Domů Procházet Nápověda
Přihlásit se
torambo.com
/
Momentum-Apps
2
0
Rozštěpit 0
Soubory Úkoly 0 Pull Requesty 0 Wiki
Strom: a4812864da
Větve Značky
Momentum-Apps
/
lib
/
amiitool
/
drbg.c

drbg.c 2.1 KB
Historie Surový

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778 
  1. /*
    2. 

  2.  * (c) 2015-2017 Marcos Del Sol Vives
    3. 

  3.  * (c) 2016      javiMaD
    4. 

  4.  *
    5. 

  5.  * SPDX-License-Identifier: MIT
    6. 

  6.  */
    7. 

  7. 

  8. #include "drbg.h"
    9. 

  9. #include <assert.h>
    10. 

  10. #include <string.h>
    11. 

  11. #include <mbedtls/md.h>
    12. 

  12. 

  13. void nfc3d_drbg_init(nfc3d_drbg_ctx * ctx, const uint8_t * hmacKey, size_t hmacKeySize, const uint8_t * seed, size_t seedSize) {
    14. 

  14. 	assert(ctx != NULL);
    15. 

  15. 	assert(hmacKey != NULL);
    16. 

  16. 	assert(seed != NULL);
    17. 

  17. 	assert(seedSize <= NFC3D_DRBG_MAX_SEED_SIZE);
    18. 

  18. 

  19. 	// Initialize primitives
    20. 

  20. 	ctx->used = false;
    21. 

  21. 	ctx->iteration = 0;
    22. 

  22. 	ctx->bufferSize = sizeof(ctx->iteration) + seedSize;
    23. 

  23. 

  24. 	// The 16-bit counter is prepended to the seed when hashing, so we'll leave 2 bytes at the start
    25. 

  25. 	memcpy(ctx->buffer + sizeof(uint16_t), seed, seedSize);
    26. 

  26. 

  27. 	// Initialize underlying HMAC context
    28. 

  28. 	mbedtls_md_init(&ctx->hmacCtx);
    29. 

  29. 	mbedtls_md_setup(&ctx->hmacCtx, mbedtls_md_info_from_type(MBEDTLS_MD_SHA256), 1);
    30. 

  30. 	mbedtls_md_hmac_starts(&ctx->hmacCtx, hmacKey, hmacKeySize);
    31. 

  31. }
    32. 

  32. 

  33. void nfc3d_drbg_step(nfc3d_drbg_ctx * ctx, uint8_t * output) {
    34. 

  34. 	assert(ctx != NULL);
    35. 

  35. 	assert(output != NULL);
    36. 

  36. 

  37. 	if (ctx->used) {
    38. 

  38. 		// If used at least once, reinitialize the HMAC
    39. 

  39. 		mbedtls_md_hmac_reset(&ctx->hmacCtx);
    40. 

  40. 	} else {
    41. 

  41. 		ctx->used = true;
    42. 

  42. 	}
    43. 

  43. 

  44. 	// Store counter in big endian, and increment it
    45. 

  45. 	ctx->buffer[0] = ctx->iteration >> 8;
    46. 

  46. 	ctx->buffer[1] = ctx->iteration >> 0;
    47. 

  47. 	ctx->iteration++;
    48. 

  48. 

  49. 	// Do HMAC magic
    50. 

  50. 	mbedtls_md_hmac_update(&ctx->hmacCtx, ctx->buffer, ctx->bufferSize);
    51. 

  51. 	mbedtls_md_hmac_finish(&ctx->hmacCtx, output);
    52. 

  52. }
    53. 

  53. 

  54. void nfc3d_drbg_cleanup(nfc3d_drbg_ctx * ctx) {
    55. 

  55. 	assert(ctx != NULL);
    56. 

  56. 	mbedtls_md_free(&ctx->hmacCtx);
    57. 

  57. }
    58. 

  58. 

  59. void nfc3d_drbg_generate_bytes(const uint8_t * hmacKey, size_t hmacKeySize, const uint8_t * seed, size_t seedSize, uint8_t * output, size_t outputSize) {
    60. 

  60. 	uint8_t temp[NFC3D_DRBG_OUTPUT_SIZE];
    61. 

  61. 

  62. 	nfc3d_drbg_ctx rngCtx;
    63. 

  63. 	nfc3d_drbg_init(&rngCtx, hmacKey, hmacKeySize, seed, seedSize);
    64. 

  64. 

  65. 	while (outputSize > 0) {
    66. 

  66. 		if (outputSize < NFC3D_DRBG_OUTPUT_SIZE) {
    67. 

  67. 			nfc3d_drbg_step(&rngCtx, temp);
    68. 

  68. 			memcpy(output, temp, outputSize);
    69. 

  69. 			break;
    70. 

  70. 		}
    71. 

  71. 

  72. 		nfc3d_drbg_step(&rngCtx, output);
    73. 

  73. 		output += NFC3D_DRBG_OUTPUT_SIZE;
    74. 

  74. 		outputSize -= NFC3D_DRBG_OUTPUT_SIZE;
    75. 

  75. 	}
    76. 

  76. 

  77. 	nfc3d_drbg_cleanup(&rngCtx);
    78. 

  78. }
    79.