ascon-suite/ascon-prng_8c_source.html

 /*

  * Copyright (C) 2022 Southern Storm Software, Pty Ltd.

  *

  * Permission is hereby granted, free of charge, to any person obtaining a

  * copy of this software and associated documentation files (the "Software"),

  * to deal in the Software without restriction, including without limitation

  * the rights to use, copy, modify, merge, publish, distribute, sublicense,

  * and/or sell copies of the Software, and to permit persons to whom the

  * Software is furnished to do so, subject to the following conditions:

  *

  * The above copyright notice and this permission notice shall be included

  * in all copies or substantial portions of the Software.

  *

  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS

  * OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,

  * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE

  * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER

  * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING

  * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER

  * DEALINGS IN THE SOFTWARE.

  */


 #include <ascon/random.h>

 #include <ascon/utility.h>

 #include "random/ascon-trng.h"

 #include "core/ascon-util-snp.h"


 #define ASCON_RANDOM_RESEED_LIMIT 16384


 static void ascon_random_rekey(ascon_random_state_t *state)

 {

     int temp;


     /* Zero out part of the state and run the permutation several times.

      * This enforces forward security on the SpongePRNG state. */

     ascon_xof_pad(&(state->xof));

     ascon_acquire(&(state->xof.state));

     for (temp = 0; temp < (40 - ASCON_XOF_RATE); temp += ASCON_XOF_RATE) {

         ascon_overwrite_with_zeroes(&(state->xof.state), 0, ASCON_XOF_RATE);

         ascon_permute(&(state->xof.state), 0);

     }

     ascon_release(&(state->xof.state));

 }


 int ascon_random_init(ascon_random_state_t *state)

 {

     unsigned char seed[ASCON_SYSTEM_SEED_SIZE];

     int ok;

     if (!state)

         return 0;

     ascon_xof_init_custom(&(state->xof), "SpongePRNG", 0, 0, 0);

     state->counter = 0;

     state->reserved = 0;

     ok = ascon_trng_generate(seed, sizeof(seed));

     ascon_xof_absorb(&(state->xof), seed, sizeof(seed));

     ascon_clean(seed, sizeof(seed));

     ascon_random_rekey(state);

     return ok;

 }


 void ascon_random_free(ascon_random_state_t *state)

 {

     if (state) {

         state->counter = 0;

         ascon_xof_free(&(state->xof));

     }

 }


 void ascon_random_fetch

     (ascon_random_state_t *state, unsigned char *out, size_t outlen)

 {

     /* If there is no state, use the global ascon_random() function

      * so that we return something.  Safer than returning nothing

      * to the caller by accident and having them use that nothing. */

     if (!state) {

         ascon_random(out, outlen);

         return;

     }


     /* Force a re-seed if we have generated too many bytes so far */

     if (state->counter >= ASCON_RANDOM_RESEED_LIMIT)

         ascon_random_reseed(state);


     /* Squeeze data out of the PRNG state */

     ascon_xof_squeeze(&(state->xof), out, outlen);

     if (outlen < ASCON_RANDOM_RESEED_LIMIT)

         state->counter += outlen;

     else

         state->counter = ASCON_RANDOM_RESEED_LIMIT;


     /* Re-key the PRNG to enforce forward security */

     ascon_random_rekey(state);

 }


 int ascon_random_reseed(ascon_random_state_t *state)

 {

     if (state) {

         /* Generate a new system seed and absorb it into the state */

         unsigned char seed[ASCON_SYSTEM_SEED_SIZE];

         int ok = ascon_trng_generate(seed, sizeof(seed));

         ascon_xof_absorb(&(state->xof), seed, sizeof(seed));

         ascon_clean(seed, sizeof(seed));


         /* Reset the re-seed counter to 0 */

         state->counter = 0;


         /* Re-key the PRNG to enforce forward security */

         ascon_random_rekey(state);

         return ok;

     }

     return 0;

 }


 void ascon_random_feed

     (ascon_random_state_t *state, const unsigned char *entropy, size_t size)

 {

     if (state) {

         ascon_xof_absorb(&(state->xof), entropy, size);

         ascon_xof_pad(&(state->xof));

         ascon_random_rekey(state);

