1386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari/*
2386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * ctr_prng.c
3386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari *
4386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * counter mode based pseudorandom source
5386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari *
6386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * David A. McGrew
7386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * Cisco Systems, Inc.
8386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari */
9386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari/*
10386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari *
11386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * Copyright(c) 2001-2006 Cisco Systems, Inc.
12386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * All rights reserved.
13386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari *
14386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * Redistribution and use in source and binary forms, with or without
15386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * modification, are permitted provided that the following conditions
16386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * are met:
17386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari *
18386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari *   Redistributions of source code must retain the above copyright
19386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari *   notice, this list of conditions and the following disclaimer.
20386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari *
21386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari *   Redistributions in binary form must reproduce the above
22386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari *   copyright notice, this list of conditions and the following
23386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari *   disclaimer in the documentation and/or other materials provided
24386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari *   with the distribution.
25386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari *
26386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari *   Neither the name of the Cisco Systems, Inc. nor the names of its
27386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari *   contributors may be used to endorse or promote products derived
28386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari *   from this software without specific prior written permission.
29386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari *
30386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
31386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
32386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
33386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
34386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
35386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
36386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
37386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
38386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
39386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
40386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
41386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari * OF THE POSSIBILITY OF SUCH DAMAGE.
42386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari *
43386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari */
44386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari
45386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari
46386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari#include "prng.h"
47386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari
48386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari/* single, global prng structure */
49386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari
50386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagarictr_prng_t ctr_prng;
51386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari
52386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagarierr_status_t
53386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagarictr_prng_init(rand_source_func_t random_source) {
54386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari  uint8_t tmp_key[32];
55386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari  err_status_t status;
56386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari
57386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari  /* initialize output count to zero */
58386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari  ctr_prng.octet_count = 0;
59386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari
60386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari  /* set random source */
61386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari  ctr_prng.rand = random_source;
62386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari
63386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari  /* initialize secret key from random source */
64386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari  status = random_source(tmp_key, 32);
65386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari  if (status)
66386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari    return status;
67386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari
68386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari  /* initialize aes ctr context with random key */
69386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari  status = aes_icm_context_init(&ctr_prng.state, tmp_key);
70386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari  if (status)
71386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari    return status;
72386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari
73386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari  return err_status_ok;
74386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari}
75386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari
76386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagarierr_status_t
77386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagarictr_prng_get_octet_string(void *dest, uint32_t len) {
78386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari  err_status_t status;
79386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari
80386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari  /*
81386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari   * if we need to re-initialize the prng, do so now
82386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari   *
83386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari   * avoid 32-bit overflows by subtracting instead of adding
84386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari   */
85386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari  if (ctr_prng.octet_count > MAX_PRNG_OUT_LEN - len) {
86386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari    status = ctr_prng_init(ctr_prng.rand);
87386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari    if (status)
88386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari      return status;
89386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari  }
90386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari  ctr_prng.octet_count += len;
91386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari
92386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari  /*
93386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari   * write prng output
94386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari   */
95386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari  status = aes_icm_output(&ctr_prng.state, (uint8_t*)dest, len);
96386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari  if (status)
97386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari    return status;
98386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari
99386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari  return err_status_ok;
100386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari}
101386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari
102386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagarierr_status_t
103386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagarictr_prng_deinit(void) {
104386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari
105386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari  /* nothing */
106386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari
107386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari  return err_status_ok;
108386ce4d9144fc190797f4e43a31aeaf76ca2e373Param Reddappagari}
109