本文整理汇总了C++中ctr_drbg_init函数的典型用法代码示例。如果您正苦于以下问题:C++ ctr_drbg_init函数的具体用法?C++ ctr_drbg_init怎么用?C++ ctr_drbg_init使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了ctr_drbg_init函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C++代码示例。
示例1: ngx_ssl_init
ngx_int_t
ngx_ssl_init(ngx_log_t *log)
{
static unsigned char ctr_drbg_custom[] = "nginx-polarssl";
entropy_context entropy;
int sslerr;
/* Initialize the PRNG */
entropy_init(&entropy);
sslerr = ctr_drbg_init(&ngx_ctr_drbg, entropy_func, &entropy,
ctr_drbg_custom, ngx_strlen(ctr_drbg_custom));
if (sslerr != 0) {
ngx_mbedtls_error(NGX_LOG_EMERG, log, 0, sslerr,
"ctr_drbg_init() failed");
return NGX_ERROR;
}
#if (NGX_THREADS)
ngx_ctr_drbg_mutex = ngx_mutex_init(log, 0);
if (ngx_ctr_drbg_mutex == NULL) {
return NGX_ERROR;
}
#endif
return NGX_OK;
}示例2: rand_ctx_get
/*
* Initialise the given ctr_drbg context, using a personalisation string and an
* entropy gathering function.
*/
ctr_drbg_context * rand_ctx_get()
{
static entropy_context ec = {0};
static ctr_drbg_context cd_ctx = {0};
static bool rand_initialised = false;
if (!rand_initialised)
{
struct gc_arena gc = gc_new();
struct buffer pers_string = alloc_buf_gc(100, &gc);
/*
* Personalisation string, should be as unique as possible (see NIST
* 800-90 section 8.7.1). We have very little information at this stage.
* Include Program Name, memory address of the context and PID.
*/
buf_printf(&pers_string, "OpenVPN %0u %p %s", platform_getpid(), &cd_ctx, time_string(0, 0, 0, &gc));
/* Initialise PolarSSL RNG, and built-in entropy sources */
entropy_init(&ec);
if (0 != ctr_drbg_init(&cd_ctx, entropy_func, &ec, BPTR(&pers_string), BLEN(&pers_string)))
msg (M_FATAL, "Failed to initialize random generator");
gc_free(&gc);
rand_initialised = true;
}
return &cd_ctx;
}示例3: entropy_init
/*
shameless copy/paste from:
https://polarssl.org/kb/how-to/generate-an-aes-key
*/
unsigned char *generatekey(char *pers, int size){
ctr_drbg_context ctr_drbg = {0};
entropy_context entropy = {0};
int keysize = 0;
unsigned char *key = NULL;
int ret = 0;
//convert to bytes
keysize = size / 8;
entropy_init( &entropy );
if((ret = ctr_drbg_init(&ctr_drbg, entropy_func, &entropy, (unsigned char *)pers,strlen(pers))) != 0 ){
outputerror(DBG_ERROR,"%s\n","generatekey::failed to initialize random generator");
return NULL;
}
key = (unsigned char *)malloc(keysize);
if(key == NULL){
outputerror(DBG_ERROR,"%s\n","generatekey::failed to malloc");
return NULL;
}
if((ret = ctr_drbg_random(&ctr_drbg,key,keysize)) != 0 ){
outputerror(DBG_ERROR,"%s\n","generatekey::failed to produce random data");
return NULL;
}
entropy_free(&entropy);
return key;
}示例4: TestAESCrypto
////////////////////////////////////////////////////////////////////////////
//
// AES Encryption / Decryption - ECB Blocks
//
////////////////////////////////////////////////////////////////////////////
status TestAESCrypto( void )
{
uint8 ret;
uint8 buffer[512]; // AES - CBC can take less than 256 bytes as input
