 |
Mbed OS Reference
|
|
Mbed OS Reference
|
This file contains definitions and functions for the CTR_DRBG pseudorandom generator. More...
Go to the source code of this file.
Data Structures | |
| struct | mbedtls_ctr_drbg_context |
| The CTR_DRBG context structure. More... | |
Macros | |
| #define | MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED -0x0034 |
| The entropy source failed. More... | |
| #define | MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG -0x0036 |
| The requested random buffer length is too big. More... | |
| #define | MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG -0x0038 |
| The input (entropy + additional data) is too large. More... | |
| #define | MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR -0x003A |
| Read or write error in file. More... | |
| #define | MBEDTLS_CTR_DRBG_BLOCKSIZE 16 |
| The block size used by the cipher. More... | |
| #define | MBEDTLS_CTR_DRBG_KEYSIZE 32 |
| The key size in bytes used by the cipher. More... | |
| #define | MBEDTLS_CTR_DRBG_KEYBITS ( MBEDTLS_CTR_DRBG_KEYSIZE * 8 ) |
| The key size for the DRBG operation, in bits. More... | |
| #define | MBEDTLS_CTR_DRBG_SEEDLEN ( MBEDTLS_CTR_DRBG_KEYSIZE + MBEDTLS_CTR_DRBG_BLOCKSIZE ) |
| The seed length, calculated as (counter + AES key). More... | |
| #define | MBEDTLS_CTR_DRBG_PR_OFF 0 |
| Prediction resistance is disabled. More... | |
| #define | MBEDTLS_CTR_DRBG_PR_ON 1 |
| Prediction resistance is enabled. More... | |
| #define | MBEDTLS_CTR_DRBG_ENTROPY_NONCE_LEN ( MBEDTLS_CTR_DRBG_ENTROPY_LEN + 1 ) / 2 |
| The default length of the nonce read from the entropy source. More... | |
SECTION: Module settings | |
The configuration options you can set for this module are in this section. Either change them in config.h or define them using the compiler command line. | |
| #define | MBEDTLS_CTR_DRBG_ENTROPY_LEN 32 |
| The amount of entropy used per seed by default, in bytes. More... | |
| #define | MBEDTLS_CTR_DRBG_RESEED_INTERVAL 10000 |
| The interval before reseed is performed by default. More... | |
| #define | MBEDTLS_CTR_DRBG_MAX_INPUT 256 |
| The maximum number of additional input Bytes. More... | |
| #define | MBEDTLS_CTR_DRBG_MAX_REQUEST 1024 |
| The maximum number of requested Bytes per call. More... | |
| #define | MBEDTLS_CTR_DRBG_MAX_SEED_INPUT 384 |
| The maximum size of seed or reseed buffer in bytes. More... | |
Typedefs | |
| typedef struct mbedtls_ctr_drbg_context | mbedtls_ctr_drbg_context |
| The CTR_DRBG context structure. More... | |
Functions | |
| void | mbedtls_ctr_drbg_init (mbedtls_ctr_drbg_context *ctx) |
| This function initializes the CTR_DRBG context, and prepares it for mbedtls_ctr_drbg_seed() or mbedtls_ctr_drbg_free(). More... | |
| int | mbedtls_ctr_drbg_seed (mbedtls_ctr_drbg_context *ctx, int(*f_entropy)(void *, unsigned char *, size_t), void *p_entropy, const unsigned char *custom, size_t len) |
| This function seeds and sets up the CTR_DRBG entropy source for future reseeds. More... | |
| void | mbedtls_ctr_drbg_free (mbedtls_ctr_drbg_context *ctx) |
| This function resets CTR_DRBG context to the state immediately after initial call of mbedtls_ctr_drbg_init(). More... | |
| void | mbedtls_ctr_drbg_set_prediction_resistance (mbedtls_ctr_drbg_context *ctx, int resistance) |
| This function turns prediction resistance on or off. More... | |
| void | mbedtls_ctr_drbg_set_entropy_len (mbedtls_ctr_drbg_context *ctx, size_t len) |
| This function sets the amount of entropy grabbed on each seed or reseed. More... | |
| int | mbedtls_ctr_drbg_set_nonce_len (mbedtls_ctr_drbg_context *ctx, size_t len) |
| This function sets the amount of entropy grabbed as a nonce for the initial seeding. More... | |
| void | mbedtls_ctr_drbg_set_reseed_interval (mbedtls_ctr_drbg_context *ctx, int interval) |
| This function sets the reseed interval. More... | |
| int | mbedtls_ctr_drbg_reseed (mbedtls_ctr_drbg_context *ctx, const unsigned char *additional, size_t len) |
| This function reseeds the CTR_DRBG context, that is extracts data from the entropy source. More... | |
| int | mbedtls_ctr_drbg_update_ret (mbedtls_ctr_drbg_context *ctx, const unsigned char *additional, size_t add_len) |
| This function updates the state of the CTR_DRBG context. More... | |
| int | mbedtls_ctr_drbg_random_with_add (void *p_rng, unsigned char *output, size_t output_len, const unsigned char *additional, size_t add_len) |
| This function updates a CTR_DRBG instance with additional data and uses it to generate random data. More... | |
| int | mbedtls_ctr_drbg_random (void *p_rng, unsigned char *output, size_t output_len) |
| This function uses CTR_DRBG to generate random data. More... | |
| void | mbedtls_ctr_drbg_update (mbedtls_ctr_drbg_context *ctx, const unsigned char *additional, size_t add_len) |
| This function updates the state of the CTR_DRBG context. More... | |
This file contains definitions and functions for the CTR_DRBG pseudorandom generator.
CTR_DRBG is a standardized way of building a PRNG from a block-cipher in counter mode operation, as defined in NIST SP 800-90A: Recommendation for Random Number Generation Using Deterministic Random Bit Generators.
The Mbed TLS implementation of CTR_DRBG uses AES-256 (default) or AES-128 (if MBEDTLS_CTR_DRBG_USE_128_BIT_KEY is enabled at compile time) as the underlying block cipher, with a derivation function.
The security strength as defined in NIST SP 800-90A is 128 bits when AES-128 is used (MBEDTLS_CTR_DRBG_USE_128_BIT_KEY enabled) and 256 bits otherwise, provided that MBEDTLS_CTR_DRBG_ENTROPY_LEN is kept at its default value (and not overridden in config.h) and that the DRBG instance is set up with default parameters. See the documentation of mbedtls_ctr_drbg_seed() for more information.
Definition in file ctr_drbg.h.
1.9.5