improve fortuna_import()
This makes fortuna_import() kinda compliant to the "Update seed file" behavior of the original paper. It differs from the original behavior in that it allows to import seed files which are larger than 64 bytes. (cherry picked from commit 39d4a14c29c97f002b85038bdcdc2a788f83fe73)
This commit is contained in:
Steffen Jaeckel
parent
89dffe6c7e
commit
affb3d70cb
@ -124,6 +124,46 @@ static int _fortuna_reseed(prng_state *prng)
|
|||||||
return CRYPT_OK;
|
return CRYPT_OK;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
"Update Seed File"-compliant update of K
|
||||||
|
|
||||||
|
@param in The PRNG state
|
||||||
|
@param inlen Size of the state
|
||||||
|
@param prng The PRNG to import
|
||||||
|
@return CRYPT_OK if successful
|
||||||
|
*/
|
||||||
|
static int _fortuna_update_seed(const unsigned char *in, unsigned long inlen, prng_state *prng)
|
||||||
|
{
|
||||||
|
int err;
|
||||||
|
unsigned char tmp[MAXBLOCKSIZE];
|
||||||
|
hash_state md;
|
||||||
|
|
||||||
|
LTC_MUTEX_LOCK(&prng->lock);
|
||||||
|
/* new K = LTC_SHA256(K || in) */
|
||||||
|
sha256_init(&md);
|
||||||
|
if ((err = sha256_process(&md, prng->fortuna.K, 32)) != CRYPT_OK) {
|
||||||
|
sha256_done(&md, tmp);
|
||||||
|
goto LBL_UNLOCK;
|
||||||
|
}
|
||||||
|
if ((err = sha256_process(&md, in, inlen)) != CRYPT_OK) {
|
||||||
|
sha256_done(&md, tmp);
|
||||||
|
goto LBL_UNLOCK;
|
||||||
|
}
|
||||||
|
/* finish key */
|
||||||
|
if ((err = sha256_done(&md, prng->fortuna.K)) != CRYPT_OK) {
|
||||||
|
goto LBL_UNLOCK;
|
||||||
|
}
|
||||||
|
_fortuna_update_iv(prng);
|
||||||
|
|
||||||
|
LBL_UNLOCK:
|
||||||
|
LTC_MUTEX_UNLOCK(&prng->lock);
|
||||||
|
#ifdef LTC_CLEAN_STACK
|
||||||
|
zeromem(&md, sizeof(md));
|
||||||
|
#endif
|
||||||
|
|
||||||
|
return err;
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
Start the PRNG
|
Start the PRNG
|
||||||
@param prng [out] The PRNG state to initialize
|
@param prng [out] The PRNG state to initialize
|
||||||
@ -412,8 +452,7 @@ LBL_UNLOCK:
|
|||||||
*/
|
*/
|
||||||
int fortuna_import(const unsigned char *in, unsigned long inlen, prng_state *prng)
|
int fortuna_import(const unsigned char *in, unsigned long inlen, prng_state *prng)
|
||||||
{
|
{
|
||||||
int err, x;
|
int err;
|
||||||
unsigned long len;
|
|
||||||
|
|
||||||
LTC_ARGCHK(in != NULL);
|
LTC_ARGCHK(in != NULL);
|
||||||
LTC_ARGCHK(prng != NULL);
|
LTC_ARGCHK(prng != NULL);
|
||||||
@ -425,16 +464,12 @@ int fortuna_import(const unsigned char *in, unsigned long inlen, prng_state *prn
|
|||||||
if ((err = fortuna_start(prng)) != CRYPT_OK) {
|
if ((err = fortuna_start(prng)) != CRYPT_OK) {
|
||||||
return err;
|
return err;
|
||||||
}
|
}
|
||||||
x = 0;
|
|
||||||
while (inlen > 0) {
|
if ((err = _fortuna_update_seed(in, inlen, prng)) != CRYPT_OK) {
|
||||||
len = MIN(inlen, 32);
|
|
||||||
if ((err = fortuna_add_entropy(in+x*32, len, prng)) != CRYPT_OK) {
|
|
||||||
return err;
|
return err;
|
||||||
}
|
}
|
||||||
x++;
|
|
||||||
inlen -= len;
|
return err;
|
||||||
}
|
|
||||||
return CRYPT_OK;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user