diff options
Diffstat (limited to 'src/gcrypt.h.in')
-rw-r--r-- | src/gcrypt.h.in | 108 |
1 files changed, 108 insertions, 0 deletions
diff --git a/src/gcrypt.h.in b/src/gcrypt.h.in index f48f04fb..f1f13919 100644 --- a/src/gcrypt.h.in +++ b/src/gcrypt.h.in @@ -1722,6 +1722,114 @@ int gcry_is_secure (const void *a) _GCRY_GCC_ATTR_PURE; /* Return true if Libgcrypt is in FIPS mode. */ #define gcry_fips_mode_active() !!gcry_control (GCRYCTL_FIPS_MODE_P, 0) +/* DRBG input data structure for DRBG generate with additional information + * string */ +struct gcry_drbg_gen +{ + unsigned char *outbuf; /* output buffer for random numbers */ + unsigned int outlen; /* size of output buffer */ + struct gcry_drbg_string *addtl; /* input buffer for + * additional information string */ +}; + +/* + * Concatenation Helper and string operation helper + * + * SP800-90A requires the concatenation of different data. To avoid copying + * buffers around or allocate additional memory, the following data structure + * is used to point to the original memory with its size. In addition, it + * is used to build a linked list. The linked list defines the concatenation + * of individual buffers. The order of memory block referenced in that + * linked list determines the order of concatenation. + */ +/* DRBG string definition */ +struct gcry_drbg_string +{ + const unsigned char *buf; + size_t len; + struct gcry_drbg_string *next; +}; + +static inline void gcry_drbg_string_fill(struct gcry_drbg_string *string, + const unsigned char *buf, size_t len) +{ + string->buf = buf; + string->len = len; + string->next = NULL; +} + +/* this is a wrapper function for users of libgcrypt */ +static inline void gcry_randomize_drbg(void *outbuf, size_t outlen, + enum gcry_random_level level, + struct gcry_drbg_string *addtl) +{ + struct gcry_drbg_gen genbuf; + genbuf.outbuf = (unsigned char *)outbuf; + genbuf.outlen = outlen; + genbuf.addtl = addtl; + gcry_randomize(&genbuf, 0, level); +} + +/* + * DRBG flags bitmasks + * + * 31 (B) 28 19 (A) 0 + * +-+-+-+--------+---+-----------+-----+ + * |~|~|u|~~~~~~~~| 3 | 2 | 1 | + * +-+-+-+--------+- -+-----------+-----+ + * ctl flg| |drbg use selection flags + * + */ + +/* internal state control flags (B) */ +#define GCRY_DRBG_PREDICTION_RESIST ((u_int32_t)1<<28) + +/* CTR type modifiers (A.1)*/ +#define GCRY_DRBG_CTRAES ((u_int32_t)1<<0) +#define GCRY_DRBG_CTRSERPENT ((u_int32_t)1<<1) +#define GCRY_DRBG_CTRTWOFISH ((u_int32_t)1<<2) +#define GCRY_DRBG_CTR_MASK (GCRY_DRBG_CTRAES | GCRY_DRBG_CTRSERPENT | GCRY_DRBG_CTRTWOFISH) + +/* HASH type modifiers (A.2)*/ +#define GCRY_DRBG_HASHSHA1 ((u_int32_t)1<<4) +#define GCRY_DRBG_HASHSHA224 ((u_int32_t)1<<5) +#define GCRY_DRBG_HASHSHA256 ((u_int32_t)1<<6) +#define GCRY_DRBG_HASHSHA384 ((u_int32_t)1<<7) +#define GCRY_DRBG_HASHSHA512 ((u_int32_t)1<<8) +#define GCRY_DRBG_HASH_MASK (GCRY_DRBG_HASHSHA1 | GCRY_DRBG_HASHSHA224 | \ + GCRY_DRBG_HASHSHA256 | GCRY_DRBG_HASHSHA384 | \ + GCRY_DRBG_HASHSHA512) +/* type modifiers (A.3)*/ +#define GCRY_DRBG_HMAC ((u_int32_t)1<<12) +#define GCRY_DRBG_SYM128 ((u_int32_t)1<<13) +#define GCRY_DRBG_SYM192 ((u_int32_t)1<<14) +#define GCRY_DRBG_SYM256 ((u_int32_t)1<<15) +#define GCRY_DRBG_TYPE_MASK (GCRY_DRBG_HMAC | GCRY_DRBG_SYM128 | GCRY_DRBG_SYM192 | \ + GCRY_DRBG_SYM256) +#define GCRY_DRBG_CIPHER_MASK (GCRY_DRBG_CTR_MASK | GCRY_DRBG_HASH_MASK | GCRY_DRBG_TYPE_MASK) + +#define GCRY_DRBG_PR_CTRAES128 (GCRY_DRBG_PREDICTION_RESIST | GCRY_DRBG_CTRAES | GCRY_DRBG_SYM128) +#define GCRY_DRBG_PR_CTRAES192 (GCRY_DRBG_PREDICTION_RESIST | GCRY_DRBG_CTRAES | GCRY_DRBG_SYM192) +#define GCRY_DRBG_PR_CTRAES256 (GCRY_DRBG_PREDICTION_RESIST | GCRY_DRBG_CTRAES | GCRY_DRBG_SYM256) +#define GCRY_DRBG_NOPR_CTRAES128 (GCRY_DRBG_CTRAES | GCRY_DRBG_SYM128) +#define GCRY_DRBG_NOPR_CTRAES192 (GCRY_DRBG_CTRAES | GCRY_DRBG_SYM192) +#define GCRY_DRBG_NOPR_CTRAES256 (GCRY_DRBG_CTRAES | GCRY_DRBG_SYM256) +#define GCRY_DRBG_PR_HASHSHA1 (GCRY_DRBG_PREDICTION_RESIST | GCRY_DRBG_HASHSHA1) +#define GCRY_DRBG_PR_HASHSHA256 (GCRY_DRBG_PREDICTION_RESIST | GCRY_DRBG_HASHSHA256) +#define GCRY_DRBG_PR_HASHSHA384 (GCRY_DRBG_PREDICTION_RESIST | GCRY_DRBG_HASHSHA384) +#define GCRY_DRBG_PR_HASHSHA512 (GCRY_DRBG_PREDICTION_RESIST | GCRY_DRBG_HASHSHA512) +#define GCRY_DRBG_NOPR_HASHSHA1 (GCRY_DRBG_HASHSHA1) +#define GCRY_DRBG_NOPR_HASHSHA256 (GCRY_DRBG_HASHSHA256) +#define GCRY_DRBG_NOPR_HASHSHA384 (GCRY_DRBG_HASHSHA384) +#define GCRY_DRBG_NOPR_HASHSHA512 (GCRY_DRBG_HASHSHA512) +#define GCRY_DRBG_PR_HMACSHA1 (GCRY_DRBG_PREDICTION_RESIST | GCRY_DRBG_HASHSHA1 | GCRY_DRBG_HMAC) +#define GCRY_DRBG_PR_HMACSHA256 (GCRY_DRBG_PREDICTION_RESIST | GCRY_DRBG_HASHSHA256 | GCRY_DRBG_HMAC) +#define GCRY_DRBG_PR_HMACSHA384 (GCRY_DRBG_PREDICTION_RESIST | GCRY_DRBG_HASHSHA384 | GCRY_DRBG_HMAC) +#define GCRY_DRBG_PR_HMACSHA512 (GCRY_DRBG_PREDICTION_RESIST | GCRY_DRBG_HASHSHA512 | GCRY_DRBG_HMAC) +#define GCRY_DRBG_NOPR_HMACSHA1 (GCRY_DRBG_HASHSHA1 | GCRY_DRBG_HMAC) +#define GCRY_DRBG_NOPR_HMACSHA256 (GCRY_DRBG_HASHSHA256 | GCRY_DRBG_HMAC) +#define GCRY_DRBG_NOPR_HMACSHA384 (GCRY_DRBG_HASHSHA384 | GCRY_DRBG_HMAC) +#define GCRY_DRBG_NOPR_HMACSHA512 (GCRY_DRBG_HASHSHA512 | GCRY_DRBG_HMAC) #if 0 /* (Keep Emacsens' auto-indent happy.) */ { |