Split mbedtls_hmac_drbg_init() -> seed{,_buf}()
diff --git a/ChangeLog b/ChangeLog
index 7a9570e..0e876f0 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -17,6 +17,7 @@
been split into an _init() that returns void and another function:
mbedtls_ccm_init() -> mbedtls_ccm_setkey()
mbedtls_gcm_init() -> mbedtls_gcm_setkey()
+ mbedtls_hmac_drbg_init() -> mbedtls_hmac_drbg_init(_buf)()
* In the threading layer, mbedtls_mutex_init() and mbedtls_mutex_free() now
return void.
* ecdsa_write_signature() gained an addtional md_alg argument and
diff --git a/include/mbedtls/hmac_drbg.h b/include/mbedtls/hmac_drbg.h
index e1244bb..ed85dfe 100644
--- a/include/mbedtls/hmac_drbg.h
+++ b/include/mbedtls/hmac_drbg.h
@@ -90,9 +90,20 @@
} mbedtls_hmac_drbg_context;
/**
- * \brief HMAC_DRBG initialisation
+ * \brief HMAC_DRBG initialization (just make references valid)
+ * Makes the context ready for mbetls_hmac_drbg_seed(),
+ * mbedtls_hmac_drbg_seed_buf() or
+ * mbedtls_hmac_drbg_free().
*
- * \param ctx HMAC_DRBG context to be initialised
+ * \param ctx HMAC_DRBG context to be initialized
+ */
+void mbedtls_hmac_drbg_init( mbedtls_hmac_drbg_context *ctx );
+
+/**
+ * \brief HMAC_DRBG initial seeding
+ * Seed and setup entropy pool for later re-seeding.
+ *
+ * \param ctx HMAC_DRBG context to be seeded
* \param md_info MD algorithm to use for HMAC_DRBG
* \param f_entropy Entropy callback (p_entropy, buffer to fill, buffer
* length)
@@ -110,9 +121,9 @@
* \return 0 if successful, or
* MBEDTLS_ERR_MD_BAD_INPUT_DATA, or
* MBEDTLS_ERR_MD_ALLOC_FAILED, or
- * MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED.
+ * MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED.
*/
-int mbedtls_hmac_drbg_init( mbedtls_hmac_drbg_context *ctx,
+int mbedtls_hmac_drbg_seed( mbedtls_hmac_drbg_context *ctx,
const mbedtls_md_info_t * md_info,
int (*f_entropy)(void *, unsigned char *, size_t),
void *p_entropy,
@@ -132,7 +143,7 @@
* MBEDTLS_ERR_MD_BAD_INPUT_DATA, or
* MBEDTLS_ERR_MD_ALLOC_FAILED.
*/
-int mbedtls_hmac_drbg_init_buf( mbedtls_hmac_drbg_context *ctx,
+int mbedtls_hmac_drbg_seed_buf( mbedtls_hmac_drbg_context *ctx,
const mbedtls_md_info_t * md_info,
const unsigned char *data, size_t data_len );
diff --git a/library/ecdsa.c b/library/ecdsa.c
index 0e864fc..a7dcddb 100644
--- a/library/ecdsa.c
+++ b/library/ecdsa.c
@@ -174,13 +174,13 @@
return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
mbedtls_mpi_init( &h );
- memset( &rng_ctx, 0, sizeof( mbedtls_hmac_drbg_context ) );
+ mbedtls_hmac_drbg_init( &rng_ctx );
/* Use private key and message hash (reduced) to initialize HMAC_DRBG */
MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( d, data, grp_len ) );
