Hi All,
I am trying to implement DRBG CAVS test harness function for Linux Kernel crypto DRBG with the following requirements.
1. Derivate function is enabled.
2. prediction resistance is not enabled
3. Entropy input length is 256
4. Nonce length is 256
5. Mode is AES-CTR 256
6. Reseed is supported
7. Intended use generate.
Thus inputs are
1. Entropy Input
2. Nonce
3. Entropy Additional Input
Flow goes something like below
drbg_string_fill(&testentropy, test->entropy, test->entropylen);
drbg_string_fill(&pers, test->pers, test->perslen);
ret = crypto_drbg_reset_test(drng, &pers, &test_data);
drbg_string_fill(&addtl, test->addtla, test->addtllen);
ret = crypto_drbg_get_bytes_addtl(drng, buf, test->expectedlen, &addtl);
I am not finding a way to input nonce. Please can anyone tell me how to input nonce.
Regards,
Jayalakshmi
Am Sonntag, 1. September 2019, 20:52:24 CEST schrieb Bhat, Jayalakshmi
Manjunath:
Hi Jayalakshmi,
> Hi All,
>
> I am trying to implement DRBG CAVS test harness function for Linux Kernel
> crypto DRBG with the following requirements. 1. Derivate function is
> enabled.
> 2. prediction resistance is not enabled
> 3. Entropy input length is 256
> 4. Nonce length is 256
> 5. Mode is AES-CTR 256
> 6. Reseed is supported
> 7. Intended use generate.
>
> Thus inputs are
> 1. Entropy Input
> 2. Nonce
> 3. Entropy Additional Input
>
> Flow goes something like below
> drbg_string_fill(&testentropy, test->entropy, test->entropylen);
> drbg_string_fill(&pers, test->pers, test->perslen);
> ret = crypto_drbg_reset_test(drng, &pers, &test_data);
> drbg_string_fill(&addtl, test->addtla, test->addtllen);
> ret = crypto_drbg_get_bytes_addtl(drng, buf, test->expectedlen,
&addtl);
>
> I am not finding a way to input nonce. Please can anyone tell me how to
> input nonce.
The entropy string for the DRBG is the CAVS entropy concatenated with the
nonce as defined in SP800-90A for each instantiate process of each DRBG.
>
> Regards,
> Jayalakshmi
Ciao
Stephan
Hi Stephan,
Thank you very much. I will try the same.
Regards,
Jaya
-----Original Message-----
From: Stephan Mueller <[email protected]>
Sent: Monday, September 02, 2019 2:35 PM
To: Bhat, Jayalakshmi Manjunath <[email protected]>
Cc: [email protected]
Subject: Re: How to use nonce in DRBG functions.
Am Sonntag, 1. September 2019, 20:52:24 CEST schrieb Bhat, Jayalakshmi
Manjunath:
Hi Jayalakshmi,
> Hi All,
>
> I am trying to implement DRBG CAVS test harness function for Linux Kernel
> crypto DRBG with the following requirements. 1. Derivate function is
> enabled.
> 2. prediction resistance is not enabled
> 3. Entropy input length is 256
> 4. Nonce length is 256
> 5. Mode is AES-CTR 256
> 6. Reseed is supported
> 7. Intended use generate.
>
> Thus inputs are
> 1. Entropy Input
> 2. Nonce
> 3. Entropy Additional Input
>
> Flow goes something like below
> drbg_string_fill(&testentropy, test->entropy, test->entropylen);
> drbg_string_fill(&pers, test->pers, test->perslen);
> ret = crypto_drbg_reset_test(drng, &pers, &test_data);
> drbg_string_fill(&addtl, test->addtla, test->addtllen);
> ret = crypto_drbg_get_bytes_addtl(drng, buf, test->expectedlen,
&addtl);
>
> I am not finding a way to input nonce. Please can anyone tell me how
> to input nonce.
The entropy string for the DRBG is the CAVS entropy concatenated with the nonce as defined in SP800-90A for each instantiate process of each DRBG.
>
> Regards,
> Jayalakshmi
Ciao
Stephan