Преглед изворни кода

[rng] Add get_random_nz() function required by RSA algorithm

RSA requires the generation of random non-zero bytes (i.e. a sequence
of random numbers in the range [0x01,0xff]).  ANS X9.82 provides
various Approved methods for converting random bits into random
numbers.  The simplest such method is the Simple Discard Method.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
tags/v1.20.1
Michael Brown пре 13 година
родитељ
комит
4fb60435c9
2 измењених фајлова са 91 додато и 0 уклоњено
  1. 75
    0
      src/crypto/random_nz.c
  2. 16
    0
      src/include/ipxe/random_nz.h

+ 75
- 0
src/crypto/random_nz.c Прегледај датотеку

@@ -0,0 +1,75 @@
1
+/*
2
+ * Copyright (C) 2012 Michael Brown <mbrown@fensystems.co.uk>.
3
+ *
4
+ * This program is free software; you can redistribute it and/or
5
+ * modify it under the terms of the GNU General Public License as
6
+ * published by the Free Software Foundation; either version 2 of the
7
+ * License, or any later version.
8
+ *
9
+ * This program is distributed in the hope that it will be useful, but
10
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
11
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
12
+ * General Public License for more details.
13
+ *
14
+ * You should have received a copy of the GNU General Public License
15
+ * along with this program; if not, write to the Free Software
16
+ * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
17
+ */
18
+
19
+FILE_LICENCE ( GPL2_OR_LATER );
20
+
21
+/** @file
22
+ *
23
+ * Random non-zero bytes
24
+ *
25
+ * The RSA algorithm requires the generation of random non-zero bytes,
26
+ * i.e. bytes in the range [0x01,0xff].
27
+ *
28
+ * This algorithm is designed to comply with ANS X9.82 Part 1-2006
29
+ * Section 9.2.1.  This standard is not freely available, but most of
30
+ * the text appears to be shared with NIST SP 800-90, which can be
31
+ * downloaded from
32
+ *
33
+ *     http://csrc.nist.gov/publications/nistpubs/800-90/SP800-90revised_March2007.pdf
34
+ *
35
+ * Where possible, references are given to both documents.  In the
36
+ * case of any disagreement, ANS X9.82 takes priority over NIST SP
37
+ * 800-90.  (In particular, note that some algorithms that are
38
+ * Approved by NIST SP 800-90 are not Approved by ANS X9.82.)
39
+ */
40
+
41
+#include <stddef.h>
42
+#include <stdint.h>
43
+#include <ipxe/rbg.h>
44
+#include <ipxe/random_nz.h>
45
+
46
+/**
47
+ * Get random non-zero bytes
48
+ *
49
+ * @v data		Output buffer
50
+ * @v len		Length of output buffer
51
+ * @ret rc		Return status code
52
+ *
53
+ * This algorithm is designed to be isomorphic to the Simple Discard
54
+ * Method described in ANS X9.82 Part 1-2006 Section 9.2.1 (NIST SP
55
+ * 800-90 Section B.5.1.1).
56
+ */
57
+int get_random_nz ( void *data, size_t len ) {
58
+	uint8_t *bytes = data;
59
+	int rc;
60
+
61
+	while ( len ) {
62
+
63
+		/* Generate random byte */
64
+		if ( ( rc = rbg_generate ( NULL, 0, 0, bytes, 1 ) ) != 0 )
65
+			return rc;
66
+
67
+		/* Move to next byte if this byte is acceptable */
68
+		if ( *bytes != 0 ) {
69
+			bytes++;
70
+			len--;
71
+		}
72
+	}
73
+
74
+	return 0;
75
+}

+ 16
- 0
src/include/ipxe/random_nz.h Прегледај датотеку

@@ -0,0 +1,16 @@
1
+#ifndef _IPXE_RANDOM_NZ_H
2
+#define _IPXE_RANDOM_NZ_H
3
+
4
+/** @file
5
+ *
6
+ * HMAC_DRBG algorithm
7
+ *
8
+ */
9
+
10
+FILE_LICENCE ( GPL2_OR_LATER );
11
+
12
+#include <stdint.h>
13
+
14
+extern int get_random_nz ( void *data, size_t len );
15
+
16
+#endif /* _IPXE_RANDOM_NZ_H */

Loading…
Откажи
Сачувај