random: Add SP800-90A DRBG
* random/drbg.c: New. * random/random.c (_gcry_random_initialize): Replace rngfips init by drbg init. (__gcry_random_close_fds): Likewise. (_gcry_random_dump_stats): Likewise. (_gcry_random_is_faked): Likewise. (do_randomize): Likewise. (_gcry_random_selftest): Likewise. (_gcry_create_nonce): Replace rngfips_create_noce by drbg_randomize. (_gcry_random_init_external_test): Remove. (_gcry_random_run_external_test): Remove. (_gcry_random_deinit_external_test): Remove. * random/random.h (struct gcry_drbg_test_vector): New. * src/gcrypt.h.in (struct gcry_drbg_gen): New. (struct gcry_drbg_string): New. (gcry_drbg_string_fill): New. (gcry_randomize_drbg): New. (GCRY_DRBG_): Lots of new macros. * src/global.c (_gcry_vcontrol) <Init external random test>: Turn into a nop. (_gcry_vcontrol) <Deinit external random test>: Ditto. (_gcry_vcontrol) <Run external random test>: Change. (_gcry_vcontrol) <GCRYCTL_DRBG_REINIT>: New.
This patch set adds the SP800-90A DRBG for AES128, AES192, AES256 with
derivation function, SHA-1 through SHA-512 with derivation function,
HMAC SHA-1 through HMAC SHA-512. All DRBGs are provided with and without
prediction resistance. In addition, all DRBGs allow reseeding by the
caller.
The default DRBG is HMAC SHA-256 without prediction resistance.
The caller may re-initialize the DRBG with the control
GCRYCTL_DRBG_REINIT:
The patch replaces the invocation of the existing ANSI X9.31 DRNG. This
covers the control calls of 58 through 60. Control call 58 and 60 are
simply deactivated. Control 59 is replaced with the DRBG CAVS test
interface.
ChangeLog entries added by -wk
- Signed-off-by: Stephan Mueller <smueller@chronox.de>