mirror of
https://github.com/trezor/trezor-firmware.git
synced 2024-11-22 07:28:10 +00:00
crypto: add chacha_drbg
This commit is contained in:
parent
72cde5a57d
commit
d5bfe6b32f
@ -63,6 +63,7 @@ SOURCE_MOD += [
|
|||||||
'vendor/trezor-crypto/chacha20poly1305/chacha_merged.c',
|
'vendor/trezor-crypto/chacha20poly1305/chacha_merged.c',
|
||||||
'vendor/trezor-crypto/chacha20poly1305/poly1305-donna.c',
|
'vendor/trezor-crypto/chacha20poly1305/poly1305-donna.c',
|
||||||
'vendor/trezor-crypto/chacha20poly1305/rfc7539.c',
|
'vendor/trezor-crypto/chacha20poly1305/rfc7539.c',
|
||||||
|
'vendor/trezor-crypto/chacha_drbg.c',
|
||||||
'vendor/trezor-crypto/curves.c',
|
'vendor/trezor-crypto/curves.c',
|
||||||
'vendor/trezor-crypto/ecdsa.c',
|
'vendor/trezor-crypto/ecdsa.c',
|
||||||
'vendor/trezor-crypto/ed25519-donna/curve25519-donna-32bit.c',
|
'vendor/trezor-crypto/ed25519-donna/curve25519-donna-32bit.c',
|
||||||
|
@ -63,6 +63,7 @@ SOURCE_MOD += [
|
|||||||
'vendor/trezor-crypto/chacha20poly1305/chacha_merged.c',
|
'vendor/trezor-crypto/chacha20poly1305/chacha_merged.c',
|
||||||
'vendor/trezor-crypto/chacha20poly1305/poly1305-donna.c',
|
'vendor/trezor-crypto/chacha20poly1305/poly1305-donna.c',
|
||||||
'vendor/trezor-crypto/chacha20poly1305/rfc7539.c',
|
'vendor/trezor-crypto/chacha20poly1305/rfc7539.c',
|
||||||
|
'vendor/trezor-crypto/chacha_drbg.c',
|
||||||
'vendor/trezor-crypto/ed25519-donna/curve25519-donna-32bit.c',
|
'vendor/trezor-crypto/ed25519-donna/curve25519-donna-32bit.c',
|
||||||
'vendor/trezor-crypto/ed25519-donna/curve25519-donna-helpers.c',
|
'vendor/trezor-crypto/ed25519-donna/curve25519-donna-helpers.c',
|
||||||
'vendor/trezor-crypto/ed25519-donna/curve25519-donna-scalarmult-base.c',
|
'vendor/trezor-crypto/ed25519-donna/curve25519-donna-scalarmult-base.c',
|
||||||
|
62
crypto/chacha_drbg.c
Normal file
62
crypto/chacha_drbg.c
Normal file
@ -0,0 +1,62 @@
|
|||||||
|
/*
|
||||||
|
* This file is part of the Trezor project, https://trezor.io/
|
||||||
|
*
|
||||||
|
* Copyright (c) SatoshiLabs
|
||||||
|
*
|
||||||
|
* This program is free software: you can redistribute it and/or modify
|
||||||
|
* it under the terms of the GNU General Public License as published by
|
||||||
|
* the Free Software Foundation, either version 3 of the License, or
|
||||||
|
* (at your option) any later version.
|
||||||
|
*
|
||||||
|
* This program is distributed in the hope that it will be useful,
|
||||||
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
* GNU General Public License for more details.
