NOTE: The kernel DRBG implementation is now available upstream starting with Linux kernel 3.17. Please use the upstream Linux kernel repository to obtain the latest code. You will find current testing code for the DRBG here nonetheless.
NOTE: the libgcrypt DRBG went upstream into the libgcrypt GIT tree on Feb 22, 2016 for release with version 1.7. Please note that the gcry_control interface API has changed compared to the code offered here.
This is a clean-room implementation of the DRBG defined in SP800-90A. All three viable DRBGs defined in the standard are implemented:
The DRBG implementation offers the following:
The implementation of the DRBG available for download here integrates with the Linux kernel crypto API as well as with libgcrypt.
A test that also covers the CAVS testing framework module showing how to use the DRBG integrated with the kernel crypto API is provided in kernel/test -- a simple make compiles the kernel.
The libgcrypt version is provided in the directory libgcrypt/. The provided patch must be applied to the libgcrypt source code (currently tested with libgcrypt git development code available on 2014-03-02). In addition, the drbg.c file must be copied to the random/ directory of the libgcrypt code tree. After compiling and installing libgcrypt, the DRBG code is available. A test application in libgcrypt/test can be compiled and linked with the newly generated libgcrypt. When executing the test application, it demonstrates how the DRBG integrated with libgcrypt is invoked.
The following source code contains the implementation of the CPU Random Number Generator.
Fix libgcrypt error reporting when changing DRBG types
Fix deadlock in libgcrypt code
Add kernel/ directory which contains the consolidated kernel module that should eventually be suggested for inclusion into the kernel
Solving how personalization / additional information string can be passed through kernel crypto API. Remove of all EXPORT_SYMBOLs as all CAVS testing and normal use can go through the kernel crypto API now. See the comments in drbg.c for examples on how to use the kernel crypto API to cover all use cases of the DRBG.
Remove DRBG strength flags
Add libgcrypt/ directory for consolidated libgcrypt code/patch
Solving all open questions around libgcrypt and adding documentation to drbg.c
Add CAVS test description / reference implementation
Small bug fixes in kernel code
Kernel code: Add testmgr integration of self tests provided with patch in kernel/ directory.
Kernel: Make HMAC DRBG configurable like the other DRBG types.
Kernel: Make cores const.
libgcrypt: Make cores const.
Kernel: Fix nasty array overflow bug in drbg_create_algs.
Kernel / libgcryt: add more sanity checks
Kernel: add null test vectors to testmgr to cover all DRBG types and prevent kernel messages about untested cipher types
Kernel / libgcryt: clean up code and data structures -- thanks to Jeremy Powell and Rafael Aquini for input.
Kernel: fix memory corruption bug
Kernel: Restructuring and simplification of code
Kernel: full CAVS test in kernel/test/
libgcrypt: Restructuring and simplification of code
libgcrypt: full CAVS test in libgcrypt/test/
libgcrypt: release v4 patches and associated tests updates
kernel: release v3 patches and associated tests updates
libgcrypt: release v5 patches
kernel: release v4 through v6 patches
kernel: release v7 through v9 patches
kernel: update test kernel module to use the new .cra_name.
kernel / libgcrypt: test case requests bit string of random length up to 1MB
kernel: DRBG is now in Linux kernel RC1 and the cryptodev-2.6 development tree -- source code in tarball is now secondary
libgcrypt: backport patches from kernel DRBG code that were requested while the DRBG was added to the kernel development tree
libgcrypt: update test application to match patch set v10 sent to the libgcrypt bug tracker ID 1701