uint8 key[16]; // Key can be 16 bytes ~ 128 AES or 32 bytes 256 AES
uint8 iv[16]; // iv fixed random value of 16 bytes
uint8 updated_iv[16];
entropy_init( &entropy );
if( ( ctr_drbg_init( &ctr_drbg, entropy_func, &entropy,
(const unsigned char *) pers,
strlen( pers ) ) ) != 0 )
{
proj_printf( " failed\n ! ctr_drbg_init returned -0x%x\n", -ret );
return ( FAIL );
}
//DRBG test
proj_printf("INF: DRBG test - generate Random number");
PrngGenerateBytes( buffer, sizeof(buffer));
print_buffer(buffer,sizeof(buffer));
// Setting key, iv and buffer values
memset(buffer, 0xA5, sizeof(buffer));
print_buffer(buffer,sizeof(buffer));
PrngGenerateBytes(key,sizeof(key));
print_buffer(key,sizeof(key));
PrngGenerateBytes(iv,sizeof(iv));
print_buffer(iv,sizeof(iv));
// AES -CBC test
memcpy(updated_iv, iv, sizeof(iv));
AESCryptCBC( key, sizeof(key), AES_ENCRYPT, updated_iv, sizeof(buffer), buffer, buffer );
print_buffer(buffer, sizeof(buffer));
AESCryptCBC( key, sizeof(key), AES_DECRYPT, iv, sizeof(buffer), buffer, buffer );
print_buffer(buffer, sizeof(buffer));
// AES - ECB
AESCryptECB( key, sizeof(key), AES_ENCRYPT, buffer, buffer );
print_buffer(buffer, sizeof(buffer));
AESCryptECB( key, sizeof(key), AES_DECRYPT, buffer, buffer );
print_buffer(buffer, sizeof(buffer));
// AES - ECB Blocks
AESCryptECB_Blocks( key, sizeof(key), AES_ENCRYPT, sizeof(buffer)/16, buffer, buffer );
print_buffer(buffer, sizeof(buffer));
AESCryptECB_Blocks( key, sizeof(key), AES_DECRYPT, sizeof(buffer)/16, buffer, buffer );
print_buffer(buffer, sizeof(buffer));
return ( PASS );
}示例5: gtget_ssl_init
void gtget_ssl_init(connection_t * conn)
{
char *clientcert = NULL;
char *clientkey = NULL;
const char *pers = "gtget";
sslparam_t *ssl = calloc(1, sizeof(sslparam_t));
if (!(conn->flags & GTGET_FLAG_INSECURE)) {
char *cacertfile = alloca(strlen(conn->remote->host) + 5);
char *servercert = NULL;
strcpy(cacertfile, conn->remote->host);
strcat(cacertfile, ".pem");
if (!(servercert = tryopen_alt(conn, conn->caFile, cacertfile)))
servercert = tryopen("cacerts.pem");
if (!(servercert))
die(conn, "can't open cacert", NULL);
if (x509_crt_parse_file(&ssl->cacert, servercert))
die(conn, "error reading cacert", servercert);
}
/* read and parse the client certificate if provided */
if ((clientcert = tryopen_alt(conn, conn->ccFile, "clientcert.pem"))) {
if (!(clientkey = tryopen_alt(conn, conn->ckFile, "clientkey.pem")))
clientkey = clientcert;
if (x509_crt_parse_file(&ssl->clicert, clientcert)) {
die(conn, "error reading client certificate", clientcert);
if (clientkey && pk_parse_public_keyfile(&ssl->pk, clientkey))
die(conn, "error reading client key", clientkey);
}
write2f("using client cert: %s\n", clientcert);
write2f("using client key: %s\n", clientkey);
}
entropy_init(&ssl->entropy);
if (0 != (ctr_drbg_init(&ssl->ctr_drbg, entropy_func, &ssl->entropy,
(const unsigned char *)pers, strlen(pers))))
die(conn, "Seeding the random number generator failed", NULL);
