From 212fae1dda433114fe31267af1e532f5684930ec Mon Sep 17 00:00:00 2001 From: Sun Yimin Date: Wed, 5 Jun 2024 17:47:56 +0800 Subject: [PATCH] drbg: add comments --- drbg/common.go | 11 ++++++++--- drbg/hmac_drbg.go | 11 ++++------- 2 files changed, 12 insertions(+), 10 deletions(-) diff --git a/drbg/common.go b/drbg/common.go index 9ae6bd7..28d18b9 100644 --- a/drbg/common.go +++ b/drbg/common.go @@ -62,13 +62,14 @@ func NewCtrDrbgPrng(cipherProvider func(key []byte) (cipher.Block, error), keyLe return nil, err } - // Get nonce + // Get nonce, reference to NIST SP 800-90A, 8.6.7 nonce := make([]byte, prng.securityStrength/2) err = prng.getEntropy(nonce) if err != nil { return nil, err } + // inital working state prng.impl, err = NewCtrDrbg(cipherProvider, keyLen, securityLevel, gm, entropyInput, nonce, personalization) if err != nil { return nil, err @@ -107,13 +108,14 @@ func NewHashDrbgPrng(newHash func() hash.Hash, entropySource io.Reader, security return nil, err } - // Get nonce from entropy source here + // Get nonce, reference to NIST SP 800-90A, 8.6.7 nonce := make([]byte, prng.securityStrength/2) err = prng.getEntropy(nonce) if err != nil { return nil, err } + // inital working state prng.impl, err = NewHashDrbg(newHash, securityLevel, gm, entropyInput, nonce, personalization) if err != nil { return nil, err @@ -149,13 +151,14 @@ func NewHmacDrbgPrng(newHash func() hash.Hash, entropySource io.Reader, security return nil, err } - // Get nonce from entropy source here + // Get nonce, reference to NIST SP 800-90A, 8.6.7 nonce := make([]byte, prng.securityStrength/2) err = prng.getEntropy(nonce) if err != nil { return nil, err } + // inital working state prng.impl, err = NewHmacDrbg(newHash, securityLevel, gm, entropyInput, nonce, personalization) if err != nil { return nil, err @@ -253,6 +256,8 @@ func (hd *BaseDrbg) setSecurityLevel(securityLevel SecurityLevel) { } } +// Set security_strength to the lowest security strength greater than or equal to +// requested_instantiation_security_strength from the set {112, 128, 192, 256}. func selectSecurityStrength(requested int) int { switch { case requested <= 14: diff --git a/drbg/hmac_drbg.go b/drbg/hmac_drbg.go index 0d83cf9..da9535f 100644 --- a/drbg/hmac_drbg.go +++ b/drbg/hmac_drbg.go @@ -5,8 +5,6 @@ import ( "errors" "hash" "time" - - "github.com/emmansun/gmsm/sm3" ) // HmacDrbg hmac DRBG structure, its instance is NOT goroutine safe!!! @@ -44,11 +42,6 @@ func NewHmacDrbg(newHash func() hash.Hash, securityLevel SecurityLevel, gm bool, return nil, errors.New("drbg: personalization is too long") } - if hd.hashSize <= sm3.Size { - hd.seedLength = HASH_DRBG_SEED_SIZE - } else { - hd.seedLength = HASH_DRBG_MAX_SEED_SIZE - } // HMAC_DRBG_Instantiate_process hd.key = make([]byte, hd.hashSize) hd.v = make([]byte, hd.hashSize) @@ -119,6 +112,10 @@ func (hd *HmacDrbg) MaxBytesPerRequest() int { return MAX_BYTES_PER_GENERATE } +// The HMAC_DRBG_Update function updates the internal state of +// HMAC_DRBG using the provided_data. Note that for this DRBG mechanism, the +// HMAC_DRBG_Update function also serves as a derivation function for the +// instantiate and reseed functions. func (hd *HmacDrbg) update(byteSlices ...[]byte) error { // step 1. K = HMAC(K, V || 0x00 || provided_data) md := hmac.New(hd.newHash, hd.key)