Add hmac_random_with_add()

2014-01-30 12:19:26 +01:00 · 2014-01-30 12:19:26 +01:00 · 8208d167da
commit 8208d167da
parent 7845fc06c9
2 changed files with 54 additions and 8 deletions
--- a/include/polarssl/hmac_drbg.h
+++ b/include/polarssl/hmac_drbg.h
@ -75,16 +75,38 @@ int hmac_drbg_init( hmac_drbg_context *ctx,
 void hmac_drbg_update( hmac_drbg_context *ctx,
                       const unsigned char *additional, size_t add_len );

+/**
+ * \brief               HMAC_DRBG generate random with additional update input
+ *
+ * Note: Automatically reseeds if reseed_counter is reached.
+ *
+ * \param p_rng         HMAC_DRBG context
+ * \param output        Buffer to fill
+ * \param output_len    Length of the buffer
+ * \param additional    Additional data to update with (can be NULL)
+ * \param add_len       Length of additional data (can be 0)
+ *
+ * \return              0 if successful, or
+ *                      TODO: POLARSSL_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED, or
+ *                      TODO: POLARSSL_ERR_HMAC_DRBG_REQUEST_TOO_BIG
+ */
+int hmac_drbg_random_with_add( void *p_rng,
+                               unsigned char *output, size_t output_len,
+                               const unsigned char *additional,
+                               size_t add_len );
+
 /**
 * \brief               HMAC_DRBG generate random
 *
- * Note: Automatically reseeds if reseed_counter is reached. (TODO)
+ * Note: Automatically reseeds if reseed_counter is reached.
 *
 * \param p_rng         HMAC_DRBG context
 * \param output        Buffer to fill
 * \param output_len    Length of the buffer
 *
- * \return              0 if successful.
+ * \return              0 if successful, or
+ *                      TODO: POLARSSL_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED, or
+ *                      TODO: POLARSSL_ERR_HMAC_DRBG_REQUEST_TOO_BIG
 */
 int hmac_drbg_random( void *p_rng, unsigned char *output, size_t out_len );

--- a/library/hmac_drbg.c
+++ b/library/hmac_drbg.c
@ -24,8 +24,9 @@
 */

 /*
- *  The NIST SP 800-90 DRBGs are described in the following publication.
+ *  The NIST SP 800-90A DRBGs are described in the following publication.
 *  http://csrc.nist.gov/publications/nistpubs/800-90A/SP800-90A.pdf
+ *  References below are based on rev. 1 (January 2012).
 */

 #include "polarssl/config.h"
@ -35,7 +36,7 @@
 #include "polarssl/hmac_drbg.h"

 /*
- * HMAC_DRBG update, using optional additional data
+ * HMAC_DRBG update, using optional additional data (10.1.2.2)
 */
 void hmac_drbg_update( hmac_drbg_context *ctx,
                       const unsigned char *additional, size_t add_len )
@ -46,6 +47,7 @@ void hmac_drbg_update( hmac_drbg_context *ctx,

    for( sep[0] = 0; sep[0] < rounds; sep[0]++ )
    {
+        /* Step 1 or 4 */
        md_hmac_starts( &ctx->md_ctx, ctx->K, md_len );
        md_hmac_update( &ctx->md_ctx, ctx->V, md_len );
        md_hmac_update( &ctx->md_ctx, sep, 1 );
@ -53,6 +55,7 @@ void hmac_drbg_update( hmac_drbg_context *ctx,
            md_hmac_update( &ctx->md_ctx, additional, add_len );
        md_hmac_finish( &ctx->md_ctx, ctx->K );

+        /* Step 2 or 5 */
        md_hmac_starts( &ctx->md_ctx, ctx->K, md_len );
        md_hmac_update( &ctx->md_ctx, ctx->V, md_len );
        md_hmac_finish( &ctx->md_ctx, ctx->V );
@ -82,15 +85,24 @@ int hmac_drbg_init( hmac_drbg_context *ctx,
 }

 /*
- * Simplified HMAC_DRBG random function
+ * HMAC_DRBG random function with optional additional data (10.1.2.5)
 */
-int hmac_drbg_random( void *p_rng, unsigned char *output, size_t out_len )
+int hmac_drbg_random_with_add( void *p_rng,
+                               unsigned char *output, size_t out_len,
+                               const unsigned char *additional, size_t add_len )
 {
    hmac_drbg_context *ctx = (hmac_drbg_context *) p_rng;
-    size_t md_len = ctx->md_ctx.md_info->size;
+    size_t md_len = md_get_size( ctx->md_ctx.md_info );
    size_t left = out_len;
    unsigned char *out = output;

+    /* 1. Check reseed counter (TODO) */
+
+    /* 2. Use additional data if any */
+    if( additional != NULL && add_len != 0 )
+        hmac_drbg_update( ctx, additional, add_len );
+
+    /* 3, 4, 5. Generate bytes */
    while( left != 0 )
    {
        size_t use_len = left > md_len ? md_len : left;
@ -104,11 +116,23 @@ int hmac_drbg_random( void *p_rng, unsigned char *output, size_t out_len )
        left -= use_len;
    }

-    hmac_drbg_update( ctx, NULL, 0 );
+    /* 6. Update */
+    hmac_drbg_update( ctx, additional, add_len );

+    /* 7. Update reseed counter (TODO) */
+
+    /* 8. Done */
    return( 0 );
 }

+/*
+ * HMAC_DRBG random function
+ */
+int hmac_drbg_random( void *p_rng, unsigned char *output, size_t out_len )
+{
+    return( hmac_drbg_random_with_add( p_rng, output, out_len, NULL, 0 ) );
+}
+
 /*
 * Free an HMAC_DRBG context
 */