MBEDTLS_MPI_CHK( derive_mpi( grp, &h, buf, blen ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &h, data + grp_len, grp_len ) );
- mbedtls_hmac_drbg_init_buf( &rng_ctx, md_info, data, 2 * grp_len );
+ mbedtls_hmac_drbg_seed_buf( &rng_ctx, md_info, data, 2 * grp_len );
ret = mbedtls_ecdsa_sign( grp, r, s, d, buf, blen,
mbedtls_hmac_drbg_random, &rng_ctx );
diff --git a/library/hmac_drbg.c b/library/hmac_drbg.c
index 48d5b48..710eb84 100644
--- a/library/hmac_drbg.c
+++ b/library/hmac_drbg.c
@@ -57,6 +57,14 @@
}
/*
+ * HMAC_DRBG context initialization
+ */
+void mbedtls_hmac_drbg_init( mbedtls_hmac_drbg_context *ctx )
+{
+ memset( ctx, 0, sizeof( mbedtls_hmac_drbg_context ) );
+}
+
+/*
* HMAC_DRBG update, using optional additional data (10.1.2.2)
*/
void mbedtls_hmac_drbg_update( mbedtls_hmac_drbg_context *ctx,
@@ -87,7 +95,7 @@
/*
* Simplified HMAC_DRBG initialisation (for use with deterministic ECDSA)
*/
-int mbedtls_hmac_drbg_init_buf( mbedtls_hmac_drbg_context *ctx,
+int mbedtls_hmac_drbg_seed_buf( mbedtls_hmac_drbg_context *ctx,
const mbedtls_md_info_t * md_info,
const unsigned char *data, size_t data_len )
{
@@ -157,7 +165,7 @@
/*
* HMAC_DRBG initialisation (10.1.2.3 + 9.1)
*/
-int mbedtls_hmac_drbg_init( mbedtls_hmac_drbg_context *ctx,
+int mbedtls_hmac_drbg_seed( mbedtls_hmac_drbg_context *ctx,
const mbedtls_md_info_t * md_info,
int (*f_entropy)(void *, unsigned char *, size_t),
void *p_entropy,
@@ -455,6 +463,8 @@
unsigned char buf[OUTPUT_LEN];
const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 );
+ mbedtls_hmac_drbg_init( &ctx );
+
/*
* PR = True
*/
@@ -462,7 +472,7 @@
mbedtls_printf( " HMAC_DRBG (PR = True) : " );
test_offset = 0;
- CHK( mbedtls_hmac_drbg_init( &ctx, md_info,
+ CHK( mbedtls_hmac_drbg_seed( &ctx, md_info,
hmac_drbg_self_test_entropy, (void *) entropy_pr,
NULL, 0 ) );
mbedtls_hmac_drbg_set_prediction_resistance( &ctx, MBEDTLS_HMAC_DRBG_PR_ON );
@@ -481,7 +491,7 @@
mbedtls_printf( " HMAC_DRBG (PR = False) : " );
test_offset = 0;
- CHK( mbedtls_hmac_drbg_init( &ctx, md_info,
+ CHK( mbedtls_hmac_drbg_seed( &ctx, md_info,
hmac_drbg_self_test_entropy, (void *) entropy_nopr,
NULL, 0 ) );
CHK( mbedtls_hmac_drbg_reseed( &ctx, NULL, 0 ) );
diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c
index db98bd6..c752ba6 100644
--- a/programs/test/benchmark.c
+++ b/programs/test/benchmark.c
@@ -538,18 +538,20 @@
mbedtls_hmac_drbg_context hmac_drbg;
const mbedtls_md_info_t *md_info;
+ mbedtls_hmac_drbg_init( &hmac_drbg );
+
#if defined(MBEDTLS_SHA1_C)
if( ( md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 ) ) == NULL )
mbedtls_exit(1);
