public int Generate(byte[] output, byte[] additionalInput, bool predictionResistant)
{
if (mIsTdea)
{
if (mReseedCounter > TDEA_RESEED_MAX)
{
return(-1);
}
if (DrbgUtilities.IsTooLarge(output, TDEA_MAX_BITS_REQUEST / 8))
{
throw new ArgumentException("Number of bits per request limited to " + TDEA_MAX_BITS_REQUEST, "output");
}
}
else
{
if (mReseedCounter > AES_RESEED_MAX)
{
return(-1);
}
if (DrbgUtilities.IsTooLarge(output, AES_MAX_BITS_REQUEST / 8))
{
throw new ArgumentException("Number of bits per request limited to " + AES_MAX_BITS_REQUEST, "output");
}
}
if (predictionResistant)
{
CTR_DRBG_Reseed_algorithm(additionalInput);
additionalInput = null;
}
if (additionalInput != null)
{
additionalInput = Block_Cipher_df(additionalInput, mSeedLength);
CTR_DRBG_Update(additionalInput, mKey, mV);
}
else
{
additionalInput = new byte[mSeedLength];
}
byte[] array = new byte[mV.Length];
mEngine.Init(forEncryption: true, new KeyParameter(ExpandKey(mKey)));
for (int i = 0; i <= output.Length / array.Length; i++)
{
int num = (output.Length - i * array.Length > array.Length) ? array.Length : (output.Length - i * mV.Length);
if (num != 0)
{
AddOneTo(mV);
mEngine.ProcessBlock(mV, 0, array, 0);
Array.Copy(array, 0, output, i * array.Length, num);
}
}
CTR_DRBG_Update(additionalInput, mKey, mV);
mReseedCounter++;
return(output.Length * 8);
}
public void Reseed(byte[] additionalInput)
{
byte[] entropy = GetEntropy();
byte[] seedMaterial = Arrays.ConcatenateAll(ONE, mV, entropy, additionalInput);
byte[] array = mV = DrbgUtilities.HashDF(mDigest, seedMaterial, mSeedLength);
byte[] array2 = new byte[mV.Length + 1];
array2[0] = 0;
Array.Copy(mV, 0, array2, 1, mV.Length);
mC = DrbgUtilities.HashDF(mDigest, array2, mSeedLength);
mReseedCounter = 1L;
}
public HMacSP800Drbg(IMac hMac, int securityStrength, IEntropySource entropySource, byte[] personalizationString, byte[] nonce)
{
if (securityStrength > DrbgUtilities.GetMaxSecurityStrength(hMac))
{
throw new ArgumentException("Requested security strength is not supported by the derivation function");
}
if (entropySource.EntropySize < securityStrength)
{
throw new ArgumentException("Not enough entropy for security strength required");
}
mHMac = hMac;
mSecurityStrength = securityStrength;
mEntropySource = entropySource;
byte[] entropy = GetEntropy();
byte[] seedMaterial = Arrays.ConcatenateAll(entropy, nonce, personalizationString);
mK = new byte[hMac.GetMacSize()];
mV = new byte[mK.Length];
Arrays.Fill(mV, 1);
hmac_DRBG_Update(seedMaterial);
mReseedCounter = 1L;
}
public HashSP800Drbg(IDigest digest, int securityStrength, IEntropySource entropySource, byte[] personalizationString, byte[] nonce)
{
if (securityStrength > DrbgUtilities.GetMaxSecurityStrength(digest))
{
throw new ArgumentException("Requested security strength is not supported by the derivation function");
}
if (entropySource.EntropySize < securityStrength)
{
throw new ArgumentException("Not enough entropy for security strength required");
}
mDigest = digest;
mEntropySource = entropySource;
mSecurityStrength = securityStrength;
mSeedLength = (int)seedlens[digest.AlgorithmName];
byte[] entropy = GetEntropy();
byte[] seedMaterial = Arrays.ConcatenateAll(entropy, nonce, personalizationString);
byte[] array = mV = DrbgUtilities.HashDF(mDigest, seedMaterial, mSeedLength);
byte[] array2 = new byte[mV.Length + 1];
Array.Copy(mV, 0, array2, 1, mV.Length);
mC = DrbgUtilities.HashDF(mDigest, array2, mSeedLength);
mReseedCounter = 1L;
}
