diff options
| author | David Hook <dgh@cryptoworkshop.com> | 2013-05-09 12:06:46 +0400 |
|---|---|---|
| committer | David Hook <dgh@cryptoworkshop.com> | 2013-05-09 12:06:46 +0400 |
| commit | d5c6cb7a61d30ff3e11e422d61d7ed3b63911cfb (patch) | |
| tree | 33e4eb8c9abc98d304cd11742ad83d6237adae09 | |
| parent | 20e39470b5ab0423b12e5f7e0e0109e646e6ec48 (diff) | |
added reseeding
3 files changed, 239 insertions, 30 deletions
diff --git a/src/main/java/org/bouncycastle/crypto/prng/CTRSP800DRBG.java b/src/main/java/org/bouncycastle/crypto/prng/CTRSP800DRBG.java index 8311e079..c3b33abb 100644 --- a/src/main/java/org/bouncycastle/crypto/prng/CTRSP800DRBG.java +++ b/src/main/java/org/bouncycastle/crypto/prng/CTRSP800DRBG.java @@ -38,40 +38,23 @@ public class CTRSP800DRBG byte[] entropy = entropySource.getEntropy(); // Get_entropy_input - System.out.println("Constructor Entropy: " + new String(Hex.encode(entropy))); - CTR_DRBG_Instantiate_algorithm(entropy, nonce, personalisationString); - - System.err.println("Constructor V : " + new String(Hex.encode(_V))); - System.err.println("Constructor Key: " + new String(Hex.encode(_Key))); - } private void CTR_DRBG_Instantiate_algorithm(byte[] entropy, byte[] nonce, byte[] personalisationString) { - if (personalisationString == null) - { - personalisationString = new byte[0]; - } - byte[] seedMaterial = Arrays.concatenate(entropy, nonce, personalisationString); - - System.out.println("Constructor SeedMaterial: " + new String(Hex.encode(seedMaterial))); - byte[] seed = Block_Cipher_df(seedMaterial, _seedLength); - System.out.println("Constructor Seed: " + new String(Hex.encode(seed))); - int outlen = _engine.getBlockSize(); _Key = new byte[(_keySizeInBits + 7) / 8]; _V = new byte[outlen]; + // _Key & _V are modified by this call CTR_DRBG_Update(seed, _Key, _V); - // _Key & _V are modified by this call - System.out.println("Key: " + new String(Hex.encode(_Key))); - System.out.println("V : " + new String(Hex.encode(_V))); + _reseedCounter = 1; } @@ -95,18 +78,22 @@ public class CTRSP800DRBG System.arraycopy(outputBlock, 0, temp, i * outLen, bytesToCopy); ++i; } - System.err.println("seed: " + new String(Hex.encode(seed))); - System.err.println("temp: " + new String(Hex.encode(temp))); + XOR(temp, seed, temp, 0); - System.err.println("temp: " + new String(Hex.encode(temp))); + System.arraycopy(temp, 0, key, 0, key.length); System.arraycopy(temp, key.length, v, 0, v.length); } private void CTR_DRBG_Reseed_algorithm(EntropySource entropy, byte[] additionalInput) { - - + byte[] seedMaterial = Arrays.concatenate(entropy.getEntropy(), additionalInput); + + seedMaterial = Block_Cipher_df(seedMaterial, _seedLength); + + CTR_DRBG_Update(seedMaterial, _Key, _V); + + _reseedCounter = 1; } private void XOR(byte[] out, byte[] a, byte[] b, int bOff) @@ -216,7 +203,7 @@ public class CTRSP800DRBG System.arraycopy(inputString, 0, S, 8, L); S[8 + L] = (byte)0x80; // S already padded with zeros - System.err.println("S :" + new String(Hex.encode(S))); + byte[] temp = new byte[_keySizeInBits / 8 + outLen]; byte[] bccOut = new byte[outLen]; @@ -310,6 +297,7 @@ public class CTRSP800DRBG if (predictionResistant) { CTR_DRBG_Reseed_algorithm(_entropySource, additionalInput); + additionalInput = null; } if (additionalInput != null) diff --git a/src/test/java/org/bouncycastle/crypto/random/test/SP800RandomTest.java b/src/test/java/org/bouncycastle/crypto/random/test/SP800RandomTest.java index b18f30b0..c84b5744 100644 --- a/src/test/java/org/bouncycastle/crypto/random/test/SP800RandomTest.java +++ b/src/test/java/org/bouncycastle/crypto/random/test/SP800RandomTest.java @@ -220,6 +220,22 @@ public class SP800RandomTest ); doCTRTest(tv); + + tv = new DRBGTestVector( + new DESedeEngine(), 168, + new Bit232EntropyProvider().get(232), + true, + "20212223242526", + 112, + new String[] + { + "64983055D014550B39DE699E43130B64", + "035FDDA8582A2214EC722C410A8D95D3" + } + ) + .setPersonalizationString("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C"); + + doCTRTest(tv); } private