- if( mbedtls_hmac_drbg_init( &hmac_drbg, md_info, myrand, NULL, NULL, 0 ) != 0 )
+ if( mbedtls_hmac_drbg_seed( &hmac_drbg, md_info, myrand, NULL, NULL, 0 ) != 0 )
mbedtls_exit(1);
TIME_AND_TSC( "HMAC_DRBG SHA-1 (NOPR)",
if( mbedtls_hmac_drbg_random( &hmac_drbg, buf, BUFSIZE ) != 0 )
mbedtls_exit(1) );
mbedtls_hmac_drbg_free( &hmac_drbg );
- if( mbedtls_hmac_drbg_init( &hmac_drbg, md_info, myrand, NULL, NULL, 0 ) != 0 )
+ if( mbedtls_hmac_drbg_seed( &hmac_drbg, md_info, myrand, NULL, NULL, 0 ) != 0 )
mbedtls_exit(1);
mbedtls_hmac_drbg_set_prediction_resistance( &hmac_drbg,
MBEDTLS_HMAC_DRBG_PR_ON );
@@ -563,14 +565,14 @@
if( ( md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 ) ) == NULL )
mbedtls_exit(1);
- if( mbedtls_hmac_drbg_init( &hmac_drbg, md_info, myrand, NULL, NULL, 0 ) != 0 )
+ if( mbedtls_hmac_drbg_seed( &hmac_drbg, md_info, myrand, NULL, NULL, 0 ) != 0 )
mbedtls_exit(1);
TIME_AND_TSC( "HMAC_DRBG SHA-256 (NOPR)",
if( mbedtls_hmac_drbg_random( &hmac_drbg, buf, BUFSIZE ) != 0 )
mbedtls_exit(1) );
mbedtls_hmac_drbg_free( &hmac_drbg );
- if( mbedtls_hmac_drbg_init( &hmac_drbg, md_info, myrand, NULL, NULL, 0 ) != 0 )
+ if( mbedtls_hmac_drbg_seed( &hmac_drbg, md_info, myrand, NULL, NULL, 0 ) != 0 )
mbedtls_exit(1);
mbedtls_hmac_drbg_set_prediction_resistance( &hmac_drbg,
MBEDTLS_HMAC_DRBG_PR_ON );
diff --git a/tests/suites/test_suite_hmac_drbg.function b/tests/suites/test_suite_hmac_drbg.function
index a227ecd..3cc9642 100644
--- a/tests/suites/test_suite_hmac_drbg.function
+++ b/tests/suites/test_suite_hmac_drbg.function
@@ -38,6 +38,7 @@
entropy_ctx entropy;
size_t last_len, i, reps = 10;
+ mbedtls_hmac_drbg_init( &ctx );
memset( buf, 0, sizeof( buf ) );
memset( out, 0, sizeof( out ) );
@@ -49,7 +50,7 @@
/* Init must use entropy */
last_len = entropy.len;
- TEST_ASSERT( mbedtls_hmac_drbg_init( &ctx, md_info, mbedtls_entropy_func, &entropy,
+ TEST_ASSERT( mbedtls_hmac_drbg_seed( &ctx, md_info, mbedtls_entropy_func, &entropy,
NULL, 0 ) == 0 );
TEST_ASSERT( entropy.len < last_len );
@@ -113,10 +114,12 @@
const mbedtls_md_info_t *md_info;
mbedtls_hmac_drbg_context ctx;
+ mbedtls_hmac_drbg_init( &ctx );
+
md_info = mbedtls_md_info_from_type( md_alg );
TEST_ASSERT( md_info != NULL );
- TEST_ASSERT( mbedtls_hmac_drbg_init( &ctx, md_info, rnd_std_rand, NULL,
+ TEST_ASSERT( mbedtls_hmac_drbg_seed( &ctx, md_info, rnd_std_rand, NULL,
NULL, 0 ) == 0 );
TEST_ASSERT( mbedtls_hmac_drbg_write_seed_file( &ctx, path ) == ret );
@@ -136,12 +139,13 @@
mbedtls_hmac_drbg_context ctx;
size_t i;
+ mbedtls_hmac_drbg_init( &ctx );
memset( buf, 0, sizeof( buf ) );
memset( out, 0, sizeof( out ) );
md_info = mbedtls_md_info_from_type( md_alg );
TEST_ASSERT( md_info != NULL );
