view libtomcrypt/src/prngs/rng_make_prng.c @ 1638:315fcba6960e

dropbearconvert: keyimport.c: fix BER encoding of secp521r1 keys (#69) keysizes >= 128 octets will be encoded with a 3 byte header which must be accounted by the optional-header Reproduce: master:~/build/dropbear$ ./dropbearkey -t ecdsa -s 521 -f K Generating 521 bit ecdsa key, this may take a while... master:~/build/dropbear$ ./dropbearconvert d o K L Key is a ecdsa-sha2-nistp521 key Wrote key to 'L' master:~/build/dropbear$ openssl ec < L read EC key unable to load Key 139769806448384:error:0D07209B:asn1 encoding routines:ASN1_get_object:too long:crypto/asn1/asn1_lib.c:91:
author Christian Hohnstädt <christian@hohnstaedt.de>
date Wed, 20 Mar 2019 16:42:47 +0100
parents 6dba84798cd5
children
line wrap: on
line source

/* LibTomCrypt, modular cryptographic library -- Tom St Denis
 *
 * LibTomCrypt is a library that provides various cryptographic
 * algorithms in a highly modular and flexible manner.
 *
 * The library is free for all purposes without any express
 * guarantee it works.
 */
#include "tomcrypt.h"

#ifdef LTC_RNG_MAKE_PRNG
/**
  @file rng_make_prng.c
  portable way to get secure random bits to feed a PRNG  (Tom St Denis)
*/

/**
  Create a PRNG from a RNG
  @param bits     Number of bits of entropy desired (64 ... 1024)
  @param wprng    Index of which PRNG to setup
  @param prng     [out] PRNG state to initialize
  @param callback A pointer to a void function for when the RNG is slow, this can be NULL
  @return CRYPT_OK if successful
*/
int rng_make_prng(int bits, int wprng, prng_state *prng,
                  void (*callback)(void))
{
   unsigned char buf[256];
   int err;

   LTC_ARGCHK(prng != NULL);

   /* check parameter */
   if ((err = prng_is_valid(wprng)) != CRYPT_OK) {
      return err;
   }

   if (bits < 64 || bits > 1024) {
      return CRYPT_INVALID_PRNGSIZE;
   }

   if ((err = prng_descriptor[wprng].start(prng)) != CRYPT_OK) {
      return err;
   }

   bits = ((bits/8)+((bits&7)!=0?1:0)) * 2;
   if (rng_get_bytes(buf, (unsigned long)bits, callback) != (unsigned long)bits) {
      return CRYPT_ERROR_READPRNG;
   }

   if ((err = prng_descriptor[wprng].add_entropy(buf, (unsigned long)bits, prng)) != CRYPT_OK) {
      return err;
   }

   if ((err = prng_descriptor[wprng].ready(prng)) != CRYPT_OK) {
      return err;
   }

   #ifdef LTC_CLEAN_STACK
      zeromem(buf, sizeof(buf));
   #endif
   return CRYPT_OK;
}
#endif /* #ifdef LTC_RNG_MAKE_PRNG */


/* ref:         $Format:%D$ */
/* git commit:  $Format:%H$ */
/* commit time: $Format:%ai$ */