void doCTRTest(DRBGTestVector tv) diff --git a/src/test/java/org/bouncycastle/crypto/test/CTRDRBGTest.java b/src/test/java/org/bouncycastle/crypto/test/CTRDRBGTest.java index 31a98e08..813bbed3 100644 --- a/src/test/java/org/bouncycastle/crypto/test/CTRDRBGTest.java +++ b/src/test/java/org/bouncycastle/crypto/test/CTRDRBGTest.java @@ -61,10 +61,11 @@ public class CTRDRBGTest 112, new String[] { - "ABC88224514D0316EA3D48AEE3C9A2B4", - "D3D3F372E43E7ABDC4FA293743EED076" + "760BED7D92B083B10AF31CF0656081EB", + "FD1AC41482384D823CF3FD6F0E6C88B3" } - ), + ) + .setPersonalizationString("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C"), new DRBGTestVector( new DESedeEngine(), 168, new Bit232EntropyProvider().get(232), @@ -73,12 +74,146 @@ public class CTRDRBGTest 112, new String[] { - "760BED7D92B083B10AF31CF0656081EB", - "FD1AC41482384D823CF3FD6F0E6C88B3" + "7A4C1D7ADC8A67FDB50100ED23583A2C", + "43044D311C0E07541CA5C8B0916976B2" + } + ) + .setPersonalizationString("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C") + .addAdditionalInput("606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C") + .addAdditionalInput("A0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBC"), + new DRBGTestVector( + new DESedeEngine(), 168, + new Bit232EntropyProvider().get(232), + true, + "20212223242526", + 112, + new String[] + { + "8FB78ABCA75C9F284E974E36141866BC", + "9D9745FF31C42A4488CBB771B13B5D86" + } + ), + new DRBGTestVector( + new DESedeEngine(), 168, + new Bit232EntropyProvider().get(232), + true, + "20212223242526", + 112, + new String[] + { + "0E389920A09B485AA4ABD0CA7E60D89C", + "F4478EC6659A0D3577625B0C73A211DD" + } + ) + .addAdditionalInput("606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C") + .addAdditionalInput("A0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBC"), + new DRBGTestVector( + new DESedeEngine(), 168, + new Bit232EntropyProvider().get(232), + true, + "20212223242526", + 112, + new String[] + { + "64983055D014550B39DE699E43130B64", + "035FDDA8582A2214EC722C410A8D95D3" } ) .setPersonalizationString("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C"), new DRBGTestVector( + new DESedeEngine(), 168, + new Bit232EntropyProvider().get(232), + true, + "20212223242526", + 112, + new String[] + { + "A29C1A8C42FBC562D7D1DBA7DC541FFE", + "0BDA66B049429061C013E4228C2F44C6" + } + ) + .setPersonalizationString("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C") + .addAdditionalInput("606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C") + .addAdditionalInput("A0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBC"), + new DRBGTestVector( + new AESFastEngine(), 128, + new Bit256EntropyProvider().get(256), + false, + "2021222324252627", + 128, + new String[] + { + "8CF59C8CF6888B96EB1C1E3E79D82387AF08A9E5FF75E23F1FBCD4559B6B997E", + "69CDEF912C692D61B1DA4C05146B52EB7B8849BD87937835328254EC25A9180E" + } + ), + new DRBGTestVector( + new AESFastEngine(), 128, + new Bit256EntropyProvider().get(256), + false, + "2021222324252627", + 128, + new String[] + { + "E8C74A4B7BFFB53BEB80E78CA86BB6DF70E2032AEB473E0DD54D2339CEFCE9D0", + "26B3F823B4DBAFC23B141375E10B3AEB7A0B5DEF1C7D760B6F827D01ECD17AC7" + } + ) + .addAdditionalInput("606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F") + .addAdditionalInput("A0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBF"), + new DRBGTestVector( + new AESFastEngine(), 128, + new Bit256EntropyProvider().get(256), + false, + "2021222324252627", + 128, + new String[] + { + "18FDEFBDC43D7A36D5D6D862205765D1D701C9F237007030DF1B8E70EE4EEE29", + "9888F1D38BB1CCE31B363AA1BD9B39616876C30DEE1FF0B7BD8C4C441715C833" + } + ) + .setPersonalizationString("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F"), + new DRBGTestVector( + new AESFastEngine(), 128, + new Bit256EntropyProvider().get(256), + true, + "2021222324252627", + 128, + new