MCUX CLNS
MCUX Crypto Library Normal Secure
mcuxClRandomModes_CtrDrbg_AES256_DRG4_example.c

Example for the mcuxClRandomModes component

/*--------------------------------------------------------------------------*/
/* Copyright 2022-2023 NXP */
/* */
/* NXP Confidential. This software is owned or controlled by NXP and may */
/* only be used strictly in accordance with the applicable license terms. */
/* By expressly accepting such terms or by downloading, installing, */
/* activating and/or otherwise using the software, you are agreeing that */
/* you have read, and that you agree to comply with and are bound by, such */
/* license terms. If you do not agree to be bound by the applicable license */
/* terms, then you may not retain, install, activate or otherwise use the */
/* software. */
/*--------------------------------------------------------------------------*/
#include <mcuxClRandom.h>
#include <mcuxClSession.h>
#include <mcuxClCore_FunctionIdentifiers.h> // Code flow protection
#include <mcuxClExample_Session_Helper.h>
#include <mcuxClCore_Examples.h> // Defines and assertions for examples
#include <mcuxClEls.h> // Interface to the entire mcuxClEls component
#include <mcuxClExample_ELS_Helper.h>
MCUXCLEXAMPLE_FUNCTION(mcuxClRandomModes_CtrDrbg_AES256_DRG4_example)
{
/**************************************************************************/
/* Preparation */
/**************************************************************************/
if(!mcuxClExample_Els_Init(MCUXCLELS_RESET_DO_NOT_CANCEL))
{
return MCUXCLEXAMPLE_STATUS_ERROR;
}
mcuxClSession_Handle_t session = &sessionDesc;
MCUXCLEXAMPLE_ALLOCATE_AND_INITIALIZE_SESSION(session, MCUXCLRANDOMMODES_MAX_CPU_WA_BUFFER_SIZE, 0u);
/**************************************************************************/
/* DRBG selftest. */
/**************************************************************************/
session,
mcuxClRandomModes_Mode_CtrDrbg_AES256_DRG4
));
{
return MCUXCLEXAMPLE_STATUS_ERROR;
}
uint32_t context[MCUXCLRANDOMMODES_CTR_DRBG_AES256_CONTEXT_SIZE_IN_WORDS] = {0};
/**************************************************************************/
/* DRBG initialization */
/**************************************************************************/
/* Initialize an AES-256 CTR_DRBG DRG.4 */
session,
mcuxClRandomModes_Mode_CtrDrbg_AES256_DRG4
));
{
return MCUXCLEXAMPLE_STATUS_ERROR;
}
/**************************************************************************/
/* Generate several random byte strings and reseed the DRBG in between to */
/* realize forward secrecy required for a DRG.4. */
/**************************************************************************/
/* Buffers to store the generated random values in. */
uint8_t drbg_buffer1[3u];
uint8_t drbg_buffer2[16u];
uint8_t drbg_buffer3[31u];
/* Generate random values of smaller amount than one word size. */
session,
drbg_buffer1,
sizeof(drbg_buffer1)));
if((MCUX_CSSL_FP_FUNCTION_CALLED(mcuxClRandom_generate) != generate1_token) || (MCUXCLRANDOM_STATUS_OK != rg1_status))
{
return MCUXCLEXAMPLE_STATUS_ERROR;
}
/* Generate random values of multiple of word size. */
session,
drbg_buffer2,
sizeof(drbg_buffer2)));
if((MCUX_CSSL_FP_FUNCTION_CALLED(mcuxClRandom_generate) != generate2_token) || (MCUXCLRANDOM_STATUS_OK != rg2_status))
{
return MCUXCLEXAMPLE_STATUS_ERROR;
}
/* To achieve the DRG.4 requirements the reseed API needs to be called whenever forward secrecy is required.
* The following only illustrates how such reseeding is done. When reseeding actually needs to be done for forward secrecy depends on the use case.
*/
MCUX_CSSL_FP_FUNCTION_CALL_BEGIN(rr_status, reseed_token, mcuxClRandom_reseed(session));
{
return MCUXCLEXAMPLE_STATUS_ERROR;
}
/* Generate random values of larger amount than but not multiple of one word size. */
session,
drbg_buffer3,
sizeof(drbg_buffer3)));
if((MCUX_CSSL_FP_FUNCTION_CALLED(mcuxClRandom_generate) != generate3_token) || (MCUXCLRANDOM_STATUS_OK != rg3_status))
{
return MCUXCLEXAMPLE_STATUS_ERROR;
}
/**************************************************************************/
/* Cleanup */
/**************************************************************************/
/* Random uninit. */
MCUX_CSSL_FP_FUNCTION_CALL_BEGIN(ru_status, uninit_token, mcuxClRandom_uninit(session));
{
return MCUXCLEXAMPLE_STATUS_ERROR;
}
if(!mcuxClExample_Session_Clean(session))
{
return MCUXCLEXAMPLE_STATUS_ERROR;
}
if(!mcuxClExample_Els_Disable())
{
return MCUXCLEXAMPLE_STATUS_ERROR;
}
return MCUXCLEXAMPLE_STATUS_OK;
}