#ifndef _IPXE_DRBG_H
#define _IPXE_DRBG_H
/** @file
*
* DRBG mechanism
*
*/
FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
#include <stdint.h>
#include <ipxe/sha256.h>
#include <ipxe/hmac_drbg.h>
/** Choose HMAC_DRBG using SHA-256
*
* HMAC_DRBG using SHA-256 is an Approved algorithm in ANS X9.82.
*/
#define HMAC_DRBG_ALGORITHM HMAC_DRBG_SHA256
/** Maximum security strength */
#define DRBG_MAX_SECURITY_STRENGTH \
HMAC_DRBG_MAX_SECURITY_STRENGTH ( HMAC_DRBG_ALGORITHM )
/** Security strength
*
* We choose to operate at a strength of 128 bits.
*/
#define DRBG_SECURITY_STRENGTH 128
/** Minimum entropy input length */
#define DRBG_MIN_ENTROPY_LEN_BYTES \
HMAC_DRBG_MIN_ENTROPY_LEN_BYTES ( DRBG_SECURITY_STRENGTH )
/** Maximum entropy input length */
#define DRBG_MAX_ENTROPY_LEN_BYTES HMAC_DRBG_MAX_ENTROPY_LEN_BYTES
/** Maximum personalisation string length */
#define DRBG_MAX_PERSONAL_LEN_BYTES HMAC_DRBG_MAX_PERSONAL_LEN_BYTES
/** Maximum additional input length */
#define DRBG_MAX_ADDITIONAL_LEN_BYTES HMAC_DRBG_MAX_ADDITIONAL_LEN_BYTES
/** Maximum length of generated pseudorandom data per request */
#define DRBG_MAX_GENERATED_LEN_BYTES HMAC_DRBG_MAX_GENERATED_LEN_BYTES
/** A Deterministic Random Bit Generator */
struct drbg_state {
/** Algorithm internal state */
struct hmac_drbg_state internal;
/** Reseed required flag */
int reseed_required;
/** State is valid */
int valid;
};
/**
* Instantiate DRBG algorithm
*
* @v state Algorithm state
* @v entropy Entropy input
* @v entropy_len Length of entropy input
* @v personal Personalisation string
* @v personal_len Length of personalisation string
*
* This is the Instantiate_algorithm function defined in ANS X9.82
* Part 3-2007 Section 9.2 (NIST SP 800-90 Section 9.1).
*/
static inline void drbg_instantiate_algorithm ( struct drbg_state *state,
const void *entropy,
size_t entropy_len,
const void *personal,
size_t personal_len ) {
hmac_drbg_instantiate ( HMAC_DRBG_HASH ( HMAC_DRBG_ALGORITHM ),
&state->internal, entropy, entropy_len,
personal, personal_len );
}
/**
* Reseed DRBG algorithm
*
* @v state Algorithm state
* @v entropy Entropy input
* @v entropy_len Length of entropy input
* @v additional Additional input
* @v additional_len Length of additional input
*
* This is the Reseed_algorithm function defined in ANS X9.82
* Part 3-2007 Section 9.3 (NIST SP 800-90 Section 9.2).
*/
static inline void drbg_reseed_algorithm ( struct drbg_state *state,
const void *entropy,
size_t entropy_len,
const void *additional,
size_t additional_len ) {
hmac_drbg_reseed ( HMAC_DRBG_HASH ( HMAC_DRBG_ALGORITHM ),
&state->internal, entropy, entropy_len,
additional, additional_len );
}
/**
* Generate pseudorandom bits using DRBG algorithm
*
* @v state Algorithm state
* @v additional Additional input
* @v additional_len Length of additional input
* @v data Output buffer
* @v len Length of output buffer
* @ret rc Return status code
*
* This is the Generate_algorithm function defined in ANS X9.82
* Part 3-2007 Section 9.4 (NIST SP 800-90 Section 9.3).
*
* Note that the only permitted error is "reseed required".
*/
static inline int drbg_generate_algorithm ( struct drbg_state *state,
const void *additional,
size_t additional_len,
void *data, size_t len ) {
return hmac_drbg_generate ( HMAC_DRBG_HASH ( HMAC_DRBG_ALGORITHM ),
&state->internal, additional,
additional_len, data, len );
}
extern int drbg_instantiate ( struct drbg_state *state, const void *personal,
size_t personal_len );
extern int drbg_reseed ( struct drbg_state *state, const void *additional,
size_t additional_len );
extern int drbg_generate ( struct drbg_state *state, const void *additional,
size_t additional_len, int prediction_resist,
void *data, size_t len );
extern void drbg_uninstantiate ( struct drbg_state *state );
#endif /* _IPXE_DRBG_H */
