/* Copyright (c) (2021,2022) Apple Inc. All rights reserved. * * corecrypto is licensed under Apple Inc.’s Internal Use License Agreement (which * is contained in the License.txt file distributed with corecrypto) and only to * people who accept that license. IMPORTANT: Any license rights granted to you by * Apple Inc. (if any) are limited to internal use within your organization only on * devices and computers you own or control, for the sole purpose of verifying the * security characteristics and correct functioning of the Apple Software. You may * not, directly or indirectly, redistribute the Apple Software or any portions thereof. */ #ifndef _CORECRYPTO_CCRNG_CRYPTO_H_ #define _CORECRYPTO_CCRNG_CRYPTO_H_ #include #include #include #include "cc_lock.h" // This is a framework for a cryptographically-secure RNG. It is // configurable in many aspects, including: // // - DRBG implementation // - Entropy source // - Reseed schedule // - Locks (optional) // - Request chunking // - Output caching #define CCRNG_CRYPTO_SEED_MAX_NBYTES ((size_t)64) typedef struct ccrng_crypto_ctx { CCRNG_STATE_COMMON ccentropy_ctx_t *entropy_ctx; ccrng_schedule_ctx_t *schedule_ctx; cc_lock_ctx_t *lock_ctx; const struct ccdrbg_info *drbg_info; struct ccdrbg_state *drbg_ctx; size_t generate_chunk_nbytes; size_t seed_nbytes; size_t cache_nbytes; uint8_t *cache; size_t cache_pos; } ccrng_crypto_ctx_t; int ccrng_crypto_init(ccrng_crypto_ctx_t *ctx, ccentropy_ctx_t *entropy_ctx, ccrng_schedule_ctx_t *schedule_ctx, cc_lock_ctx_t *lock_ctx, const struct ccdrbg_info *drbg_info, struct ccdrbg_state *drbg_ctx, size_t generate_chunk_nbytes, size_t seed_nbytes, size_t cache_nbytes, void *cache); int ccrng_crypto_generate(ccrng_crypto_ctx_t *ctx, size_t nbytes, void *rand); int ccrng_crypto_reseed(ccrng_crypto_ctx_t *ctx, size_t seed_nbytes, const void *seed, size_t nonce_nbytes, const void *nonce); #endif /* _CORECRYPTO_CCRNG_CRYPTO_H_ */