1 /* 2 * Copyright 2014-2022 The GmSSL Project. All Rights Reserved. 3 * 4 * Licensed under the Apache License, Version 2.0 (the License); you may 5 * not use this file except in compliance with the License. 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 */ 9 10 11 /* NIST SP800-90A Rev.1 "Recommendation for Random Number Generation 12 * Using Deterministic Random Bit Generators", 10.1.1 Hash_DRBG */ 13 14 #ifndef GMSSL_HASH_DRBG_H 15 #define GMSSL_HASH_DRBG_H 16 17 18 #include <stdint.h> 19 #include <stdlib.h> 20 #include <gmssl/digest.h> 21 22 23 /* seedlen for hash_drgb, table 2 of nist sp 800-90a rev.1 */ 24 #define HASH_DRBG_SM3_SEED_BITS 440 /* 55 bytes */ 25 #define HASH_DRBG_SHA1_SEED_BITS 440 26 #define HASH_DRBG_SHA224_SEED_BITS 440 27 #define HASH_DRBG_SHA512_224_SEED_BITS 440 28 #define HASH_DRBG_SHA256_SEED_BITS 440 29 #define HASH_DRBG_SHA512_256_SEED_BITS 440 30 #define HASH_DRBG_SHA384_SEED_BITS 888 /* 110 bytes */ 31 #define HASH_DRBG_SHA512_SEED_BITS 888 32 #define HASH_DRBG_MAX_SEED_BITS 888 33 34 #define HASH_DRBG_SM3_SEED_SIZE (HASH_DRBG_SM3_SEED_BITS/8) 35 #define HASH_DRBG_SHA1_SEED_SIZE (HASH_DRBG_SHA1_SEED_BITS/8) 36 #define HASH_DRBG_SHA224_SEED_SIZE (HASH_DRBG_SHA224_SEED_BITS/8) 37 #define HASH_DRBG_SHA512_224_SEED_SIZE (HASH_DRBG_SHA512_224_SEED_BITS/8) 38 #define HASH_DRBG_SHA256_SEED_SIZE (HASH_DRBG_SHA256_SEED_BITS/8) 39 #define HASH_DRBG_SHA512_256_SEED_SIZE (HASH_DRBG_SHA512_256_SEED_BITS/8) 40 #define HASH_DRBG_SHA384_SEED_SIZE (HASH_DRBG_SHA384_SEED_BITS/8) 41 #define HASH_DRBG_SHA512_SEED_SIZE (HASH_DRBG_SHA512_SEED_BITS/8) 42 #define HASH_DRBG_MAX_SEED_SIZE (HASH_DRBG_MAX_SEED_BITS/8) 43 44 #define HASH_DRBG_RESEED_INTERVAL ((uint64_t)1 << 48) 45 46 #ifdef __cplusplus 47 extern "C" { 48 #endif 49 50 51 typedef struct { 52 const DIGEST *digest; 53 uint8_t V[HASH_DRBG_MAX_SEED_SIZE]; 54 uint8_t C[HASH_DRBG_MAX_SEED_SIZE]; 55 size_t seedlen; 56 uint64_t reseed_counter; 57 } HASH_DRBG; 58 59 60 int hash_drbg_init(HASH_DRBG *drbg, 61 const DIGEST *digest, 62 const uint8_t *entropy, size_t entropy_len, 63 const uint8_t *nonce, size_t nonce_len, 64 const uint8_t *personalstr, size_t personalstr_len); 65 66 int hash_drbg_reseed(HASH_DRBG *drbg, 67 const uint8_t *entropy, size_t entropy_len, 68 const uint8_t *additional, size_t additional_len); 69 70 int hash_drbg_generate(HASH_DRBG *drbg, 71 const uint8_t *additional, size_t additional_len, 72 size_t outlen, uint8_t *out); 73 74 75 76 #ifdef __cplusplus 77 } 78 #endif 79 #endif 80