OLD | NEW |
1 /* | 1 /* |
2 * ctr_prng.c | 2 * ctr_prng.c |
3 * | 3 * |
4 * counter mode based pseudorandom source | 4 * counter mode based pseudorandom source |
5 * | 5 * |
6 * David A. McGrew | 6 * David A. McGrew |
7 * Cisco Systems, Inc. | 7 * Cisco Systems, Inc. |
8 */ | 8 */ |
9 /* | 9 /* |
10 * | 10 * |
(...skipping 25 matching lines...) Expand all Loading... |
36 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR | 36 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR |
37 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | 37 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
38 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | 38 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, |
39 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | 39 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) |
40 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | 40 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED |
41 * OF THE POSSIBILITY OF SUCH DAMAGE. | 41 * OF THE POSSIBILITY OF SUCH DAMAGE. |
42 * | 42 * |
43 */ | 43 */ |
44 | 44 |
45 | 45 |
| 46 #ifdef HAVE_CONFIG_H |
| 47 #include <config.h> |
| 48 #endif |
| 49 |
46 #include "prng.h" | 50 #include "prng.h" |
47 | 51 |
48 /* single, global prng structure */ | 52 /* single, global prng structure */ |
49 | 53 |
50 ctr_prng_t ctr_prng; | 54 ctr_prng_t ctr_prng; |
51 | 55 |
52 err_status_t | 56 err_status_t |
53 ctr_prng_init(rand_source_func_t random_source) { | 57 ctr_prng_init(rand_source_func_t random_source) { |
54 uint8_t tmp_key[32]; | 58 uint8_t tmp_key[32]; |
55 err_status_t status; | 59 err_status_t status; |
56 | 60 |
57 /* initialize output count to zero */ | 61 /* initialize output count to zero */ |
58 ctr_prng.octet_count = 0; | 62 ctr_prng.octet_count = 0; |
59 | 63 |
60 /* set random source */ | 64 /* set random source */ |
61 ctr_prng.rand = random_source; | 65 ctr_prng.rand = random_source; |
62 | 66 |
63 /* initialize secret key from random source */ | 67 /* initialize secret key from random source */ |
64 status = random_source(tmp_key, 32); | 68 status = random_source(tmp_key, 32); |
65 if (status) | 69 if (status) |
66 return status; | 70 return status; |
67 | 71 |
68 /* initialize aes ctr context with random key */ | 72 /* initialize aes ctr context with random key */ |
| 73 #ifdef OPENSSL |
| 74 status = aes_icm_openssl_context_init(&ctr_prng.state, tmp_key, 30); |
| 75 #else |
69 status = aes_icm_context_init(&ctr_prng.state, tmp_key, 30); | 76 status = aes_icm_context_init(&ctr_prng.state, tmp_key, 30); |
| 77 #endif |
70 if (status) | 78 if (status) |
71 return status; | 79 return status; |
72 | 80 |
73 return err_status_ok; | 81 return err_status_ok; |
74 } | 82 } |
75 | 83 |
76 err_status_t | 84 err_status_t |
77 ctr_prng_get_octet_string(void *dest, uint32_t len) { | 85 ctr_prng_get_octet_string(void *dest, uint32_t len) { |
78 err_status_t status; | 86 err_status_t status; |
79 | 87 |
80 /* | 88 /* |
81 * if we need to re-initialize the prng, do so now | 89 * if we need to re-initialize the prng, do so now |
82 * | |
83 * avoid 32-bit overflows by subtracting instead of adding | |
84 */ | 90 */ |
85 if (ctr_prng.octet_count > MAX_PRNG_OUT_LEN - len) { | 91 if ((aes_icm_bytes_encrypted(&ctr_prng.state) + len) > 0xffff) { |
86 status = ctr_prng_init(ctr_prng.rand); | 92 status = ctr_prng_init(ctr_prng.rand); |
87 if (status) | 93 if (status) |
88 return status; | 94 return status; |
89 } | 95 } |
90 ctr_prng.octet_count += len; | 96 ctr_prng.octet_count += len; |
91 | 97 |
92 /* | 98 /* |
93 * write prng output | 99 * write prng output |
94 */ | 100 */ |
95 status = aes_icm_output(&ctr_prng.state, (uint8_t*)dest, len); | 101 status = aes_icm_output(&ctr_prng.state, (uint8_t*)dest, len); |
96 if (status) | 102 if (status) |
97 return status; | 103 return status; |
98 | 104 |
99 return err_status_ok; | 105 return err_status_ok; |
100 } | 106 } |
101 | 107 |
102 err_status_t | 108 err_status_t |
103 ctr_prng_deinit(void) { | 109 ctr_prng_deinit(void) { |
104 | 110 |
105 /* nothing */ | 111 /* nothing */ |
106 | 112 |
107 return err_status_ok; | 113 return err_status_ok; |
108 } | 114 } |
OLD | NEW |