Ejemplo n.º 1
0
  /**
   * Reseed the DRBG.
   *
   * @param additionalInput additional input to be added to the DRBG in this step.
   */
  public void reseed(byte[] additionalInput) {
    // 1. seed_material = 0x01 || V || entropy_input || additional_input.
    //
    // 2. seed = Hash_df (seed_material, seedlen).
    //
    // 3. V = seed.
    //
    // 4. C = Hash_df ((0x00 || V), seedlen).
    //
    // 5. reseed_counter = 1.
    //
    // 6. Return V, C, and reseed_counter for the new_working_state.
    //
    // Comment: Precede with a byte of all zeros.
    byte[] entropy = getEntropy();
    byte[] seedMaterial = Arrays.concatenate(ONE, _V, entropy, additionalInput);
    byte[] seed = Utils.hash_df(_digest, seedMaterial, _seedLength);

    _V = seed;
    byte[] subV = new byte[_V.length + 1];
    subV[0] = 0x00;
    System.arraycopy(_V, 0, subV, 1, _V.length);
    _C = Utils.hash_df(_digest, subV, _seedLength);

    _reseedCounter = 1;
  }
Ejemplo n.º 2
0
  private void CTR_DRBG_Reseed_algorithm(byte[] additionalInput) {
    byte[] seedMaterial = Arrays.concatenate(getEntropy(), additionalInput);

    seedMaterial = Block_Cipher_df(seedMaterial, _seedLength);

    CTR_DRBG_Update(seedMaterial, _Key, _V);

    _reseedCounter = 1;
  }
Ejemplo n.º 3
0
 protected int[] getCipherSuites() {
   return Arrays.concatenate(
       super.getCipherSuites(),
       new int[] {
         CipherSuite.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
         CipherSuite.TLS_ECDHE_RSA_WITH_ESTREAM_SALSA20_SHA1,
         CipherSuite.TLS_ECDHE_RSA_WITH_SALSA20_SHA1,
         CipherSuite.TLS_RSA_WITH_ESTREAM_SALSA20_SHA1,
         CipherSuite.TLS_RSA_WITH_SALSA20_SHA1,
       });
 }
Ejemplo n.º 4
0
  private void CTR_DRBG_Instantiate_algorithm(
      byte[] entropy, byte[] nonce, byte[] personalisationString) {
    byte[] seedMaterial = Arrays.concatenate(entropy, nonce, personalisationString);
    byte[] seed = Block_Cipher_df(seedMaterial, _seedLength);

    int outlen = _engine.getBlockSize();

    _Key = new byte[(_keySizeInBits + 7) / 8];
    _V = new byte[outlen];

    // _Key & _V are modified by this call
    CTR_DRBG_Update(seed, _Key, _V);

    _reseedCounter = 1;
  }
Ejemplo n.º 5
0
  /**
   * Construct a SP800-90A Hash DRBG.
   *
   * <p>Minimum entropy requirement is the security strength requested.
   *
   * @param digest source digest to use for DRB stream.
   * @param securityStrength security strength required (in bits)
   * @param entropySource source of entropy to use for seeding/reseeding.
   * @param personalizationString personalization string to distinguish this DRBG (may be null).
   * @param nonce nonce to further distinguish this DRBG (may be null).
   */
  public HashSP800DRBG(
      Digest digest,
      int securityStrength,
      EntropySource entropySource,
      byte[] personalizationString,
      byte[] nonce) {
    if (securityStrength > Utils.getMaxSecurityStrength(digest)) {
      throw new IllegalArgumentException(
          "Requested security strength is not supported by the derivation function");
    }

    if (entropySource.entropySize() < securityStrength) {
      throw new IllegalArgumentException("Not enough entropy for security strength required");
    }

    _digest = digest;
    _entropySource = entropySource;
    _securityStrength = securityStrength;
    _seedLength = ((Integer) seedlens.get(digest.getAlgorithmName())).intValue();

    // 1. seed_material = entropy_input || nonce || personalization_string.
    // 2. seed = Hash_df (seed_material, seedlen).
    // 3. V = seed.
    // 4. C = Hash_df ((0x00 || V), seedlen). Comment: Preceed V with a byte
    // of zeros.
    // 5. reseed_counter = 1.
    // 6. Return V, C, and reseed_counter as the initial_working_state

    byte[] entropy = getEntropy();
    byte[] seedMaterial = Arrays.concatenate(entropy, nonce, personalizationString);
    byte[] seed = Utils.hash_df(_digest, seedMaterial, _seedLength);

    _V = seed;
    byte[] subV = new byte[_V.length + 1];
    System.arraycopy(_V, 0, subV, 1, _V.length);
    _C = Utils.hash_df(_digest, subV, _seedLength);

    _reseedCounter = 1;
  }