String[] + { + "BFF4B85D68C84529F24F69F9ACF1756E29BA648DDEB825C225FA32BA490EF4A9", + "9BD2635137A52AF7D0FCBEFEFB97EA93A0F4C438BD98956C0DACB04F15EE25B3" + } + ), + new DRBGTestVector( + new AESFastEngine(), 128, + new Bit256EntropyProvider().get(256), + true, + "2021222324252627", + 128, + new String[] + { + "4573AC8BBB33D7CC4DBEF3EEDF6EAE748B536C3A1082CEE4948CDB51C83A7F9C", + "99C628CDD87BD8C2F1FE443AA7F761DA16886436326323354DA6311FFF5BC678" + } + ) + .addAdditionalInput("606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F") + .addAdditionalInput("A0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBF"), + new DRBGTestVector( + new AESFastEngine(), 128, + new Bit256EntropyProvider().get(256), + true, + "2021222324252627", + 128, + new String[] + { + "F324104E2FA14F79D8AA60DF06B93B3BC157324958F0A7EE1E193677A70E0250", + "78F4C840134F40DC001BFAD3A90B5EF4DEBDBFAC3CFDF0CD69A89DC4FD34713F" + } + ) + .setPersonalizationString("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F"), + new DRBGTestVector( new AESFastEngine(), 192, new Bit320EntropyProvider().get(320), false, @@ -92,6 +227,19 @@ public class CTRDRBGTest ) .setPersonalizationString("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F6061626364656667"), new DRBGTestVector( + new AESFastEngine(), 192, + new Bit320EntropyProvider().get(320), + true, + "202122232425262728292A2B", + 192, + new String[] + { + "F780D4A2C25CF8EE7407D948EC0B724A4235D8B20E65081392755CA7912AD7C0", + "BA14617F915BA964CB79276BDADC840C14B631BBD1A59097054FA6DFF863B238" + } + ) + .setPersonalizationString("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F6061626364656667"), + new DRBGTestVector( new AESFastEngine(), 256, new Bit384EntropyProvider().get(384), false, @@ -105,6 +253,48 @@ public class CTRDRBGTest ) .setPersonalizationString("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F") .addAdditionalInput("606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F") + .addAdditionalInput("A0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7C8C9CACBCCCDCECF"), + new DRBGTestVector( + new AESFastEngine(), 256, + new Bit384EntropyProvider().get(384), + true, + "202122232425262728292A2B2C2D2E2F", + 256, + new String[] + { + "71BB3F9C9CEAF4E6C92A83EB4C7225010EE150AC75E23F5F77AD5073EF24D88A", + "386DEBBBF091BBF0502957B0329938FB836B82E594A2F5FDD5EB28D4E35528F4" + } + ) + .addAdditionalInput("606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F") + .addAdditionalInput("A0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7C8C9CACBCCCDCECF"), + new DRBGTestVector( + new AESFastEngine(), 256, + new Bit384EntropyProvider().get(384), + true, + "202122232425262728292A2B2C2D2E2F", + 256, + new String[] + { + "1A2E3FEE9056E98D375525FDC2B63B95B47CE51FCF594D804BD5A17F2E01139B", + "601F95384F0D85946301D1EACE8F645A825CE38F1E2565B0C0C439448E9CA8AC" + } + ) + .setPersonalizationString("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F"), + new DRBGTestVector( + new AESFastEngine(), 256, + new Bit384EntropyProvider().get(384), + true, + "202122232425262728292A2B2C2D2E2F", + 256, + new String[] + { + "EAE6BCE781807E524D26605EA198077932D01EEB445B9AC6C5D99C101D29F46E", + "738E99C95AF59519AAD37FF3D5180986ADEBAB6E95836725097E50A8D1D0BD28" + } + ) + .setPersonalizationString("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F") + .addAdditionalInput("606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F") .addAdditionalInput("A0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7C8C9CACBCCCDCECF") }; } @@ -158,6 +348,21 @@ public class CTRDRBGTest } } + private class Bit256EntropyProvider + extends TestEntropySourceProvider + { + Bit256EntropyProvider() + { + super(Hex.decode( + "0001020304050607"+ + "08090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F"+ + "8081828384858687"+ + "88898A8B8C8D8E8F909192939495969798999A9B9C9D9E9F"+ + "C0C1C2C3C4C5C6C7"+ + "C8C9CACBCCCDCECFD0D1D2D3D4D5D6D7D8D9DADBDCDDDEDF"), true); + } + } + private class Bit320EntropyProvider extends TestEntropySourceProvider { |