Add hmac_random_with_add()
diff --git a/include/polarssl/hmac_drbg.h b/include/polarssl/hmac_drbg.h
index f86c136..b35d62b 100644
--- a/include/polarssl/hmac_drbg.h
+++ b/include/polarssl/hmac_drbg.h
@@ -76,15 +76,37 @@
const unsigned char *additional, size_t add_len );
/**
+ * \brief HMAC_DRBG generate random with additional update input
+ *
+ * Note: Automatically reseeds if reseed_counter is reached.
+ *
+ * \param p_rng HMAC_DRBG context
+ * \param output Buffer to fill
+ * \param output_len Length of the buffer
+ * \param additional Additional data to update with (can be NULL)
+ * \param add_len Length of additional data (can be 0)
+ *
+ * \return 0 if successful, or
+ * TODO: POLARSSL_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED, or
+ * TODO: POLARSSL_ERR_HMAC_DRBG_REQUEST_TOO_BIG
+ */
+int hmac_drbg_random_with_add( void *p_rng,
+ unsigned char *output, size_t output_len,
+ const unsigned char *additional,
+ size_t add_len );
+
+/**
* \brief HMAC_DRBG generate random
*
- * Note: Automatically reseeds if reseed_counter is reached. (TODO)
+ * Note: Automatically reseeds if reseed_counter is reached.
*
* \param p_rng HMAC_DRBG context
* \param output Buffer to fill
* \param output_len Length of the buffer
*
- * \return 0 if successful.
+ * \return 0 if successful, or
+ * TODO: POLARSSL_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED, or
+ * TODO: POLARSSL_ERR_HMAC_DRBG_REQUEST_TOO_BIG
*/
int hmac_drbg_random( void *p_rng, unsigned char *output, size_t out_len );
diff --git a/library/hmac_drbg.c b/library/hmac_drbg.c
index 6aa1ba5..bc5b908 100644
--- a/library/hmac_drbg.c
+++ b/library/hmac_drbg.c
@@ -24,8 +24,9 @@
*/
/*
- * The NIST SP 800-90 DRBGs are described in the following publication.
+ * The NIST SP 800-90A DRBGs are described in the following publication.
* http://csrc.nist.gov/publications/nistpubs/800-90A/SP800-90A.pdf
+ * References below are based on rev. 1 (January 2012).
*/
#include "polarssl/config.h"
@@ -35,7 +36,7 @@
#include "polarssl/hmac_drbg.h"
/*
- * HMAC_DRBG update, using optional additional data
+ * HMAC_DRBG update, using optional additional data (10.1.2.2)
*/
void hmac_drbg_update( hmac_drbg_context *ctx,
const unsigned char *additional, size_t add_len )
@@ -46,6 +47,7 @@
for( sep[0] = 0; sep[0] < rounds; sep[0]++ )
{
+ /* Step 1 or 4 */
md_hmac_starts( &ctx->md_ctx, ctx->K, md_len );
md_hmac_update( &ctx->md_ctx, ctx->V, md_len );
md_hmac_update( &ctx->md_ctx, sep, 1 );
@@ -53,6 +55,7 @@
md_hmac_update( &ctx->md_ctx, additional, add_len );
md_hmac_finish( &ctx->md_ctx, ctx->K );
+ /* Step 2 or 5 */
md_hmac_starts( &ctx->md_ctx, ctx->K, md_len );
md_hmac_update( &ctx->md_ctx, ctx->V, md_len );
md_hmac_finish( &ctx->md_ctx, ctx->V );
@@ -82,15 +85,24 @@
}
/*
- * Simplified HMAC_DRBG random function
+ * HMAC_DRBG random function with optional additional data (10.1.2.5)
*/
-int hmac_drbg_random( void *p_rng, unsigned char *output, size_t out_len )
+int hmac_drbg_random_with_add( void *p_rng,
+ unsigned char *output, size_t out_len,
+ const unsigned char *additional, size_t add_len )
{
hmac_drbg_context *ctx = (hmac_drbg_context *) p_rng;
- size_t md_len = ctx->md_ctx.md_info->size;
+ size_t md_len = md_get_size( ctx->md_ctx.md_info );
size_t left = out_len;
unsigned char *out = output;
+ /* 1. Check reseed counter (TODO) */
+
+ /* 2. Use additional data if any */
+ if( additional != NULL && add_len != 0 )
+ hmac_drbg_update( ctx, additional, add_len );
+
+ /* 3, 4, 5. Generate bytes */
while( left != 0 )
{
size_t use_len = left > md_len ? md_len : left;
@@ -104,12 +116,24 @@
left -= use_len;
}
- hmac_drbg_update( ctx, NULL, 0 );
+ /* 6. Update */
+ hmac_drbg_update( ctx, additional, add_len );
+ /* 7. Update reseed counter (TODO) */
+
+ /* 8. Done */
return( 0 );
}
/*
+ * HMAC_DRBG random function
+ */
+int hmac_drbg_random( void *p_rng, unsigned char *output, size_t out_len )
+{
+ return( hmac_drbg_random_with_add( p_rng, output, out_len, NULL, 0 ) );
+}
+
+/*
* Free an HMAC_DRBG context
*/
void hmac_drbg_free( hmac_drbg_context *ctx )
