Doubts about the usage of HMAC_DRBG #4388
-
|
Hi, I'm new to cryptography and I was wondering if you could help me with a question I have about how to make the structure. I don't know when to include the nonce and the personalization_string in the botan code. I would also like to use this initialization structure with jitter_entropy but i don't know how to put a entropy size and this HMAC_DRBG(std::unique_ptr prf, RandomNumberGenerator& underlying_rng, size_t reseed_interval = BOTAN_RNG_DEFAULT_RESEED_INTERVAL, size_t max_number_of_bytes_per_request = 64 * 1024); I make this code: std::string hmac_drbg(std::string const &nonce, std::string const &msg, uint8_t const &output_size)
{
std::unique_ptr<Botan::MessageAuthenticationCode> hmac(Botan::MessageAuthenticationCode::create_or_throw("HMAC(SHA-512)"));
hmac->set_key(Botan::hex_decode(nonce));
hmac->update(msg);
Botan::Jitter_RNG jitter;
Botan::HMAC_DRBG drbg(std::move(hmac), jitter);
std::vector<uint8_t> output(output_size);
drbg.randomize(output.data(), output.size());
std::string ret{Botan::hex_encode(output)};
return ret;
} |
Beta Was this translation helpful? Give feedback.
Replies: 2 comments 3 replies
-
|
First and foremost: welcome in the fascinating world of cryptography! If all you need is a cryptographically strong random byte generator without any additional requirements, please let me suggest to just use Botan's #include <botan/auto_rng.h>
#include <botan/hex.h>
#include <iostream>
int main() {
Botan::AutoSeeded_RNG rng;
std::cout << Botan::hex_encode(rng.random_vec(32)) << '\n';
return 0;
}
If you really want to incorporate entropy from the newly added #include <botan/auto_rng.h>
#include <botan/hex.h>
#include <botan/entropy_src.h>
#include <iostream>
int main() {
Botan::Entropy_Sources entropy_sources({"system_rng", "jitter_rng"});
Botan::AutoSeeded_RNG rng(entropy_sources);
std::cout << Botan::hex_encode(rng.random_vec(32)) << '\n';
return 0;
}In both cases, there's no need the manually deal with |
Beta Was this translation helpful? Give feedback.
-
|
Thanks! I don't really know how to add these variables to botan's HMAC_DRBG |
Beta Was this translation helpful? Give feedback.
-
|
I'm guessing you refer to NIST SP.800-90A? If you instantiate a pure I'll post some code as a new proposed answer. |
Beta Was this translation helpful? Give feedback.
-
|
#include <botan/hex.h>
#include <botan/hmac_drbg.h>
#include <botan/system_rng.h>
#include <iostream>
#include <ranges>
auto as_bytes(std::string_view s) {
const auto start = reinterpret_cast<const uint8_t*>(s.data());
const auto end = start + s.size();
return std::vector<uint8_t>(start, end);
}
template <std::ranges::input_range... Ts>
requires(std::same_as<uint8_t, std::ranges::range_value_t<Ts>> && ...)
constexpr auto concat(const Ts&... ranges) {
std::vector<uint8_t> result;
(result.insert(result.end(), ranges.begin(), ranges.end()), ...);
return result;
}
int main() {
// Instead of the system RNG you could use the Jitter_RNG to obtain
// initial seed material aka. entropy bits.
auto entropy_input = Botan::system_rng().random_vec(64);
auto nonce = Botan::system_rng().random_vec(16);
auto personalization_string = as_bytes("example application");
Botan::HMAC_DRBG rng("SHA-512");
// prints 'false'
std::cout << "seeded? " << std::boolalpha << rng.is_seeded() << std::endl;
rng.initialize_with(concat(entropy_input, nonce, personalization_string));
// prints 'true'
std::cout << "seeded? " << std::boolalpha << rng.is_seeded() << std::endl;
return 0;
} |
Beta Was this translation helpful? Give feedback.
-
|
Thanks!! |
Beta Was this translation helpful? Give feedback.
Botan::HMAC_DRBGhas an.initialize_with()method exactly for this use case. This method takes a single parameter "input" that is a byte array of "seed material" as required in NIST SP.800-90A Section 10.1.2.3. Here's some code to illustrate this usage: