API参考
载入中...
搜索中...
未找到
drbg_local.h
1/*
2 * This file is part of the openHiTLS project.
3 *
4 * openHiTLS is licensed under the Mulan PSL v2.
5 * You can use this software according to the terms and conditions of the Mulan PSL v2.
6 * You may obtain a copy of Mulan PSL v2 at:
7 *
8 * http://license.coscl.org.cn/MulanPSL2
9 *
10 * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND,
11 * EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT,
12 * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE.
13 * See the Mulan PSL v2 for more details.
14 */
15
16#ifndef DRBG_LOCAL_H
17#define DRBG_LOCAL_H
18
19#include "hitls_build.h"
20#ifdef HITLS_CRYPTO_DRBG
21
22#include <stdint.h>
23#include "crypt_drbg.h"
24
25#ifdef __cplusplus
26extern "C" {
27#endif
28
29// Relationship between the number of NONCE and ENTROPY
30#define DRBG_NONCE_FROM_ENTROPY (2)
31
32/* Mapping between RAND and specific random number generation algorithms */
33#define RAND_TYPE_MD 1
34#define RAND_TYPE_MAC 2
35#define RAND_TYPE_AES 3
36#define RAND_TYPE_AES_DF 4
37#define RAND_TYPE_SM4_DF 5
38
39typedef enum {
40 DRBG_STATE_UNINITIALISED,
41 DRBG_STATE_READY,
42 DRBG_STATE_ERROR,
43} DRBG_State;
44
45typedef struct {
46 int32_t (*instantiate)(DRBG_Ctx *ctx, const CRYPT_Data *entropy,
47 const CRYPT_Data *nonce, const CRYPT_Data *pers);
48 int32_t (*generate)(DRBG_Ctx *ctx, uint8_t *out, uint32_t outLen, const CRYPT_Data *adin);
49 int32_t (*reseed)(DRBG_Ctx *ctx, const CRYPT_Data *entropy, const CRYPT_Data *adin);
50 void (*uninstantiate)(DRBG_Ctx *ctx);
51 DRBG_Ctx* (*dup)(DRBG_Ctx *ctx);
52 void (*free)(DRBG_Ctx *ctx);
53} DRBG_Method;
54
55struct DrbgCtx {
56 bool isGm;
57 DRBG_State state; /* DRBG state */
58
59 uint32_t reseedCtr; /* reseed counter */
60 uint32_t reseedInterval; /* reseed interval times */
61#if defined(HITLS_CRYPTO_DRBG_GM)
62 uint64_t lastReseedTime; /* last reseed time, uint: second */
63 uint64_t reseedIntervalTime; /* Time threshold for reseed, uint: second */
64#endif
65
66 uint32_t strength; /* Algorithm strength */
67 uint32_t maxRequest; /* Maximum number of bytes per request, which is determined by the algorithm. */
68
69 CRYPT_Range entropyRange; /* entropy size range */
70 CRYPT_Range nonceRange; /* nonce size range */
71
72 uint32_t maxPersLen; /* Maximum private data length */
73 uint32_t maxAdinLen; /* Maximum additional data length */
74
75 DRBG_Method *meth; /* Internal different mode method */
76 void *ctx; /* Mode Context */
77
78 /* seed function, which is related to the entropy source and DRBG generation.
79 When seedMeth and seedCtx are empty, the default entropy source is used. */
80 CRYPT_RandSeedMethod seedMeth;
81 void *seedCtx; /* Seed context */
82 bool predictionResistance;
83
84 void *libCtx; /* Library context */
85
86 int32_t forkId;
87};
88
89#ifdef HITLS_CRYPTO_DRBG_HASH
103DRBG_Ctx *DRBG_NewHashCtx(const EAL_MdMethod *md, bool isGm, const CRYPT_RandSeedMethod *seedMeth, void *seedCtx);
104#endif
105
106#ifdef HITLS_CRYPTO_DRBG_HMAC
121DRBG_Ctx *DRBG_NewHmacCtx(void *libCtx, const EAL_MacMethod *hmacMeth, CRYPT_MAC_AlgId macId,
122 const CRYPT_RandSeedMethod *seedMeth, void *seedCtx);
123#endif
124
125#ifdef HITLS_CRYPTO_DRBG_CTR
141DRBG_Ctx *DRBG_NewCtrCtx(const EAL_SymMethod *ciphMeth, uint32_t keyLen, bool isGm,
142 bool isUsedDf, const CRYPT_RandSeedMethod *seedMeth, void *seedCtx);
143#endif
144
145#ifdef __cplusplus
146}
147#endif
148
149#endif // HITLS_CRYPTO_DRBG
150
151#endif // DRBG_LOCAL_H
CRYPT_MAC_AlgId
CRYPT_MAC_AlgId
定义 crypt_algid.h:91
CRYPT_Data
定义 crypt_types.h:38
CRYPT_RandSeedMethod
定义 crypt_types.h:587
EAL_MacMethod
定义 crypt_local_types.h:303
EAL_MdMethod
定义 crypt_local_types.h:63
EAL_SymMethod
定义 crypt_local_types.h:241