- TEST_ASSERT( mbedtls_hmac_drbg_init_buf( &ctx, md_info, buf, sizeof( buf ) ) == 0 );
+ TEST_ASSERT( mbedtls_hmac_drbg_seed_buf( &ctx, md_info, buf, sizeof( buf ) ) == 0 );
/* Make sure it never tries to reseed (would segfault otherwise) */
mbedtls_hmac_drbg_set_reseed_interval( &ctx, 3 );
@@ -173,6 +177,7 @@
const mbedtls_md_info_t *md_info;
mbedtls_hmac_drbg_context ctx;
+ mbedtls_hmac_drbg_init( &ctx );
memset( my_output, 0, sizeof my_output );
custom_len = unhexify( custom, custom_hex );
@@ -188,7 +193,7 @@
/* Test the simplified buffer-based variant */
memcpy( data, entropy, p_entropy.len );
memcpy( data + p_entropy.len, custom, custom_len );
- TEST_ASSERT( mbedtls_hmac_drbg_init_buf( &ctx, md_info,
+ TEST_ASSERT( mbedtls_hmac_drbg_seed_buf( &ctx, md_info,
data, p_entropy.len + custom_len ) == 0 );
TEST_ASSERT( mbedtls_hmac_drbg_random_with_add( &ctx, my_output, out_len,
add1, add1_len ) == 0 );
@@ -201,7 +206,7 @@
TEST_ASSERT( memcmp( my_output, output, out_len ) == 0 );
/* And now the normal entropy-based variant */
- TEST_ASSERT( mbedtls_hmac_drbg_init( &ctx, md_info, mbedtls_entropy_func, &p_entropy,
+ TEST_ASSERT( mbedtls_hmac_drbg_seed( &ctx, md_info, mbedtls_entropy_func, &p_entropy,
custom, custom_len ) == 0 );
TEST_ASSERT( mbedtls_hmac_drbg_random_with_add( &ctx, my_output, out_len,
add1, add1_len ) == 0 );
@@ -232,6 +237,7 @@
const mbedtls_md_info_t *md_info;
mbedtls_hmac_drbg_context ctx;
+ mbedtls_hmac_drbg_init( &ctx );
memset( my_output, 0, sizeof my_output );
custom_len = unhexify( custom, custom_hex );
@@ -245,7 +251,7 @@
md_info = mbedtls_md_info_from_type( md_alg );
TEST_ASSERT( md_info != NULL );
- TEST_ASSERT( mbedtls_hmac_drbg_init( &ctx, md_info, mbedtls_entropy_func, &p_entropy,
+ TEST_ASSERT( mbedtls_hmac_drbg_seed( &ctx, md_info, mbedtls_entropy_func, &p_entropy,
custom, custom_len ) == 0 );
TEST_ASSERT( mbedtls_hmac_drbg_reseed( &ctx, add1, add1_len ) == 0 );
TEST_ASSERT( mbedtls_hmac_drbg_random_with_add( &ctx, my_output, out_len,
@@ -277,6 +283,7 @@
const mbedtls_md_info_t *md_info;
mbedtls_hmac_drbg_context ctx;
+ mbedtls_hmac_drbg_init( &ctx );
memset( my_output, 0, sizeof my_output );
custom_len = unhexify( custom, custom_hex );
@@ -289,7 +296,7 @@
md_info = mbedtls_md_info_from_type( md_alg );
TEST_ASSERT( md_info != NULL );
- TEST_ASSERT( mbedtls_hmac_drbg_init( &ctx, md_info, mbedtls_entropy_func, &p_entropy,
+ TEST_ASSERT( mbedtls_hmac_drbg_seed( &ctx, md_info, mbedtls_entropy_func, &p_entropy,
custom, custom_len ) == 0 );
mbedtls_hmac_drbg_set_prediction_resistance( &ctx, MBEDTLS_HMAC_DRBG_PR_ON );
TEST_ASSERT( mbedtls_hmac_drbg_random_with_add( &ctx, my_output, out_len,