if (ssl_init(&ssl->ssl))
die(conn, "error initializing SSL", NULL);
ssl_set_endpoint(&ssl->ssl, SSL_IS_CLIENT);
if ((conn->flags & GTGET_FLAG_INSECURE)) {
ssl_set_authmode(&ssl->ssl, SSL_VERIFY_NONE);
}
ssl_set_ca_chain(&ssl->ssl, &ssl->cacert, NULL, conn->remote->host);
ssl_set_authmode(&ssl->ssl, SSL_VERIFY_OPTIONAL);
ssl_set_verify(&ssl->ssl, verify_cb, conn);
ssl_set_ciphersuites(&ssl->ssl, ssl_list_ciphersuites());
ssl_set_session(&ssl->ssl, &ssl->ssn);
ssl_set_rng(&ssl->ssl, ctr_drbg_random, &ssl->ctr_drbg);
conn->ssl = ssl;
}示例6: init_random
int init_random(void) {
/* Initialize the rng */
entropy_init(&entropy);
entropy_add_source(&entropy, tpm_entropy_source, NULL, 0);
entropy_gather(&entropy);
ctr_drbg_init(&ctr_drbg, entropy_func, &entropy, NULL, 0);
ctr_drbg_set_prediction_resistance( &ctr_drbg, CTR_DRBG_PR_OFF );
return 0;
}示例7: ssl_init_info
int ssl_init_info(int *server_fd,ssl_info *sslinfo)
{
int ret;
const char *pers = "ssl";
x509_crt_init(&sslinfo->cacert );
entropy_init(&sslinfo->entropy );
if( ( ret = ctr_drbg_init( &sslinfo->ctr_drbg, entropy_func, &sslinfo->entropy,
(const unsigned char *) pers,
strlen( pers ) ) ) != 0 )
{
return -1;
}
if( ( ret = ssl_init( &sslinfo->ssl ) ) != 0 )
{
echo( " failed\n ! ssl_init returned %d\n\n", ret );
return -1;
}
ssl_set_endpoint( &sslinfo->ssl, SSL_IS_CLIENT );
ssl_set_authmode( &sslinfo->ssl, SSL_VERIFY_OPTIONAL );
ssl_set_ca_chain( &sslinfo->ssl, &sslinfo->cacert, NULL, "" );
ssl_set_rng( &sslinfo->ssl, ctr_drbg_random, &sslinfo->ctr_drbg );
ssl_set_bio( &sslinfo->ssl, net_recv, server_fd,net_send, server_fd );
ssl_set_session(&sslinfo->ssl, &ssn);
while((ret = ssl_handshake(&sslinfo->ssl))!=0)
{
if( ret != POLARSSL_ERR_NET_WANT_READ && ret != POLARSSL_ERR_NET_WANT_WRITE )
{
echo( " failed\n ! ssl_handshake returned -0x%x\n\n", -ret );
return -1;
}
//CPU sleep
sleeps(1);
}
if((ret = ssl_get_verify_result( &sslinfo->ssl ) ) != 0 )
{
// echo( "Verifying peer X.509 certificate...failed \r\n" );
}
else
{
echo( " ok\n" );
}
//保存session加快握手速度
if( ( ret = ssl_get_session( &sslinfo->ssl, &ssn ) ) != 0 )
{
//失败初始化
memset(&ssn, 0, sizeof(ssl_session));
}
return 0;
}示例8: chiffrer_rsa
int chiffrer_rsa(char* data, char* sortie, int taille_data )
{
FILE *f;
int ret;
size_t i;
rsa_context rsa;
entropy_context entropy;
ctr_drbg_context ctr_drbg;
char *pers = "rsa_encrypt";
printf( "[i] Seeding the random number generator\n" );
entropy_init( &entropy );
if( ( ret = ctr_drbg_init( &ctr_drbg, entropy_func, &entropy,
(unsigned char *) pers, strlen( pers ) ) ) != 0 )
{
printf( "[-] ctr_drbg_init returned %d\n", ret );
goto exit;
}
printf( "[i] Reading private key\n" );
rsa_init( &rsa, RSA_PKCS_V15, 0 );
if( ( ret = mpi_read_string( &rsa.N, RSA_N_BASE, RSA_N ) ) != 0 ||
( ret = mpi_read_string( &rsa.D, RSA_D_BASE, RSA_D ) ) != 0 )
{
printf( "[-] mpi_read_file returned %d\n", ret );
goto exit;
}
rsa.len = ( mpi_msb( &rsa.N ) + 7 ) >> 3;
/*
* Calculate the RSA encryption of the hash.
