SP800-90A Deterministic Random Bit Generator (DRBG)

This is a clean-room implementation of the DRBG defined in SP800-90A. All three viable DRBGs defined in the standard are implemented:

The DRBG implementation offers the following:

The implementation of the DRBG available for download here integrates with the Linux kernel crypto API as well as with libgcrypt.

A test that also covers the CAVS testing framework module showing how to use the DRBG integrated with the kernel crypto API is provided in kernel/test -- a simple make compiles the kernel.

The libgcrypt version is provided in the directory libgcrypt/. The provided patch must be applied to the libgcrypt source code (currently tested with libgcrypt git development code available on 2014-03-02). In addition, the drbg.c file must be copied to the random/ directory of the libgcrypt code tree. After compiling and installing libgcrypt, the DRBG code is available. A test application in libgcrypt/test can be compiled and linked with the newly generated libgcrypt. When executing the test application, it demonstrates how the DRBG integrated with libgcrypt is invoked.

Source Code

The following source code contains the implementation of the CPU Random Number Generator.

Link Changes
20140225 Initial version
20140226

Fix libgcrypt error reporting when changing DRBG types

Fix deadlock in libgcrypt code

20140227

Add kernel/ directory which contains the consolidated kernel module that should eventually be suggested for inclusion into the kernel

20140228

Solving how personalization / additional information string can be passed through kernel crypto API. Remove of all EXPORT_SYMBOLs as all CAVS testing and normal use can go through the kernel crypto API now. See the comments in drbg.c for examples on how to use the kernel crypto API to cover all use cases of the DRBG.

20140302

Remove DRBG strength flags

Add libgcrypt/ directory for consolidated libgcrypt code/patch

Solving all open questions around libgcrypt and adding documentation to drbg.c

Add CAVS test description / reference implementation

Small bug fixes in kernel code

20140303

Kernel code: Add testmgr integration of self tests provided with patch in kernel/ directory.

20140304

Kernel: Make HMAC DRBG configurable like the other DRBG types.

Kernel: Make cores[] const.

libgcrypt: Make cores[] const.

Kernel: Fix nasty array overflow bug in drbg_create_algs.

20140306

Kernel / libgcryt: add more sanity checks

Kernel: add null test vectors to testmgr to cover all DRBG types and prevent kernel messages about untested cipher types

20140309

Kernel / libgcryt: clean up code and data structures -- thanks to Jeremy Powell and Rafael Aquini for input.

Kernel: fix memory corruption bug

20140317

Kernel: Restructuring and simplification of code

Kernel: full CAVS test in kernel/test/

20140319

libgcrypt: Restructuring and simplification of code

libgcrypt: full CAVS test in libgcrypt/test/

20140327

libgcrypt: release v4 patches and associated tests updates

kernel: release v3 patches and associated tests updates

20140429

libgcrypt: release v5 patches

kernel: release v4 through v6 patches

20140603

kernel: release v7 through v9 patches

kernel: update test kernel module to use the new .cra_name.

20140825

kernel / libgcrypt: test case requests bit string of random length up to 1MB

kernel: DRBG is now in Linux kernel RC1 and the cryptodev-2.6 development tree -- source code in tarball is now secondary

libgcrypt: backport patches from kernel DRBG code that were requested while the DRBG was added to the kernel development tree

20140907

libgcrypt: update test application to match patch set v10 sent to the libgcrypt bug tracker ID 1701

2014-09-07 smueller at chronox.de