From d1e3e61b0133cb5772971653da4ddbc9312c6696 Mon Sep 17 00:00:00 2001
From: Stephan Mueller <smueller@chronox.de>
Date: Sun, 7 Sep 2014 02:39:32 +0200
Subject: [PATCH v10] SP800-90A Deterministic Random Bit Generator
This is a clean-room implementation of the DRBG defined in SP800-90A.
All three viable DRBGs defined in the standard are implemented:
- HMAC: This is the leanest DRBG and compiled per default
- Hash: The more complex DRBG can be enabled at compile time
- CTR: The most complex DRBG can also be enabled at compile time
The DRBG implementation offers the following:
- All three DRBG types are implemented with a derivation function.
- All DRBG types are available with and without prediction resistance.
- All SHA types of SHA-1, SHA-256, SHA-384, SHA-512 are available for
- the HMAC and Hash DRBGs.
- All AES types of AES-128, AES-192 and AES-256 are available for the
- CTR DRBG.
- A self test is implemented with drbg_healthcheck().
- The FIPS 140-2 continuous self test is implemented.
- Additional cipher primitives, such as Serpent or Twofish, can be
- added to the DRBG without changing the implementation. The only
- change necessary is to the DRBG definition given in the cores[]
- array.
Signed-off-by: Stephan Mueller <smueller@chronox.de>
random/Makefile.am | 1 +
random/drbg.c | 2303 ++++++++++++++++++++++++++++++++++++++++++++++++
random/rand-internal.h | 9 +
random/random.c | 33 +-
random/random.h | 22 +
src/gcrypt.h.in | 109 ++-
src/global.c | 22 +
7 files changed, 2488 insertions(+), 11 deletions(-)
create mode 100644 random/drbg.c
1.9.3