2
0

random.h 8.3 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328
  1. /*!
  2. \ingroup Random
  3. \brief Init global Whitewood netRandom context
  4. \return 0 Success
  5. \return BAD_FUNC_ARG Either configFile is null or timeout is negative.
  6. \return RNG_FAILURE_E There was a failure initializing the rng.
  7. \param configFile Path to configuration file
  8. \param hmac_cb Optional to create HMAC callback.
  9. \param timeout A timeout duration.
  10. _Example_
  11. \code
  12. char* config = "path/to/config/example.conf";
  13. int time = // Some sufficient timeout value;
  14. if (wc_InitNetRandom(config, NULL, time) != 0)
  15. {
  16. // Some error occurred
  17. }
  18. \endcode
  19. \sa wc_FreeNetRandom
  20. */
  21. int wc_InitNetRandom(const char* configFile, wnr_hmac_key hmac_cb, int timeout);
  22. /*!
  23. \ingroup Random
  24. \brief Free global Whitewood netRandom context.
  25. \return 0 Success
  26. \return BAD_MUTEX_E Error locking mutex on wnr_mutex
  27. \param none No returns.
  28. _Example_
  29. \code
  30. int ret = wc_FreeNetRandom();
  31. if(ret != 0)
  32. {
  33. // Handle the error
  34. }
  35. \endcode
  36. \sa wc_InitNetRandom
  37. */
  38. int wc_FreeNetRandom(void);
  39. /*!
  40. \ingroup Random
  41. \brief Gets the seed (from OS) and key cipher for rng. rng->drbg
  42. (deterministic random bit generator) allocated (should be deallocated
  43. with wc_FreeRng). This is a blocking operation.
  44. \return 0 on success.
  45. \return MEMORY_E XMALLOC failed
  46. \return WINCRYPT_E wc_GenerateSeed: failed to acquire context
  47. \return CRYPTGEN_E wc_GenerateSeed: failed to get random
  48. \return BAD_FUNC_ARG wc_RNG_GenerateBlock input is null or sz exceeds
  49. MAX_REQUEST_LEN
  50. \return DRBG_CONT_FIPS_E wc_RNG_GenerateBlock: Hash_gen returned
  51. DRBG_CONT_FAILURE
  52. \return RNG_FAILURE_E wc_RNG_GenerateBlock: Default error. rng’s
  53. status originally not ok, or set to DRBG_FAILED
  54. \param rng random number generator to be initialized for use
  55. with a seed and key cipher
  56. _Example_
  57. \code
  58. RNG rng;
  59. int ret;
  60. #ifdef HAVE_CAVIUM
  61. ret = wc_InitRngCavium(&rng, CAVIUM_DEV_ID);
  62. if (ret != 0){
  63. printf(“RNG Nitrox init for device: %d failed”, CAVIUM_DEV_ID);
  64. return -1;
  65. }
  66. #endif
  67. ret = wc_InitRng(&rng);
  68. if (ret != 0){
  69. printf(“RNG init failed”);
  70. return -1;
  71. }
  72. \endcode
  73. \sa wc_InitRngCavium
  74. \sa wc_RNG_GenerateBlock
  75. \sa wc_RNG_GenerateByte
  76. \sa wc_FreeRng
  77. \sa wc_RNG_HealthTest
  78. */
  79. int wc_InitRng(WC_RNG*);
  80. /*!
  81. \ingroup Random
  82. \brief Copies a sz bytes of pseudorandom data to output. Will
  83. reseed rng if needed (blocking).
  84. \return 0 on success
  85. \return BAD_FUNC_ARG an input is null or sz exceeds MAX_REQUEST_LEN
  86. \return DRBG_CONT_FIPS_E Hash_gen returned DRBG_CONT_FAILURE
  87. \return RNG_FAILURE_E Default error. rng’s status originally not
  88. ok, or set to DRBG_FAILED
  89. \param rng random number generator initialized with wc_InitRng
  90. \param output buffer to which the block is copied
  91. \param sz size of output in bytes
  92. _Example_
  93. \code
  94. RNG rng;
  95. int sz = 32;
  96. byte block[sz];
  97. int ret = wc_InitRng(&rng);
  98. if (ret != 0) {
  99. return -1; //init of rng failed!
  100. }
  101. ret = wc_RNG_GenerateBlock(&rng, block, sz);
  102. if (ret != 0) {
  103. return -1; //generating block failed!
  104. }
  105. \endcode
  106. \sa wc_InitRngCavium, wc_InitRng
  107. \sa wc_RNG_GenerateByte
  108. \sa wc_FreeRng
  109. \sa wc_RNG_HealthTest
  110. */
  111. int wc_RNG_GenerateBlock(WC_RNG* rng, byte* b, word32 sz);
  112. /*!
  113. \ingroup Random
  114. \brief Creates a new WC_RNG structure.
  115. \return WC_RNG structure on success
  116. \return NULL on error
  117. \param heap pointer to a heap identifier
  118. \param nonce pointer to the buffer containing the nonce
  119. \param nonceSz length of the nonce
  120. _Example_
  121. \code
  122. RNG rng;
  123. byte nonce[] = { initialize nonce };
  124. word32 nonceSz = sizeof(nonce);
  125. wc_rng_new(&nonce, nonceSz, &heap);
  126. \endcode
  127. \sa wc_InitRng
  128. \sa wc_rng_free
  129. \sa wc_FreeRng
  130. \sa wc_RNG_HealthTest
  131. */
  132. WC_RNG* wc_rng_new(byte* nonce, word32 nonceSz, void* heap)
  133. /*!
