33 #if defined(POLARSSL_CTR_DRBG_C)
37 #if defined(POLARSSL_FS_IO)
47 int (*f_entropy)(
void *,
unsigned char *,
size_t),
49 const unsigned char *custom,
77 int (*f_entropy)(
void *,
unsigned char *,
size_t),
79 const unsigned char *custom,
101 int block_cipher_df(
unsigned char *output,
102 const unsigned char *data,
size_t data_len )
108 unsigned char *p = buf, *iv;
111 int i, j, buf_len, use_len;
123 *p++ = ( data_len >> 24 ) & 0xff;
124 *p++ = ( data_len >> 16 ) & 0xff;
125 *p++ = ( data_len >> 8 ) & 0xff;
126 *p++ = ( data_len ) & 0xff;
129 memcpy( p, data, data_len );
132 buf_len = CTR_DRBG_BLOCKSIZE + 8 + data_len + 1;
145 memset( chain, 0, CTR_DRBG_BLOCKSIZE );
158 memcpy( tmp + j, chain, CTR_DRBG_BLOCKSIZE );
176 memcpy( p, iv, CTR_DRBG_BLOCKSIZE );
184 const unsigned char data[CTR_DRBG_SEEDLEN] )
187 unsigned char *p = tmp;
190 memset( tmp, 0, CTR_DRBG_SEEDLEN );
197 i = CTR_DRBG_BLOCKSIZE - 1;
201 }
while( i-- && cb );
218 memcpy( ctx->
counter, tmp + CTR_DRBG_KEYSIZE, CTR_DRBG_BLOCKSIZE );
224 const unsigned char *additional,
size_t add_len )
230 block_cipher_df( add_input, additional, add_len );
231 ctr_drbg_update_internal( ctx, add_input );
236 const unsigned char *additional,
size_t len )
260 if( additional && len )
262 memcpy( seed + seedlen, additional, len );
269 block_cipher_df( seed, seed, seedlen );
274 ctr_drbg_update_internal( ctx, seed );
281 unsigned char *output,
size_t output_len,
282 const unsigned char *additional,
size_t add_len )
287 unsigned char *p = output;
298 memset( add_input, 0, CTR_DRBG_SEEDLEN );
311 block_cipher_df( add_input, additional, add_len );
312 ctr_drbg_update_internal( ctx, add_input );
315 while( output_len > 0 )
320 i = CTR_DRBG_BLOCKSIZE - 1;
324 }
while( i-- && cb );
335 memcpy( p, tmp, use_len );
337 output_len -= use_len;
340 ctr_drbg_update_internal( ctx, add_input );
347 int ctr_drbg_random(
void *p_rng,
unsigned char *output,
size_t output_len )
352 #if defined(POLARSSL_FS_IO)
359 if( ( f = fopen( path,
"wb" ) ) == NULL )
381 if( ( f = fopen( path,
"rb" ) ) == NULL )
384 fseek( f, 0, SEEK_END );
385 n = (size_t) ftell( f );
386 fseek( f, 0, SEEK_SET );
391 if( fread( buf, 1, n, f ) != n )
401 return( ctr_drbg_write_seed_file( ctx, path ) );
405 #if defined(POLARSSL_SELF_TEST)
409 unsigned char entropy_source_pr[96] =
