public int Generate(byte[] output, byte[] additionalInput, bool predictionResistant) { if (mIsTdea) { if (mReseedCounter > TDEA_RESEED_MAX) { return(-1); } if (DrbgUtilities.IsTooLarge(output, TDEA_MAX_BITS_REQUEST / 8)) { throw new ArgumentException("Number of bits per request limited to " + TDEA_MAX_BITS_REQUEST, "output"); } } else { if (mReseedCounter > AES_RESEED_MAX) { return(-1); } if (DrbgUtilities.IsTooLarge(output, AES_MAX_BITS_REQUEST / 8)) { throw new ArgumentException("Number of bits per request limited to " + AES_MAX_BITS_REQUEST, "output"); } } if (predictionResistant) { CTR_DRBG_Reseed_algorithm(additionalInput); additionalInput = null; } if (additionalInput != null) { additionalInput = Block_Cipher_df(additionalInput, mSeedLength); CTR_DRBG_Update(additionalInput, mKey, mV); } else { additionalInput = new byte[mSeedLength]; } byte[] array = new byte[mV.Length]; mEngine.Init(forEncryption: true, new KeyParameter(ExpandKey(mKey))); for (int i = 0; i <= output.Length / array.Length; i++) { int num = (output.Length - i * array.Length > array.Length) ? array.Length : (output.Length - i * mV.Length); if (num != 0) { AddOneTo(mV); mEngine.ProcessBlock(mV, 0, array, 0); Array.Copy(array, 0, output, i * array.Length, num); } } CTR_DRBG_Update(additionalInput, mKey, mV); mReseedCounter++; return(output.Length * 8); }
public void Reseed(byte[] additionalInput) { byte[] entropy = GetEntropy(); byte[] seedMaterial = Arrays.ConcatenateAll(ONE, mV, entropy, additionalInput); byte[] array = mV = DrbgUtilities.HashDF(mDigest, seedMaterial, mSeedLength); byte[] array2 = new byte[mV.Length + 1]; array2[0] = 0; Array.Copy(mV, 0, array2, 1, mV.Length); mC = DrbgUtilities.HashDF(mDigest, array2, mSeedLength); mReseedCounter = 1L; }
public HMacSP800Drbg(IMac hMac, int securityStrength, IEntropySource entropySource, byte[] personalizationString, byte[] nonce) { if (securityStrength > DrbgUtilities.GetMaxSecurityStrength(hMac)) { throw new ArgumentException("Requested security strength is not supported by the derivation function"); } if (entropySource.EntropySize < securityStrength) { throw new ArgumentException("Not enough entropy for security strength required"); } mHMac = hMac; mSecurityStrength = securityStrength; mEntropySource = entropySource; byte[] entropy = GetEntropy(); byte[] seedMaterial = Arrays.ConcatenateAll(entropy, nonce, personalizationString); mK = new byte[hMac.GetMacSize()]; mV = new byte[mK.Length]; Arrays.Fill(mV, 1); hmac_DRBG_Update(seedMaterial); mReseedCounter = 1L; }
public HashSP800Drbg(IDigest digest, int securityStrength, IEntropySource entropySource, byte[] personalizationString, byte[] nonce) { if (securityStrength > DrbgUtilities.GetMaxSecurityStrength(digest)) { throw new ArgumentException("Requested security strength is not supported by the derivation function"); } if (entropySource.EntropySize < securityStrength) { throw new ArgumentException("Not enough entropy for security strength required"); } mDigest = digest; mEntropySource = entropySource; mSecurityStrength = securityStrength; mSeedLength = (int)seedlens[digest.AlgorithmName]; byte[] entropy = GetEntropy(); byte[] seedMaterial = Arrays.ConcatenateAll(entropy, nonce, personalizationString); byte[] array = mV = DrbgUtilities.HashDF(mDigest, seedMaterial, mSeedLength); byte[] array2 = new byte[mV.Length + 1]; Array.Copy(mV, 0, array2, 1, mV.Length); mC = DrbgUtilities.HashDF(mDigest, array2, mSeedLength); mReseedCounter = 1L; }