|
||||||
|
*
|
||||||
|
* You should have received a copy of the GNU General Public License
|
||||||
|
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include "chacha_drbg.h"
|
||||||
|
|
||||||
|
#include <stdint.h>
|
||||||
|
|
||||||
|
#define MAX(a, b) (a) > (b) ? (a) : (b)
|
||||||
|
|
||||||
|
void chacha_drbg_init(CHACHA_DRBG_CTX *ctx,
|
||||||
|
const uint8_t entropy[CHACHA_DRBG_SEED_LENGTH]) {
|
||||||
|
uint8_t buffer[MAX(CHACHA_DRBG_KEY_LENGTH, CHACHA_DRBG_IV_LENGTH)] = {0};
|
||||||
|
ECRYPT_keysetup(&ctx->chacha_ctx, buffer, CHACHA_DRBG_KEY_LENGTH * 8,
|
||||||
|
CHACHA_DRBG_IV_LENGTH * 8);
|
||||||
|
ECRYPT_ivsetup(&ctx->chacha_ctx, buffer);
|
||||||
|
|
||||||
|
chacha_drbg_reseed(ctx, entropy);
|
||||||
|
}
|
||||||
|
|
||||||
|
static void chacha_drbg_update(CHACHA_DRBG_CTX *ctx,
|
||||||
|
const uint8_t data[CHACHA_DRBG_SEED_LENGTH]) {
|
||||||
|
uint8_t buffer[CHACHA_DRBG_SEED_LENGTH] = {0};
|
||||||
|
|
||||||
|
if (data)
|
||||||
|
ECRYPT_encrypt_bytes(&ctx->chacha_ctx, data, buffer,
|
||||||
|
CHACHA_DRBG_SEED_LENGTH);
|
||||||
|
else
|
||||||
|
ECRYPT_keystream_bytes(&ctx->chacha_ctx, buffer, CHACHA_DRBG_SEED_LENGTH);
|
||||||
|
|
||||||
|
ECRYPT_keysetup(&ctx->chacha_ctx, buffer, CHACHA_DRBG_KEY_LENGTH * 8,
|
||||||
|
CHACHA_DRBG_IV_LENGTH * 8);
|
||||||
|
ECRYPT_ivsetup(&ctx->chacha_ctx, buffer + CHACHA_DRBG_KEY_LENGTH);
|
||||||
|
}
|
||||||
|
|
||||||
|
void chacha_drbg_generate(CHACHA_DRBG_CTX *ctx, uint8_t *output,
|
||||||
|
uint8_t output_length) {
|
||||||
|
ECRYPT_keystream_bytes(&ctx->chacha_ctx, output, output_length);
|
||||||
|
chacha_drbg_update(ctx, NULL);
|
||||||
|
ctx->reseed_counter++;
|
||||||
|
}
|
||||||
|
|
||||||
|
void chacha_drbg_reseed(CHACHA_DRBG_CTX *ctx,
|
||||||
|
const uint8_t entropy[CHACHA_DRBG_SEED_LENGTH]) {
|
||||||
|
chacha_drbg_update(ctx, entropy);
|
||||||
|
ctx->reseed_counter = 1;
|
||||||
|
}
|
43
crypto/chacha_drbg.h
Normal file
43
crypto/chacha_drbg.h
Normal file
@ -0,0 +1,43 @@
|
|||||||
|
/*
|
||||||
|
* This file is part of the Trezor project, https://trezor.io/
|
||||||
|
*
|
||||||
|
* Copyright (c) SatoshiLabs
|
||||||
|
*
|
||||||
|
* This program is free software: you can redistribute it and/or modify
|
||||||
|
* it under the terms of the GNU General Public License as published by
|
||||||
|
* the Free Software Foundation, either version 3 of the License, or
|
||||||
|
* (at your option) any later version.
|
||||||
|
*
|
||||||
|
* This program is distributed in the hope that it will be useful,
|
||||||
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
* GNU General Public License for more details.
|
||||||
|
*
|
||||||
|
* You should have received a copy of the GNU General Public License
|
||||||
|
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef __CHACHA_DRBG__
|
||||||
|
#define __CHACHA_DRBG__
|
||||||
|
|
||||||
|
#include "chacha20poly1305/chacha20poly1305.h"
|
||||||
|
|
||||||
|
// Very fast deterministic random bit generator inspired by CTR_DRBG in NIST SP
|
||||||
|
// 800-90A
|
||||||
|
|
||||||
|
#define CHACHA_DRBG_KEY_LENGTH 16
|
||||||
|
#define CHACHA_DRBG_IV_LENGTH 8
|
||||||
|
#define CHACHA_DRBG_SEED_LENGTH (CHACHA_DRBG_KEY_LENGTH + CHACHA_DRBG_IV_LENGTH)
|
||||||
|
|
||||||
|
typedef struct _CHACHA_DRBG_CTX {
|
||||||
|
ECRYPT_ctx chacha_ctx;
|
||||||
|
uint32_t reseed_counter;
|
||||||
|
} CHACHA_DRBG_CTX;
|
||||||
|
|
||||||
|
void chacha_drbg_init(CHACHA_DRBG_CTX *ctx,
|
||||||
|
const uint8_t entropy[CHACHA_DRBG_SEED_LENGTH]);
|
||||||
|
void chacha_drbg_reseed(CHACHA_DRBG_CTX *ctx,
|
||||||
|
const uint8_t entropy[CHACHA_DRBG_SEED_LENGTH]);
|
||||||
|
void chacha_drbg_generate(CHACHA_DRBG_CTX *ctx, uint8_t *output,
|
||||||
|
uint8_t output_length);
|
||||||
|
#endif // __CHACHA_DRBG__
|
Loading…
Reference in New Issue
Block a user