ica_drbg_instantiate

Purpose

This function instantiates a NIST SP800-90A compliant deterministic random bit generator.

Format


int ica_drbg_instantiate(ica_drbg_t **sh,
  int sec,
  bool pr,
  ica_drbg_mech_t *mech,
  const unsigned char *pers,
  size_t pers_len);

Parameters

ica_drbg_t **sh
State handle pointer. The (invalid) state handle is set to identify the new DRBG instantiation and thus becomes valid.
int sec
Requested security strength in bits of the new DRBG instantiation. The security strength is set to the lowest value supported by its DRBG mechanism that is greater than or equal to your selected sec value (see Table 1). For example, if you request security strength 160 for your instance, it is actually set to 196.
bool pr
Prediction resistance flag. Indicates whether or not prediction resistance may be required by the consuming application during one or more requests for pseudo random bytes.
ica_drbg_mech_t *mech
Pointer to the mechanism type selected for the new DRBG instantiation. The new instantiation is then of this mechanism type. For available mechanisms, see Table 1.
const unsigned char *pers
Pointer to a personalization string. This is optional input that provides personalization information. The personalization string should be unique for all instantiations of the same mechanism type. NULL indicates that no personalization string is used (not recommended).
size_t pers_len
Length in bytes of the string referenced by *pers.

Return codes

0
Success
ENOTSUP
Prediction resistance or the requested security strength is not supported.
EPERM
Failed to obtain a valid timestamp from clock.
ICA_DBRG_HEALTH_TEST_FAIL
Health test failed, see ica_drbg_health_test.
ICA_DBRG_ENTROPY_SOURCE_FAIL
Entropy source failed.