     }

 }

ascon_random_reseed
int ascon_random_reseed(ascon_random_state_t *state)
Explicitly re-seeds a pseudorandom number generator from the system random number source.
Definition: ascon-prng.c:116

ascon_random_fetch
void ascon_random_fetch(ascon_random_state_t *state, unsigned char *out, size_t outlen)
Fetches data from a pseudorandom number generator.
Definition: ascon-prng.c:91

ASCON_RANDOM_RESEED_LIMIT
#define ASCON_RANDOM_RESEED_LIMIT
Automatically re-seed after generating more than this many bytes.
Definition: ascon-prng.c:31

ascon_random_free
void ascon_random_free(ascon_random_state_t *state)
Frees a pseudorandom number generator and destroys any sensitive values.
Definition: ascon-prng.c:82

ascon_random_init
int ascon_random_init(ascon_random_state_t *state)
Initializes a pseudorandom number generator from the system random number source.
Definition: ascon-prng.c:66

ascon_random_feed
void ascon_random_feed(ascon_random_state_t *state, const unsigned char *entropy, size_t size)
Feeds entropy into a pseudorandom number generator.
Definition: ascon-prng.c:136

ascon_trng_generate
int ascon_trng_generate(unsigned char *out, size_t outlen)
Generates a buffer of bytes from the system TRNG source.
Definition: ascon-trng-none.c:192

ascon-trng.h
Access to the system's random number source.

ASCON_SYSTEM_SEED_SIZE
#define ASCON_SYSTEM_SEED_SIZE
Number of bytes to request from the system TRNG to seed a PRNG.
Definition: ascon-trng.h:58

ascon-util-snp.h

ascon_overwrite_with_zeroes
void ascon_overwrite_with_zeroes(ascon_state_t *state, unsigned offset, unsigned size)
Overwrites a part of the ASCON state with zeroes.
Definition: ascon-sliced32.c:122

ascon_release
void ascon_release(ascon_state_t *state)
Temporarily releases access to any shared hardware resources that a permutation state was using.
Definition: ascon-sliced32.c:261

ascon_permute
void ascon_permute(ascon_state_t *state, uint8_t first_round)
Permutes the ASCON state with a specified number of rounds.
Definition: ascon-c32.c:36

ascon_acquire
void ascon_acquire(ascon_state_t *state)
Re-acquires access to any shared hardware resources that a permutation state was using.
Definition: ascon-sliced32.c:267

random.h
Pseudorandom number generator (PRNG) built around ASCON.

ascon_random
int ascon_random(unsigned char *out, size_t outlen)
Gets a block of random data from the system.
Definition: ascon-random.c:27

state
ascon_state_t state
[snippet_key]
Definition: snippets.c:2

ascon_random_state_t
State information for a pseudorandom number generator.
Definition: random.h:49

utility.h
System utilities of use to applications that use ASCON.

ascon_clean
void ascon_clean(void *buf, unsigned size)
Cleans a buffer that contains sensitive material.
Definition: ascon-clean.c:38

ascon_xof_free
void ascon_xof_free(ascon_xof_state_t *state)
Frees the ASCON-XOF state and destroys any sensitive material.
Definition: ascon-xof.c:218

ascon_xof_pad
void ascon_xof_pad(ascon_xof_state_t *state)
Absorbs enough zeroes into an ASCON-XOF state to pad the input to the next multiple of the block rate...
Definition: ascon-xof.c:329

ascon_xof_absorb
void ascon_xof_absorb(ascon_xof_state_t *state, const unsigned char *in, size_t inlen)
Absorbs more input data into an ASCON-XOF state.
Definition: ascon-xof.c:229

ASCON_XOF_RATE
#define ASCON_XOF_RATE
Rate of absorbing and squeezing data for ASCON-XOF, ASCON-XOFA, ASCON-HASH, and ASCON-HASHA.
Definition: xof.h:55

ascon_xof_init_custom
void ascon_xof_init_custom(ascon_xof_state_t *state, const char *function_name, const unsigned char *custom, size_t customlen, size_t outlen)
Initializes the state for an incremental ASCON-XOF operation, with a named function,...
Definition: ascon-xof.c:146

ascon_xof_squeeze
void ascon_xof_squeeze(ascon_xof_state_t *state, unsigned char *out, size_t outlen)
Squeezes output data from an ASCON-XOF state.
Definition: ascon-xof.c:279