wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-02 12:14:38 +02:00
Code Issues Packages Projects Releases Wiki Activity

added Hash DRBG as configure option

Browse Source
This commit is contained in:
John Safranek
2014-05-07 11:54:12 -07:00
parent ac18ce03df
commit 72e9ea8e4b
3 changed files with 61 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
configure.ac
View File

@@ -1085,6 +1085,26 @@ fi
AM_CONDITIONAL([BUILD_FIPS], [test "x$ENABLED_FIPS" = "xyes"]) AM_CONDITIONAL([BUILD_FIPS], [test "x$ENABLED_FIPS" = "xyes"])
# Hash DRBG
AC_ARG_ENABLE([hashdrbg],
[ --enable-hashdrbg Enable Hash DRBG support (default: disabled)],
[ ENABLED_HASHDRBG=$enableval ],
[ ENABLED_HASHDRBG=no ]
)
if test "x$ENABLED_HASHDRBG" = "xyes"
then
AM_CFLAGS="$AM_CFLAGS -DHAVE_HASHDRBG"
else
# turn on Hash DRBG if FIPS is on or ARC4 is off
if test "x$ENABLED_FIPS" = "xyes" || test "x$ENABLED_ARC4" = "xno"
then
AM_CFLAGS="$AM_CFLAGS -DHAVE_HASHDRBG"
ENABLED_HASHDRBG=yes
fi
fi
# Filesystem Build # Filesystem Build
AC_ARG_ENABLE([filesystem], AC_ARG_ENABLE([filesystem],
[ --enable-filesystem Enable Filesystem support (default: enabled)], [ --enable-filesystem Enable Filesystem support (default: enabled)],
@@ -1739,6 +1759,7 @@ echo " * certgen: $ENABLED_CERTGEN"
echo " * certreq: $ENABLED_CERTREQ" echo " * certreq: $ENABLED_CERTREQ"
echo " * HC-128: $ENABLED_HC128" echo " * HC-128: $ENABLED_HC128"
echo " * RABBIT: $ENABLED_RABBIT" echo " * RABBIT: $ENABLED_RABBIT"
echo " * Hash DRBG: $ENABLED_HASHDRBG"
echo " * PWDBASED: $ENABLED_PWDBASED" echo " * PWDBASED: $ENABLED_PWDBASED"
echo " * HKDF: $ENABLED_HKDF" echo " * HKDF: $ENABLED_HKDF"
echo " * MD4: $ENABLED_MD4" echo " * MD4: $ENABLED_MD4"

11
ctaocrypt/src/random.c
View File

@@ -33,16 +33,15 @@
#include <cyassl/ctaocrypt/random.h> #include <cyassl/ctaocrypt/random.h>
#include <cyassl/ctaocrypt/error-crypt.h> #include <cyassl/ctaocrypt/error-crypt.h>
#ifdef NO_RC4 #if defined(HAVE_HASHDRBG) || defined(NO_RC4)
#include <cyassl/ctaocrypt/sha256.h> #include <cyassl/ctaocrypt/sha256.h>
#ifdef NO_INLINE #ifdef NO_INLINE
#include <cyassl/ctaocrypt/misc.h> #include <cyassl/ctaocrypt/misc.h>
#else #else
#define MISC_DUMM_FUNC misc_dummy_random
#include <ctaocrypt/src/misc.c> #include <ctaocrypt/src/misc.c>
#endif #endif
#endif #endif /* HAVE_HASHDRBG || NO_RC4 */
#if defined(USE_WINDOWS_API) #if defined(USE_WINDOWS_API)
#ifndef _WIN32_WINNT #ifndef _WIN32_WINNT
@@ -63,7 +62,7 @@
#endif /* USE_WINDOWS_API */ #endif /* USE_WINDOWS_API */
#ifdef NO_RC4 #if defined(HAVE_HASHDRBG) || defined(NO_RC4)
/* Start NIST DRBG code */ /* Start NIST DRBG code */
@@ -370,7 +369,7 @@ void FreeRng(RNG* rng)
Hash_DRBG_Uninstantiate(rng); Hash_DRBG_Uninstantiate(rng);
} }
#else /* NO_RC4 */ #else /* HAVE_HASHDRBG || NO_RC4 */
/* Get seed and key cipher */ /* Get seed and key cipher */
int InitRng(RNG* rng) int InitRng(RNG* rng)
@@ -484,7 +483,7 @@ static void CaviumRNG_GenerateBlock(RNG* rng, byte* output, word32 sz)
#endif /* HAVE_CAVIUM */ #endif /* HAVE_CAVIUM */
#endif /* NO_RC4 */ #endif /* HAVE_HASHDRBG || NO_RC4 */
#if defined(USE_WINDOWS_API) #if defined(USE_WINDOWS_API)

