From d1e3e61b0133cb5772971653da4ddbc9312c6696 Mon Sep 17 00:00:00 2001
From: Stephan Mueller <smueller@chronox.de>
Date: Sun, 7 Sep 2014 02:39:32 +0200
Subject: [PATCH v10] SP800-90A Deterministic Random Bit Generator
This is a clean-room implementation of the DRBG defined in SP800-90A.
All three viable DRBGs defined in the standard are implemented:
- HMAC: This is the leanest DRBG and compiled per default
- Hash: The more complex DRBG can be enabled at compile time
- CTR: The most complex DRBG can also be enabled at compile time
The DRBG implementation offers the following:
- All three DRBG types are implemented with a derivation function.
- All DRBG types are available with and without prediction resistance.
- All SHA types of SHA-1, SHA-256, SHA-384, SHA-512 are available for
- the HMAC and Hash DRBGs.
- All AES types of AES-128, AES-192 and AES-256 are available for the
- CTR DRBG.
- A self test is implemented with drbg_healthcheck().
- The FIPS 140-2 continuous self test is implemented.
- Additional cipher primitives, such as Serpent or Twofish, can be
- added to the DRBG without changing the implementation. The only
- change necessary is to the DRBG definition given in the cores[]
- array.
Signed-off-by: Stephan Mueller <smueller@chronox.de>
random/Makefile.am     |    1 +
 random/drbg.c          | 2303 ++++++++++++++++++++++++++++++++++++++++++++++++
 random/rand-internal.h |    9 +
 random/random.c        |   33 +-
 random/random.h        |   22 +
 src/gcrypt.h.in        |  109 ++-
 src/global.c           |   22 +
 7 files changed, 2488 insertions(+), 11 deletions(-)
 create mode 100644 random/drbg.c
1.9.3