32 #if !defined(POLARSSL_CONFIG_FILE)
35 #include POLARSSL_CONFIG_FILE
38 #if defined(POLARSSL_HMAC_DRBG_C)
42 #if defined(POLARSSL_FS_IO)
46 #if defined(POLARSSL_PLATFORM_C)
49 #define polarssl_printf printf
53 static void polarssl_zeroize(
void *v,
size_t n ) {
54 volatile unsigned char *p = v;
while( n-- ) *p++ = 0;
61 const unsigned char *additional,
size_t add_len )
64 unsigned char rounds = ( additional != NULL && add_len != 0 ) ? 2 : 1;
68 for( sep[0] = 0; sep[0] < rounds; sep[0]++ )
90 const unsigned char *data,
size_t data_len )
107 memset( ctx->
V, 0x01, md_info->
size );
118 const unsigned char *additional,
size_t len )
139 if( additional != NULL && len != 0 )
141 memcpy( seed + seedlen, additional, len );
160 int (*f_entropy)(
void *,
unsigned char *,
size_t),
162 const unsigned char *custom,
181 memset( ctx->
V, 0x01, md_info->
size );
195 entropy_len = md_info->
size <= 20 ? 16 :
196 md_info->
size <= 28 ? 24 :
243 unsigned char *output,
size_t out_len,
244 const unsigned char *additional,
size_t add_len )
249 size_t left = out_len;
250 unsigned char *out = output;
272 if( additional != NULL && add_len != 0 )
278 size_t use_len = left > md_len ? md_len : left;
284 memcpy( out, ctx->
V, use_len );
320 #if defined(POLARSSL_FS_IO)
327 if( ( f = fopen( path,
"wb" ) ) == NULL )
333 if( fwrite( buf, 1,
sizeof( buf ), f ) !=
sizeof( buf ) )
352 if( ( f = fopen( path,
"rb" ) ) == NULL )
355 fseek( f, 0, SEEK_END );
356 n = (size_t) ftell( f );
357 fseek( f, 0, SEEK_SET );
365 if( fread( buf, 1, n, f ) != n )
375 return( hmac_drbg_write_seed_file( ctx, path ) );
380 #if defined(POLARSSL_SELF_TEST)
384 #if !defined(POLARSSL_SHA1_C)
386 int hmac_drbg_self_test(
int verbose )
396 #define OUTPUT_LEN 80
399 static unsigned char entropy_pr[] = {
400 0xa0, 0xc9, 0xab, 0x58, 0xf1, 0xe2, 0xe5, 0xa4, 0xde, 0x3e, 0xbd, 0x4f,
401 0xf7, 0x3e, 0x9c, 0x5b, 0x64, 0xef, 0xd8, 0xca, 0x02, 0x8c, 0xf8, 0x11,
402 0x48, 0xa5, 0x84, 0xfe, 0x69, 0xab, 0x5a, 0xee, 0x42, 0xaa, 0x4d, 0x42,
403 0x17, 0x60, 0x99, 0xd4, 0x5e, 0x13, 0x97, 0xdc, 0x40, 0x4d, 0x86, 0xa3,
404 0x7b, 0xf5, 0x59, 0x54, 0x75, 0x69, 0x51, 0xe4 };
405 static const unsigned char result_pr[OUTPUT_LEN] = {
406 0x9a, 0x00, 0xa2, 0xd0, 0x0e, 0xd5, 0x9b, 0xfe, 0x31, 0xec, 0xb1, 0x39,
407 0x9b, 0x60, 0x81, 0x48, 0xd1, 0x96, 0x9d, 0x25, 0x0d, 0x3c, 0x1e, 0x94,
408 0x10, 0x10, 0x98, 0x12, 0x93, 0x25, 0xca, 0xb8, 0xfc, 0xcc, 0x2d, 0x54,
409 0x73, 0x19, 0x70, 0xc0, 0x10, 0x7a, 0xa4, 0x89, 0x25, 0x19, 0x95, 0x5e,
410 0x4b, 0xc6, 0x00, 0x1d, 0x7f, 0x4e, 0x6a, 0x2b, 0xf8, 0xa3, 0x01, 0xab,
411 0x46, 0x05, 0x5c, 0x09, 0xa6, 0x71, 0x88, 0xf1, 0xa7, 0x40, 0xee, 0xf3,
412 0xe1, 0x5c, 0x02, 0x9b, 0x44, 0xaf, 0x03, 0x44 };
415 static unsigned char entropy_nopr[] = {
416 0x79, 0x34, 0x9b, 0xbf, 0x7c, 0xdd, 0xa5, 0x79, 0x95, 0x57, 0x86, 0x66,
417 0x21, 0xc9, 0x13, 0x83, 0x11, 0x46, 0x73, 0x3a, 0xbf, 0x8c, 0x35, 0xc8,
418 0xc7, 0x21, 0x5b, 0x5b, 0x96, 0xc4, 0x8e, 0x9b, 0x33, 0x8c, 0x74, 0xe3,
419 0xe9, 0x9d, 0xfe, 0xdf };
420 static const unsigned char result_nopr[OUTPUT_LEN] = {
421 0xc6, 0xa1, 0x6a, 0xb8, 0xd4, 0x20, 0x70, 0x6f, 0x0f, 0x34, 0xab, 0x7f,
422 0xec, 0x5a, 0xdc, 0xa9, 0xd8, 0xca, 0x3a, 0x13, 0x3e, 0x15, 0x9c, 0xa6,
423 0xac, 0x43, 0xc6, 0xf8, 0xa2, 0xbe, 0x22, 0x83, 0x4a, 0x4c, 0x0a, 0x0a,
424 0xff, 0xb1, 0x0d, 0x71, 0x94, 0xf1, 0xc1, 0xa5, 0xcf, 0x73, 0x22, 0xec,
425 0x1a, 0xe0, 0x96, 0x4e, 0xd4, 0xbf, 0x12, 0x27, 0x46, 0xe0, 0x87, 0xfd,
426 0xb5, 0xb3, 0xe9, 0x1b, 0x34, 0x93, 0xd5, 0xbb, 0x98, 0xfa, 0xed, 0x49,
427 0xe8, 0x5f, 0x13, 0x0f, 0xc8, 0xa4, 0x59, 0xb7 };
430 static size_t test_offset;
431 static int hmac_drbg_self_test_entropy(
void *data,
432 unsigned char *buf,
size_t len )
434 const unsigned char *p = data;
435 memcpy( buf, p + test_offset, len );
440 #define CHK( c ) if( (c) != 0 ) \
443 polarssl_printf( "failed\n" ); \
450 int hmac_drbg_self_test(
int verbose )
453 unsigned char buf[OUTPUT_LEN];
464 hmac_drbg_self_test_entropy, entropy_pr,
469 CHK( memcmp( buf, result_pr, OUTPUT_LEN ) );
483 hmac_drbg_self_test_entropy, entropy_nopr,
488 CHK( memcmp( buf, result_nopr, OUTPUT_LEN ) );