410 { 0xc1, 0x80, 0x81, 0xa6, 0x5d, 0x44, 0x02, 0x16,
411 0x19, 0xb3, 0xf1, 0x80, 0xb1, 0xc9, 0x20, 0x02,
412 0x6a, 0x54, 0x6f, 0x0c, 0x70, 0x81, 0x49, 0x8b,
413 0x6e, 0xa6, 0x62, 0x52, 0x6d, 0x51, 0xb1, 0xcb,
414 0x58, 0x3b, 0xfa, 0xd5, 0x37, 0x5f, 0xfb, 0xc9,
415 0xff, 0x46, 0xd2, 0x19, 0xc7, 0x22, 0x3e, 0x95,
416 0x45, 0x9d, 0x82, 0xe1, 0xe7, 0x22, 0x9f, 0x63,
417 0x31, 0x69, 0xd2, 0x6b, 0x57, 0x47, 0x4f, 0xa3,
418 0x37, 0xc9, 0x98, 0x1c, 0x0b, 0xfb, 0x91, 0x31,
419 0x4d, 0x55, 0xb9, 0xe9, 0x1c, 0x5a, 0x5e, 0xe4,
420 0x93, 0x92, 0xcf, 0xc5, 0x23, 0x12, 0xd5, 0x56,
421 0x2c, 0x4a, 0x6e, 0xff, 0xdc, 0x10, 0xd0, 0x68 };
423 unsigned char entropy_source_nopr[64] =
424 { 0x5a, 0x19, 0x4d, 0x5e, 0x2b, 0x31, 0x58, 0x14,
425 0x54, 0xde, 0xf6, 0x75, 0xfb, 0x79, 0x58, 0xfe,
426 0xc7, 0xdb, 0x87, 0x3e, 0x56, 0x89, 0xfc, 0x9d,
427 0x03, 0x21, 0x7c, 0x68, 0xd8, 0x03, 0x38, 0x20,
428 0xf9, 0xe6, 0x5e, 0x04, 0xd8, 0x56, 0xf3, 0xa9,
429 0xc4, 0x4a, 0x4c, 0xbd, 0xc1, 0xd0, 0x08, 0x46,
430 0xf5, 0x98, 0x3d, 0x77, 0x1c, 0x1b, 0x13, 0x7e,
431 0x4e, 0x0f, 0x9d, 0x8e, 0xf4, 0x09, 0xf9, 0x2e };
433 unsigned char nonce_pers_pr[16] =
434 { 0xd2, 0x54, 0xfc, 0xff, 0x02, 0x1e, 0x69, 0xd2,
435 0x29, 0xc9, 0xcf, 0xad, 0x85, 0xfa, 0x48, 0x6c };
437 unsigned char nonce_pers_nopr[16] =
438 { 0x1b, 0x54, 0xb8, 0xff, 0x06, 0x42, 0xbf, 0xf5,
439 0x21, 0xf1, 0x5c, 0x1c, 0x0b, 0x66, 0x5f, 0x3f };
441 unsigned char result_pr[16] =
442 { 0x34, 0x01, 0x16, 0x56, 0xb4, 0x29, 0x00, 0x8f,
443 0x35, 0x63, 0xec, 0xb5, 0xf2, 0x59, 0x07, 0x23 };
445 unsigned char result_nopr[16] =
446 { 0xa0, 0x54, 0x30, 0x3d, 0x8a, 0x7e, 0xa9, 0x88,
447 0x9d, 0x90, 0x3e, 0x07, 0x7c, 0x6f, 0x21, 0x8f };
450 int ctr_drbg_self_test_entropy(
void *data,
unsigned char *buf,
size_t len )
452 unsigned char *p = data;
453 memcpy( buf, p + test_offset, len );
464 unsigned char buf[16];
470 printf(
" CTR_DRBG (PR = TRUE) : " );
476 printf(
"failed\n" );
485 printf(
"failed\n" );
493 printf(
"failed\n" );
498 if( memcmp( buf, result_pr, CTR_DRBG_BLOCKSIZE ) != 0 )
501 printf(
"failed\n" );
507 printf(
"passed\n" );
513 printf(
" CTR_DRBG (PR = FALSE): " );
519 printf(
"failed\n" );
527 printf(
"failed\n" );
535 printf(
"failed\n" );
543 printf(
"failed\n" );
548 if( memcmp( buf, result_nopr, 16 ) != 0 )
551 printf(
"failed\n" );
557 printf(
"passed\n" );