From bac07e2002f1de9b9ffad477135a67b1bdcf5d85 Mon Sep 17 00:00:00 2001 From: Stephan Mueller Date: Sat, 8 Mar 2014 23:16:24 +0100 Subject: [PATCH v3 6/7] DRBG specific gcry_control requests To: gcrypt-devel@gnupg.org Cc: jeremy.wayne.powell@gmail.com gcry_control GCRYCTL_DRBG_REINIT ================================ This control request re-initializes the DRBG completely, i.e. the entire state of the DRBG is zeroized (with two exceptions listed in GCRYCTL_DRBG_SET_ENTROPY). The control request takes the following values which influences how the DRBG is re-initialized: * __u32 flags: This variable specifies the DRBG type to be used for the next initialization. If set to 0, the previous DRBG type is used for the initialization. The DRBG type is an OR of the mandatory flags of the requested DRBG strength and DRBG cipher type. Optionally, the prediction resistance flag can be ORed into the flags variable. For example: - CTR-DRBG with AES-128 without prediction resistance: DRBG_CTRAES128 - HMAC-DRBG with SHA-512 with prediction resistance: DRBG_HMACSHA512 | DRBG_PREDICTION_RESIST * struct drbg_string *pers: personalization string to be used for initialization. * struct drbg_test_data *test: TEST parameter only -- should be NULL in normal use -- parameter sets predefined "entropy" The variable of flags is independent from the pers/perslen variables. If flags is set to 0 and perslen is set to 0, the current DRBG type is completely reset without using a personalization string. Changes v3: * addition of struct drbg_test_data *test to reinit call * change personalization string invocation to struct drbg_string * remove set_entropy call Signed-off-by: Stephan Mueller --- diff --git a/src/global.c b/src/global.c index 4e8df86..5c19cca 100644 --- a/src/global.c +++ b/src/global.c @@ -671,6 +671,15 @@ _gcry_vcontrol (enum gcry_ctl_cmds cmd, va_list arg_ptr) rc = GPG_ERR_NOT_IMPLEMENTED; break; + case GCRYCTL_DRBG_REINIT: + { + u_int32_t flags = va_arg (arg_ptr, u_int32_t); + struct drbg_string *pers = va_arg (arg_ptr, struct drbg_string *); + struct drbg_test_data *test_data = va_arg (arg_ptr, struct drbg_test_data *); + rc = _gcry_drbg_reinit(flags, pers, test_data); + } + break; + default: _gcry_set_preferred_rng_type (0); rc = GPG_ERR_INV_OP;