500_v10-0001-SP800-90A-Deterministic-Random-Bit-Generator.patch
AbandonedPublic

Authored by smueller_chronox.de on Sep 7 2014, 2:57 AM.

Details

Reviewers
None
Summary

From d1e3e61b0133cb5772971653da4ddbc9312c6696 Mon Sep 17 00:00:00 2001
From: Stephan Mueller <smueller@chronox.de>
Date: Sun, 7 Sep 2014 02:39:32 +0200
Subject: [PATCH v10] SP800-90A Deterministic Random Bit Generator

This is a clean-room implementation of the DRBG defined in SP800-90A.
All three viable DRBGs defined in the standard are implemented:

  • HMAC: This is the leanest DRBG and compiled per default
  • Hash: The more complex DRBG can be enabled at compile time
  • CTR: The most complex DRBG can also be enabled at compile time

The DRBG implementation offers the following:

  • All three DRBG types are implemented with a derivation function.
  • All DRBG types are available with and without prediction resistance.
  • All SHA types of SHA-1, SHA-256, SHA-384, SHA-512 are available for
  • the HMAC and Hash DRBGs.
  • All AES types of AES-128, AES-192 and AES-256 are available for the
  • CTR DRBG.
  • A self test is implemented with drbg_healthcheck().
  • The FIPS 140-2 continuous self test is implemented.
  • Additional cipher primitives, such as Serpent or Twofish, can be
  • added to the DRBG without changing the implementation. The only
  • change necessary is to the DRBG definition given in the cores[]
  • array.

Signed-off-by: Stephan Mueller <smueller@chronox.de>

random/Makefile.am | 1 +
random/drbg.c | 2303 ++++++++++++++++++++++++++++++++++++++++++++++++
random/rand-internal.h | 9 +
random/random.c | 33 +-
random/random.h | 22 +
src/gcrypt.h.in | 109 ++-
src/global.c | 22 +
7 files changed, 2488 insertions(+), 11 deletions(-)
create mode 100644 random/drbg.c

1.9.3

Test Plan

Diff Detail

Lint
Lint Skipped
Unit
Unit Tests Skipped