58
cyassl/ctaocrypt/random.h
View File

@@ -25,11 +25,15 @@
#include <cyassl/ctaocrypt/types.h> #include <cyassl/ctaocrypt/types.h>
#ifndef NO_RC4 #if defined(HAVE_HASHDRBG) || defined(NO_RC4)
#include <cyassl/ctaocrypt/arc4.h> #ifdef NO_SHA256
#else #error "Hash DRBG requires SHA-256."
#endif /* NO_SHA256 */
#include <cyassl/ctaocrypt/sha256.h> #include <cyassl/ctaocrypt/sha256.h>
#endif #else /* HAVE_HASHDRBG || NO_RC4 */
#include <cyassl/ctaocrypt/arc4.h>
#endif /* HAVE_HASHDRBG || NO_RC4 */
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
@@ -64,11 +68,31 @@ int GenerateSeed(OS_Seed* os, byte* seed, word32 sz);
#define RNG CyaSSL_RNG /* for avoiding name conflict in "stm32f2xx.h" */ #define RNG CyaSSL_RNG /* for avoiding name conflict in "stm32f2xx.h" */
#endif #endif
#ifndef NO_RC4
#if defined(HAVE_HASHDRBG) || defined(NO_RC4)
#define DRBG_SEED_LEN (440/8)
/* Hash-based Deterministic Random Bit Generator */
typedef struct RNG {
OS_Seed seed;
Sha256 sha;
byte digest[SHA256_DIGEST_SIZE];
byte V[DRBG_SEED_LEN];
byte C[DRBG_SEED_LEN];
word32 reseedCtr;
} RNG;
#else /* HAVE_HASHDRBG || NO_RC4 */
#define CYASSL_RNG_CAVIUM_MAGIC 0xBEEF0004 #define CYASSL_RNG_CAVIUM_MAGIC 0xBEEF0004
/* secure Random Nnumber Generator */ /* secure Random Number Generator */
typedef struct RNG { typedef struct RNG {
@@ -85,31 +109,19 @@ typedef struct RNG {
CYASSL_API int InitRngCavium(RNG*, int); CYASSL_API int InitRngCavium(RNG*, int);
#endif #endif
#else /* NO_RC4 */
#define DRBG_SEED_LEN (440/8) #endif /* HAVE_HASH_DRBG || NO_RC4 */
/* secure Random Nnumber Generator */
typedef struct RNG {
OS_Seed seed;
Sha256 sha;
byte digest[SHA256_DIGEST_SIZE];
byte V[DRBG_SEED_LEN];
byte C[DRBG_SEED_LEN];
word32 reseedCtr;
} RNG;
#endif
CYASSL_API int InitRng(RNG*); CYASSL_API int InitRng(RNG*);
CYASSL_API int RNG_GenerateBlock(RNG*, byte*, word32 sz); CYASSL_API int RNG_GenerateBlock(RNG*, byte*, word32 sz);
CYASSL_API int RNG_GenerateByte(RNG*, byte*); CYASSL_API int RNG_GenerateByte(RNG*, byte*);
#ifdef NO_RC4
#if defined(HAVE_HASHDRBG) || defined(NO_RC4)
CYASSL_API void FreeRng(RNG*); CYASSL_API void FreeRng(RNG*);
#endif #endif /* HAVE_HASHDRBG || NO_RC4 */
#ifdef __cplusplus #ifdef __cplusplus
} /* extern "C" */ } /* extern "C" */