mbedtls_ctr_drbg_seed() function

- The \p custom string. In addition, if you do not pass a nonce in \p custom, the sum of the entropy length and the entropy nonce length must be: - at least 24 bytes for a 128-bit strength (maximum achievable strength when using AES-128); - at least 48 bytes for a 256-bit strength (maximum achievable strength when using AES-256).

Syntax

Show:

Summary

Declaration

Definition

from ctr_drbg.h:347

int mbedtls_ctr_drbg_seed(mbedtls_ctr_drbg_context *ctx, int (*f_entropy)(void *, unsigned char *, size_t), void *p_entropy, const unsigned char *custom, size_t len);

Implemented in ctr_drbg.c:535

Arguments

Argument

Declared as

Description

ctx

mbedtls_ctr_drbg_context *

The CTR_DRBG context to seed. It must have been initialized with mbedtls_ctr_drbg_init(). After a successful call to mbedtls_ctr_drbg_seed(), you may not call mbedtls_ctr_drbg_seed() again on the same context unless you call mbedtls_ctr_drbg_free() and mbedtls_ctr_drbg_init() again first. After a failed call to mbedtls_ctr_drbg_seed(), you must call mbedtls_ctr_drbg_free().

f_entropy

int (*)(void *, unsigned char *, size_t)

The entropy callback, taking as arguments the \p p_entropy context, the buffer to fill, and the length of the buffer. \p f_entropy is always called with a buffer size less than or equal to the entropy length.

p_entropy

void *

The entropy context to pass to \p f_entropy.

custom

const unsigned char *

The personalization string. This can be \c NULL, in which case the personalization string is empty regardless of the value of \p len.

len

size_t

The length of the personalization string. This must be at most #MBEDTLS_CTR_DRBG_MAX_SEED_INPUT - #MBEDTLS_CTR_DRBG_ENTROPY_LEN.

Return value

\c 0 on success. #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED on failure.

Notes

To achieve the nominal security strength permitted by CTR_DRBG, the entropy length must be: - at least 16 bytes for a 128-bit strength (maximum achievable strength when using AES-128); - at least 32 bytes for a 256-bit strength (maximum achievable strength when using AES-256).