_get_nonce_fn)(RAND_DRBG *drbg, unsigned char **pout,
int entropy, size_t min_len,
size_t max_len);
typedef void (*RAND_DRBG_cleanup_nonce_fn)(RAND_DRBG *drbg,
unsigned char *out, size_t outlen);
int RAND_DRBG_set_callbacks(RAND_DRBG *drbg,
RAND_DRBG_get_entropy_fn get_entropy,
RAND_DRBG_cleanup_entropy_fn cleanup_entropy,
RAND_DRBG_get_nonce_fn get_nonce,
RAND_DRBG_cleanup_nonce_fn cleanup_nonce);
# ifdef __cplusplus
}
# endif
#endif