  134. \ingroup Random
  135. \brief Calls wc_RNG_GenerateBlock to copy a byte of pseudorandom
  136. data to b. Will reseed rng if needed.
  137. \return 0 on success
  138. \return BAD_FUNC_ARG an input is null or sz exceeds MAX_REQUEST_LEN
  139. \return DRBG_CONT_FIPS_E Hash_gen returned DRBG_CONT_FAILURE
  140. \return RNG_FAILURE_E Default error. rng’s status originally not
  141. ok, or set to DRBG_FAILED
  142. \param rng: random number generator initialized with wc_InitRng
  143. \param b one byte buffer to which the block is copied
  144. _Example_
  145. \code
  146. RNG rng;
  147. int sz = 32;
  148. byte b[1];
  149. int ret = wc_InitRng(&rng);
  150. if (ret != 0) {
  151. return -1; //init of rng failed!
  152. }
  153. ret = wc_RNG_GenerateByte(&rng, b);
  154. if (ret != 0) {
  155. return -1; //generating block failed!
  156. }
  157. \endcode
  158. \sa wc_InitRngCavium
  159. \sa wc_InitRng
  160. \sa wc_RNG_GenerateBlock
  161. \sa wc_FreeRng
  162. \sa wc_RNG_HealthTest
  163. */
  164. int wc_RNG_GenerateByte(WC_RNG* rng, byte* b);
  165. /*!
  166. \ingroup Random
  167. \brief Should be called when RNG no longer needed in order to securely
  168. free drgb. Zeros and XFREEs rng-drbg.
  169. \return 0 on success
  170. \return BAD_FUNC_ARG rng or rng->drgb null
  171. \return RNG_FAILURE_E Failed to deallocated drbg
  172. \param rng random number generator initialized with wc_InitRng
  173. _Example_
  174. \code
  175. RNG rng;
  176. int ret = wc_InitRng(&rng);
  177. if (ret != 0) {
  178. return -1; //init of rng failed!
  179. }
  180. int ret = wc_FreeRng(&rng);
  181. if (ret != 0) {
  182. return -1; //free of rng failed!
  183. }
  184. \endcode
  185. \sa wc_InitRngCavium
  186. \sa wc_InitRng
  187. \sa wc_RNG_GenerateBlock
  188. \sa wc_RNG_GenerateByte,
  189. \sa wc_RNG_HealthTest
  190. */
  191. int wc_FreeRng(WC_RNG*);
  192. /*!
  193. \ingroup Random
  194. \brief Should be called when RNG no longer needed in order to securely
  195. free rng.
  196. \param rng random number generator initialized with wc_InitRng
  197. _Example_
  198. \code
  199. RNG rng;
  200. byte nonce[] = { initialize nonce };
  201. word32 nonceSz = sizeof(nonce);
  202. rng = wc_rng_new(&nonce, nonceSz, &heap);
  203. // use rng
  204. wc_rng_free(&rng);
  205. \endcode
  206. \sa wc_InitRng
  207. \sa wc_rng_new
  208. \sa wc_FreeRng
  209. \sa wc_RNG_HealthTest
  210. */
  211. WC_RNG* wc_rng_free(WC_RNG* rng);
  212. /*!
  213. \ingroup Random
  214. \brief Creates and tests functionality of drbg.
  215. \return 0 on success
  216. \return BAD_FUNC_ARG entropyA and output must not be null. If reseed
  217. set entropyB must not be null
  218. \return -1 test failed
  219. \param int reseed: if set, will test reseed functionality
  220. \param entropyA: entropy to instantiate drgb with
  221. \param entropyASz: size of entropyA in bytes
  222. \param entropyB: If reseed set, drbg will be reseeded with entropyB
  223. \param entropyBSz: size of entropyB in bytes
  224. \param output: initialized to random data seeded with entropyB if
  225. seedrandom is set, and entropyA otherwise
  226. \param outputSz: length of output in bytes
  227. _Example_
  228. \code
  229. byte output[SHA256_DIGEST_SIZE * 4];
  230. const byte test1EntropyB[] = ....; // test input for reseed false
  231. const byte test1Output[] = ....; // testvector: expected output of
  232. // reseed false
  233. ret = wc_RNG_HealthTest(0, test1Entropy, sizeof(test1Entropy), NULL, 0,
  234. output, sizeof(output));
  235. if (ret != 0)
  236. return -1;//healthtest without reseed failed
  237. if (XMEMCMP(test1Output, output, sizeof(output)) != 0)
  238. return -1; //compare to testvector failed: unexpected output
  239. const byte test2EntropyB[] = ....; // test input for reseed
  240. const byte test2Output[] = ....; // testvector expected output of reseed
  241. ret = wc_RNG_HealthTest(1, test2EntropyA, sizeof(test2EntropyA),
  242. test2EntropyB, sizeof(test2EntropyB),
  243. output, sizeof(output));
  244. if (XMEMCMP(test2Output, output, sizeof(output)) != 0)
  245. return -1; //compare to testvector failed
  246. \endcode
  247. \sa wc_InitRngCavium
  248. \sa wc_InitRng
  249. \sa wc_RNG_GenerateBlock
  250. \sa wc_RNG_GenerateByte
  251. \sa wc_FreeRng
  252. */
  253. int wc_RNG_HealthTest(int reseed,
  254. const byte* entropyA, word32 entropyASz,
  255. const byte* entropyB, word32 entropyBSz,
  256. byte* output, word32 outputSz);