/* DRBG flags */
-/* Enable prediction resistance */
-#define DRBG_FLAG_PREDICTION_RESISTANCE 0x1
-/* CTR only: use derivation function */
-#define DRBG_FLAG_CTR_USE_DF 0x2
-/* PRNG is in test state */
-#define DRBG_FLAG_TEST 0x4
+/* Functions shouldn't call err library */
+#define DRBG_FLAG_NOERR 0x4
/* DRBG status values */
/* not initialised */
/* fatal error condition */
#define DRBG_STATUS_ERROR 3
-/* Maximum values for temp entropy and nonce */
-#define DRBG_MAX_ENTROPY 1024
-#define DRBG_MAX_NONCE 1024
-
/* A default maximum length: larger than any reasonable value used in pratice */
-#define DRBG_MAX_LENGTH 0x7fffffff
+#define DRBG_MAX_LENGTH 0x7ffffff0
+/* Maximum DRBG block length: all md sizes are bigger than cipher blocks sizes
+ * so use max digest length.
+ */
+#define DRBG_MAX_BLOCK EVP_MAX_MD_SIZE
+
+#define DRBG_HEALTH_INTERVAL (1 << 24)
/* DRBG context structure */
int type;
/* Various flags */
unsigned int flags;
+ /* Used for periodic health checks */
+ int health_check_cnt, health_check_interval;
/* The following parameters are setup by mechanism drbg_init() call */
int strength;
/* uninstantiate */
int (*uninstantiate)(DRBG_CTX *ctx);
- unsigned char entropy[DRBG_MAX_ENTROPY];
+ /* Entropy source block length */
+ size_t entropy_blocklen;
/* entropy gathering function */
- size_t (*get_entropy)(DRBG_CTX *ctx, unsigned char *out,
+ size_t (*get_entropy)(DRBG_CTX *ctx, unsigned char **pout,
int entropy, size_t min_len, size_t max_len);
-
- unsigned char nonce[DRBG_MAX_NONCE];
+ /* Indicates we have finished with entropy buffer */
+ void (*cleanup_entropy)(DRBG_CTX *ctx, unsigned char *out, size_t olen);
/* nonce gathering function */
- size_t (*get_nonce)(DRBG_CTX *ctx, unsigned char *out,
+ size_t (*get_nonce)(DRBG_CTX *ctx, unsigned char **pout,
int entropy, size_t min_len, size_t max_len);
-
+ /* Indicates we have finished with nonce buffer */
+ void (*cleanup_nonce)(DRBG_CTX *ctx, unsigned char *out, size_t olen);
+
+ /* Continuous random number test temporary area */
+ /* Last block */
+ unsigned char lb[EVP_MAX_MD_SIZE];
+ /* set if lb is valid */
+ int lb_valid;
+
+ /* Callbacks used when called through RAND interface */
+ /* Get any additional input for generate */
+ size_t (*get_adin)(DRBG_CTX *ctx, unsigned char **pout);
+ void (*cleanup_adin)(DRBG_CTX *ctx, unsigned char *out, size_t olen);
+ /* Callback for RAND_seed(), RAND_add() */
+ int (*rand_seed_cb)(DRBG_CTX *ctx, const void *buf, int num);
+ int (*rand_add_cb)(DRBG_CTX *ctx,
+ const void *buf, int num, double entropy);
};
int fips_drbg_ctr_init(DRBG_CTX *dctx);
int fips_drbg_hash_init(DRBG_CTX *dctx);
+int fips_drbg_kat(DRBG_CTX *dctx, int nid, unsigned int flags);
+int fips_drbg_cprng_test(DRBG_CTX *dctx, const unsigned char *out);