*/
printf( "[i] Generating the RSA encrypted value (%d/%d)\n", rsa.len, taille_data );
fflush( stdout );
if( ( ret = rsa_pkcs1_encrypt( &rsa, ctr_drbg_random, &ctr_drbg,
RSA_PRIVATE, taille_data,
data, sortie ) ) != 0 )
{
printf( "[-] rsa_pkcs1_encrypt returned %d\n\n", ret );
goto exit;
}
printf( "[i] Cryptogramme copie\n");
exit:
return( ret );
}示例9: enclave_main
void enclave_main(egate_t *g)
{
int random;
entropy_context ectx;
ctr_drbg_context rctx;
enclave_entropy_init(&ectx);
ctr_drbg_init(&rctx, entropy_func, &ectx, NULL, 0);
ctr_drbg_random(&rctx, (unsigned char *)&random, sizeof(int));
eg_printf(g,
"Generated random number 0x%x in the enclave.\n", random);
eg_exit(g, 0);
}示例10: ctr_drbg_init
int cCtrDrbgContext::Initialize(const void * a_Custom, size_t a_CustomSize)
{
if (m_IsValid)
{
// Already initialized
return 0;
}
int res = ctr_drbg_init(&m_CtrDrbg, entropy_func, &(m_EntropyContext->m_Entropy), reinterpret_cast<const unsigned char *>(a_Custom), a_CustomSize);
m_IsValid = (res == 0);
return res;
}示例11: ms_dtls_srtp_initialise_polarssl_dtls_context
static int ms_dtls_srtp_initialise_polarssl_dtls_context(DtlsPolarsslContext *dtlsContext, MSDtlsSrtpParams *params, RtpSession *s){
int ret;
enum DTLS_SRTP_protection_profiles dtls_srtp_protection_profiles[2] = {SRTP_AES128_CM_HMAC_SHA1_80, SRTP_AES128_CM_HMAC_SHA1_32};
memset( &(dtlsContext->ssl), 0, sizeof( ssl_context ) );
//memset( &(dtlsContext->saved_session), 0, sizeof( ssl_session ) );
ssl_cookie_init( &(dtlsContext->cookie_ctx) );
x509_crt_init( &(dtlsContext->crt) );
entropy_init( &(dtlsContext->entropy) );
ctr_drbg_init( &(dtlsContext->ctr_drbg), entropy_func, &(dtlsContext->entropy), NULL, 0 );
/* initialise certificate */
ret = x509_crt_parse( &(dtlsContext->crt), (const unsigned char *) params->pem_certificate, strlen( params->pem_certificate ) );
if( ret < 0 ) {
return ret;
}
ret = pk_parse_key( &(dtlsContext->pkey), (const unsigned char *) params->pem_pkey, strlen( params->pem_pkey ), NULL, 0 );
if( ret != 0 ) {
return ret;
}
/* ssl setup */
ssl_init(&(dtlsContext->ssl));
if( ret < 0 ) {
return ret;
}
if (params->role == MSDtlsSrtpRoleIsClient) {
ssl_set_endpoint(&(dtlsContext->ssl), SSL_IS_CLIENT);
} else if (params->role == MSDtlsSrtpRoleIsServer) {
ssl_set_endpoint(&(dtlsContext->ssl), SSL_IS_SERVER);
}
ssl_set_transport(&(dtlsContext->ssl), SSL_TRANSPORT_DATAGRAM);
ssl_set_dtls_srtp_protection_profiles( &(dtlsContext->ssl), dtls_srtp_protection_profiles, 2 ); /* TODO: get param from caller to select available profiles */
/* set CA chain */
ssl_set_authmode( &(dtlsContext->ssl), SSL_VERIFY_OPTIONAL ); /* this will force server to send his certificate to client as we need it to compute the fingerprint */
ssl_set_rng( &(dtlsContext->ssl), ctr_drbg_random, &(dtlsContext->ctr_drbg) );
ssl_set_ca_chain( &(dtlsContext->ssl), &(dtlsContext->crt), NULL, NULL );
ssl_set_own_cert( &(dtlsContext->ssl), &(dtlsContext->crt), &(dtlsContext->pkey) );
if (params->role == MSDtlsSrtpRoleIsServer) {
ssl_cookie_setup( &(dtlsContext->cookie_ctx), ctr_drbg_random, &(dtlsContext->ctr_drbg) );
ssl_set_dtls_cookies( &(dtlsContext->ssl), ssl_cookie_write, ssl_cookie_check, &(dtlsContext->cookie_ctx) );
ssl_session_reset( &(dtlsContext->ssl) );
ssl_set_client_transport_id(&(dtlsContext->ssl), (const unsigned char *)(&(s->snd.ssrc)), 4);
}
ms_mutex_init(&dtlsContext->ssl_context_mutex, NULL);
return 0;
}示例12: entropy_init
uint8_t *rsa_apply(uint8_t *input, int inlen, int *outlen, int mode) {
rsa_context trsa;
const char *pers = "rsa_encrypt";
int rc;
entropy_context entropy;
ctr_drbg_context ctr_drbg;
