mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2025-01-25 00:11:10 +00:00
HMAC_DRBG: support set_entropy_len() before seed()
mbedtls_hmac_drbg_seed() always set the entropy length to the default, so a call to mbedtls_hmac_drbg_set_entropy_len() before seed() had no effect. Change this to the more intuitive behavior that set_entropy_len() sets the entropy length and seed() respects that and only uses the default entropy length if there was no call to set_entropy_len().
This commit is contained in:
parent
069fb0e09a
commit
c68b70c9dc
|
@ -139,13 +139,11 @@ void mbedtls_hmac_drbg_init( mbedtls_hmac_drbg_context *ctx );
|
||||||
* Note that SHA-256 is just as efficient as SHA-224.
|
* Note that SHA-256 is just as efficient as SHA-224.
|
||||||
* The security strength can be reduced if a smaller
|
* The security strength can be reduced if a smaller
|
||||||
* entropy length is set with
|
* entropy length is set with
|
||||||
* mbedtls_hmac_drbg_set_entropy_len() afterwards.
|
* mbedtls_hmac_drbg_set_entropy_len().
|
||||||
*
|
*
|
||||||
* \note The entropy length for the initial seeding is
|
* \note The default entropy length is the security strength
|
||||||
* the security strength (converted from bits to bytes).
|
* (converted from bits to bytes). You can override
|
||||||
* You can set a different entropy length for subsequent
|
* it by calling mbedtls_hmac_drbg_set_entropy_len().
|
||||||
* seeding by calling mbedtls_hmac_drbg_set_entropy_len()
|
|
||||||
* after this function.
|
|
||||||
*
|
*
|
||||||
* \note During the initial seeding, this function calls
|
* \note During the initial seeding, this function calls
|
||||||
* the entropy source to obtain a nonce
|
* the entropy source to obtain a nonce
|
||||||
|
@ -224,14 +222,9 @@ void mbedtls_hmac_drbg_set_prediction_resistance( mbedtls_hmac_drbg_context *ctx
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* \brief This function sets the amount of entropy grabbed on each
|
* \brief This function sets the amount of entropy grabbed on each
|
||||||
* reseed.
|
* seed or reseed.
|
||||||
*
|
*
|
||||||
* The default value is set by mbedtls_hmac_drbg_seed().
|
* See the documentation of mbedtls_hmac_drbg_seed() for the default value.
|
||||||
*
|
|
||||||
* \note mbedtls_hmac_drbg_seed() always sets the entropy length
|
|
||||||
* to the default value based on the chosen MD algorithm,
|
|
||||||
* so this function only has an effect if it is called
|
|
||||||
* after mbedtls_hmac_drbg_seed().
|
|
||||||
*
|
*
|
||||||
* \param ctx The HMAC_DRBG context.
|
* \param ctx The HMAC_DRBG context.
|
||||||
* \param len The amount of entropy to grab, in bytes.
|
* \param len The amount of entropy to grab, in bytes.
|
||||||
|
|
|
@ -273,6 +273,8 @@ int mbedtls_hmac_drbg_seed( mbedtls_hmac_drbg_context *ctx,
|
||||||
|
|
||||||
ctx->reseed_interval = MBEDTLS_HMAC_DRBG_RESEED_INTERVAL;
|
ctx->reseed_interval = MBEDTLS_HMAC_DRBG_RESEED_INTERVAL;
|
||||||
|
|
||||||
|
if( ctx->entropy_len == 0 )
|
||||||
|
{
|
||||||
/*
|
/*
|
||||||
* See SP800-57 5.6.1 (p. 65-66) for the security strength provided by
|
* See SP800-57 5.6.1 (p. 65-66) for the security strength provided by
|
||||||
* each hash function, then according to SP800-90A rev1 10.1 table 2,
|
* each hash function, then according to SP800-90A rev1 10.1 table 2,
|
||||||
|
@ -283,6 +285,7 @@ int mbedtls_hmac_drbg_seed( mbedtls_hmac_drbg_context *ctx,
|
||||||
ctx->entropy_len = md_size <= 20 ? 16 : /* 160-bits hash -> 128 bits */
|
ctx->entropy_len = md_size <= 20 ? 16 : /* 160-bits hash -> 128 bits */
|
||||||
md_size <= 28 ? 24 : /* 224-bits hash -> 192 bits */
|
md_size <= 28 ? 24 : /* 224-bits hash -> 192 bits */
|
||||||
32; /* better (256+) -> 256 bits */
|
32; /* better (256+) -> 256 bits */
|
||||||
|
}
|
||||||
|
|
||||||
if( ( ret = hmac_drbg_reseed_core( ctx, custom, len,
|
if( ( ret = hmac_drbg_reseed_core( ctx, custom, len,
|
||||||
1 /* add nonce */ ) ) != 0 )
|
1 /* add nonce */ ) ) != 0 )
|
||||||
|
@ -303,7 +306,7 @@ void mbedtls_hmac_drbg_set_prediction_resistance( mbedtls_hmac_drbg_context *ctx
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Set entropy length grabbed for reseeds
|
* Set entropy length grabbed for seeding
|
||||||
*/
|
*/
|
||||||
void mbedtls_hmac_drbg_set_entropy_len( mbedtls_hmac_drbg_context *ctx, size_t len )
|
void mbedtls_hmac_drbg_set_entropy_len( mbedtls_hmac_drbg_context *ctx, size_t len )
|
||||||
{
|
{
|
||||||
|
|
Loading…
Reference in a new issue