kris
/
pqcrypto
peilaus alkaen https://github.com/henrydcase/pqc.git
1
1
Fork 0
Koodi Ongelmat 1 Julkaisut 2 Wiki Toiminta
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
876 Commitit
9 Branchit
121 MiB
 
 
 
Puu: 5a89c92900
Branchit Tagit
${ item.name }
Create branch ${ searchTerm }
from '5a89c92900'
${ noResults }
pqcrypto/test/common/nistkatrng.c

105 rivejä
2.8 KiB
Raaka Blame Historia 

  1. //

  2. //  rng.c

  3. //

  4. //  Created by Bassham, Lawrence E (Fed) on 8/29/17.

  5. //  Copyright © 2017 Bassham, Lawrence E (Fed). All rights reserved.

  6. //  Modified for liboqs by Douglas Stebila

  7. //

  8. 

  9. #include <assert.h>

  10. #include <string.h>

  11. 

  12. #include "aes.h"

  13. #include "randombytes.h"

  14. 

  15. typedef struct {

  16.     uint8_t Key[32];

  17.     uint8_t V[16];

  18.     int reseed_counter;

  19. } AES256_CTR_DRBG_struct;

  20. 

  21. static AES256_CTR_DRBG_struct DRBG_ctx;

  22. static void AES256_CTR_DRBG_Update(const uint8_t *provided_data, uint8_t *Key, uint8_t *V);

  23. 

  24. // Use whatever AES implementation you have. This uses AES from openSSL library

  25. //    key - 256-bit AES key

  26. //    ctr - a 128-bit plaintext value

  27. //    buffer - a 128-bit ciphertext value

  28. static void AES256_ECB(uint8_t *key, uint8_t *ctr, uint8_t *buffer) {

  29.     aes256ctx ctx;

  30.     aes256_ecb_keyexp(&ctx, key);

  31.     aes256_ecb(buffer, ctr, 1, &ctx);

  32.     aes256_ctx_release(&ctx);

  33. }

  34. 

  35. void nist_kat_init(uint8_t *entropy_input, const uint8_t *personalization_string, int security_strength);

  36. void nist_kat_init(uint8_t *entropy_input, const uint8_t *personalization_string, int security_strength) {

  37.     uint8_t seed_material[48];

  38. 

  39.     assert(security_strength == 256);

  40.     memcpy(seed_material, entropy_input, 48);

  41.     if (personalization_string) {

  42.         for (int i = 0; i < 48; i++) {

  43.             seed_material[i] ^= personalization_string[i];

  44.         }

  45.     }

  46.     memset(DRBG_ctx.Key, 0x00, 32);

  47.     memset(DRBG_ctx.V, 0x00, 16);

  48.     AES256_CTR_DRBG_Update(seed_material, DRBG_ctx.Key, DRBG_ctx.V);

  49.     DRBG_ctx.reseed_counter = 1;

  50. }

  51. 

  52. int randombytes(uint8_t *buf, size_t n) {

  53.     uint8_t block[16];

  54.     int i = 0;

  55. 

  56.     while (n > 0) {

  57.         //increment V

  58.         for (int j = 15; j >= 0; j--) {

  59.             if (DRBG_ctx.V[j] == 0xff) {

  60.                 DRBG_ctx.V[j] = 0x00;

  61.             } else {

  62.                 DRBG_ctx.V[j]++;

  63.                 break;

  64.             }

  65.         }

  66.         AES256_ECB(DRBG_ctx.Key, DRBG_ctx.V, block);

  67.         if (n > 15) {

  68.             memcpy(buf + i, block, 16);

  69.             i += 16;

  70.             n -= 16;

  71.         } else {

  72.             memcpy(buf + i, block, n);

  73.             n = 0;

  74.         }

  75.     }

  76.     AES256_CTR_DRBG_Update(NULL, DRBG_ctx.Key, DRBG_ctx.V);

  77.     DRBG_ctx.reseed_counter++;

  78.     return 0;

  79. }

  80. 

  81. static void AES256_CTR_DRBG_Update(const uint8_t *provided_data, uint8_t *Key, uint8_t *V) {

  82.     uint8_t temp[48];

  83. 

  84.     for (int i = 0; i < 3; i++) {

  85.         //increment V

  86.         for (int j = 15; j >= 0; j--) {

  87.             if (V[j] == 0xff) {

  88.                 V[j] = 0x00;

  89.             } else {

  90.                 V[j]++;

  91.                 break;

  92.             }

  93.         }

  94. 

  95.         AES256_ECB(Key, V, temp + 16 * i);

  96.     }

  97.     if (provided_data != NULL) {

  98.         for (int i = 0; i < 48; i++) {

  99.             temp[i] ^= provided_data[i];

  100.         }

  101.     }

  102.     memcpy(Key, temp, 32);

  103.     memcpy(V, temp + 32, 16);

  104. }