entropy_init(&entropy);
if ((rc = ctr_drbg_init(&ctr_drbg, entropy_func, &entropy, (const unsigned char *)pers,
strlen(pers))) != 0)
debug(1, "ctr_drbg_init returned %d\n", rc);
rsa_init(&trsa, RSA_PKCS_V21, POLARSSL_MD_SHA1); // padding and hash id get overwritten
// BTW, this seems to reset a lot of parameters in the rsa_context
rc = x509parse_key(&trsa, (unsigned char *)super_secret_key, strlen(super_secret_key), NULL, 0);
if (rc != 0)
debug(1, "Error %d reading the private key.");
uint8_t *out = NULL;
switch (mode) {
case RSA_MODE_AUTH:
trsa.padding = RSA_PKCS_V15;
trsa.hash_id = POLARSSL_MD_NONE;
debug(2, "rsa_apply encrypt");
out = malloc(trsa.len);
rc = rsa_pkcs1_encrypt(&trsa, ctr_drbg_random, &ctr_drbg, RSA_PRIVATE, inlen, input, out);
if (rc != 0)
debug(1, "rsa_pkcs1_encrypt error %d.", rc);
*outlen = trsa.len;
break;
case RSA_MODE_KEY:
debug(2, "rsa_apply decrypt");
trsa.padding = RSA_PKCS_V21;
trsa.hash_id = POLARSSL_MD_SHA1;
out = malloc(trsa.len);
#if POLARSSL_VERSION_NUMBER >= 0x01020900
rc = rsa_pkcs1_decrypt(&trsa, ctr_drbg_random, &ctr_drbg, RSA_PRIVATE, (size_t *)outlen, input,
out, trsa.len);
#else
rc = rsa_pkcs1_decrypt(&trsa, RSA_PRIVATE, outlen, input, out, trsa.len);
#endif
if (rc != 0)
debug(1, "decrypt error %d.", rc);
break;
default:
die("bad rsa mode");
}
rsa_free(&trsa);
debug(2, "rsa_apply exit");
return out;
}示例13: mrb_ctrdrbg_initialize
static mrb_value mrb_ctrdrbg_initialize(mrb_state *mrb, mrb_value self) {
ctr_drbg_context *ctr_drbg;
entropy_context *entropy_p;
mrb_value entp, pers;
int ret;
ctr_drbg = (ctr_drbg_context *)DATA_PTR(self);
if (ctr_drbg) {
mrb_free(mrb, ctr_drbg);
}
DATA_TYPE(self) = &mrb_ctr_drbg_type;
DATA_PTR(self) = NULL;
mrb_get_args(mrb, "o|S", &entp, &pers);
if (mrb_type(entp) != MRB_TT_DATA) {
mrb_raise(mrb, E_TYPE_ERROR, "wrong argument class");
}
entropy_p = DATA_CHECK_GET_PTR(mrb, entp, &mrb_entropy_type, entropy_context);
ctr_drbg = (ctr_drbg_context *)mrb_malloc(mrb, sizeof(ctr_drbg_context));
DATA_PTR(self) = ctr_drbg;
if (mrb_string_p(pers)) {
mrb_iv_set(mrb, self, mrb_intern_lit(mrb, "@pers"), pers);
ret = ctr_drbg_init(ctr_drbg, entropy_func, entropy_p, RSTRING_PTR(pers), RSTRING_LEN(pers));
} else {
ret = ctr_drbg_init(ctr_drbg, entropy_func, entropy_p, NULL, 0 );
}
if (ret == POLARSSL_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED ) {
mrb_raise(mrb, E_RUNTIME_ERROR, "Could not initialize entropy source");
}
return self;
}示例14: getTickCount
void CTTLS::initEntropy() {
if(iEntropyInicialized)return;
iEntropyInicialized=1;
int ret;
char *getEntropyFromZRTP_tmp(unsigned char *p, int iBytes);
unsigned char br[64];
unsigned int getTickCount();
unsigned int ui=getTickCount();
entropy_init( &((T_SSL*)pSSL)->entropy );
if( ( ret = ctr_drbg_init( &((T_SSL*)pSSL)->ctr_drbg, entropy_func, &((T_SSL*)pSSL)->entropy,
(unsigned char *) getEntropyFromZRTP_tmp(&br[0],63), 63 ) ) != 0 )
{
tivi_slog( " failed\n ! ctr_drbg_init returned %d", ret );
}
printf("[init tls entrpoy sp=%d ms]\n",getTickCount()-ui);
}示例15: SSL_library_init
int SSL_library_init() {
char custom_data[200];
unsigned char custom_data_md5[16];
int custom_data_size;
entropy_init(&g_entropy_context);
/* Use collection of MAC addresses as custom data */
custom_data_size = get_custom_data(custom_data, sizeof(custom_data));
/* Since PolarSSL limits size of custom data use its MD5 */
md5((unsigned char*)custom_data, custom_data_size, custom_data_md5);
ctr_drbg_init(&g_ctr_drbg_context, entropy_func, &g_entropy_context,
custom_data_md5, sizeof(custom_data_md5));
/* SSL_library_init() always returns "1" */
return 1;
}