1169689Skan/* $NetBSD: nist_ctr_drbg_aes256.h,v 1.1 2011/11/19 22:51:22 tls Exp $ */ 2169689Skan 3171825Skan/*- 4169689Skan * Copyright (c) 2011 The NetBSD Foundation, Inc. 5169689Skan * All rights reserved. 6169689Skan * 7169689Skan * This code is derived from software contributed to The NetBSD Foundation 8169689Skan * by Thor Lancelot Simon. 9169689Skan * 10169689Skan * Redistribution and use in source and binary forms, with or without 11169689Skan * modification, are permitted provided that the following conditions 12169689Skan * are met: 13169689Skan * 1. Redistributions of source code must retain the above copyright 14169689Skan * notice, this list of conditions and the following disclaimer. 15169689Skan * 2. Redistributions in binary form must reproduce the above copyright 16169689Skan * notice, this list of conditions and the following disclaimer in the 17169689Skan * documentation and/or other materials provided with the distribution. 18169689Skan * 19169689Skan * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 20169689Skan * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 21169689Skan * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 22169689Skan * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 23169689Skan * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 24169689Skan * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 25169689Skan * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 26169689Skan * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 27169689Skan * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 28169689Skan * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 29169689Skan * POSSIBILITY OF SUCH DAMAGE. 30169689Skan */ 31169689Skan 32169689Skan/* 33169689Skan * Copyright (c) 2007 Henric Jungheim <software@henric.info> 34169689Skan * 35169689Skan * Permission to use, copy, modify, and distribute this software for any 36169689Skan * purpose with or without fee is hereby granted, provided that the above 37169689Skan * copyright notice and this permission notice appear in all copies. 38169689Skan * 39169689Skan * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 40169689Skan * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 41169689Skan * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 42169689Skan * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 43169689Skan * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 44169689Skan * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 45169689Skan * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 46169689Skan */ 47169689Skan 48169689Skan/* 49169689Skan * NIST SP 800-90 CTR_DRBG (Random Number Generator) 50169689Skan */ 51169689Skan 52169689Skan#ifndef NIST_CTR_DRBG_AES256_H 53169689Skan#define NIST_CTR_DRBG_AES256_H 54169689Skan 55169689Skan/* Choose AES-256 as the underlying block cipher */ 56169689Skan#define NIST_BLOCK_KEYLEN (256) 57169689Skan#define NIST_BLOCK_KEYLEN_BYTES (NIST_BLOCK_KEYLEN / 8) 58169689Skan#define NIST_BLOCK_KEYLEN_INTS (NIST_BLOCK_KEYLEN_BYTES / sizeof(int)) 59169689Skan 60169689Skan#define NIST_BLOCK_OUTLEN (NIST_AES_BLOCKSIZEBITS) 61169689Skan#define NIST_BLOCK_OUTLEN_BYTES (NIST_BLOCK_OUTLEN / 8) 62169689Skan#define NIST_BLOCK_OUTLEN_INTS (NIST_BLOCK_OUTLEN_BYTES / sizeof(int)) 63169689Skan#define NIST_BLOCK_OUTLEN_LONGS (NIST_BLOCK_OUTLEN_BYTES / sizeof(long)) 64169689Skan 65169689Skantypedef NIST_AES_ENCRYPT_CTX NIST_Key; 66169689Skan 67169689Skan#define Block_Encrypt(ctx, src, dst) NIST_AES_ECB_Encrypt(ctx, src, dst) 68169689Skan#define Block_Schedule_Encryption(ctx, key) \ 69169689Skan NIST_AES_Schedule_Encryption(ctx, key, NIST_BLOCK_KEYLEN) 70169689Skan 71169689Skan/* 72169689Skan * NIST SP 800-90 March 2007 73169689Skan * 10.2 DRBG Mechanism Based on Block Ciphers 74169689Skan * 75169689Skan * Table 3 specifies the reseed interval as 76169689Skan * <= 2^48. We use 2^31 so we can always be sure it'll fit in an int. 77169689Skan */ 78169689Skan#define NIST_CTR_DRBG_RESEED_INTERVAL (0x7fffffffU) 79169689Skan 80169689Skan#endif /* NIST_CTR_DRBG_AES256_H */ 81169689Skan