drbg: add comments

emmansun · Jun 5, 2024 · 212fae1 · 212fae1
1 parent 95bc879
commit 212fae1
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 10 deletions.
diff --git a/drbg/common.go b/drbg/common.go
@@ -62,13 +62,14 @@ func NewCtrDrbgPrng(cipherProvider func(key []byte) (cipher.Block, error), keyLe
 		return nil, err
 	}
 
-	// Get nonce
+	// Get nonce, reference to NIST SP 800-90A, 8.6.7
 	nonce := make([]byte, prng.securityStrength/2)
 	err = prng.getEntropy(nonce)
 	if err != nil {
 		return nil, err
 	}
 
+	// inital working state
 	prng.impl, err = NewCtrDrbg(cipherProvider, keyLen, securityLevel, gm, entropyInput, nonce, personalization)
 	if err != nil {
 		return nil, err
@@ -107,13 +108,14 @@ func NewHashDrbgPrng(newHash func() hash.Hash, entropySource io.Reader, security
 		return nil, err
 	}
 
-	// Get nonce from entropy source here
+	// Get nonce, reference to NIST SP 800-90A, 8.6.7
 	nonce := make([]byte, prng.securityStrength/2)
 	err = prng.getEntropy(nonce)
 	if err != nil {
 		return nil, err
 	}
 
+	// inital working state
 	prng.impl, err = NewHashDrbg(newHash, securityLevel, gm, entropyInput, nonce, personalization)
 	if err != nil {
 		return nil, err
@@ -149,13 +151,14 @@ func NewHmacDrbgPrng(newHash func() hash.Hash, entropySource io.Reader, security
 		return nil, err
 	}
 
-	// Get nonce from entropy source here
+	// Get nonce, reference to NIST SP 800-90A, 8.6.7
 	nonce := make([]byte, prng.securityStrength/2)
 	err = prng.getEntropy(nonce)
 	if err != nil {
 		return nil, err
 	}
 
+	// inital working state
 	prng.impl, err = NewHmacDrbg(newHash, securityLevel, gm, entropyInput, nonce, personalization)
 	if err != nil {
 		return nil, err
@@ -253,6 +256,8 @@ func (hd *BaseDrbg) setSecurityLevel(securityLevel SecurityLevel) {
 	}
 }
 
+// Set security_strength to the lowest security strength greater than or equal to 
+// requested_instantiation_security_strength from the set {112, 128, 192, 256}.
 func selectSecurityStrength(requested int) int {
 	switch {
 	case requested <= 14:

diff --git a/drbg/hmac_drbg.go b/drbg/hmac_drbg.go
@@ -5,8 +5,6 @@ import (
 	"errors"
 	"hash"
 	"time"
-
-	"github.com/emmansun/gmsm/sm3"
 )
 
 // HmacDrbg hmac DRBG structure, its instance is NOT goroutine safe!!!
@@ -44,11 +42,6 @@ func NewHmacDrbg(newHash func() hash.Hash, securityLevel SecurityLevel, gm bool,
 		return nil, errors.New("drbg: personalization is too long")
 	}
 
-	if hd.hashSize <= sm3.Size {
-		hd.seedLength = HASH_DRBG_SEED_SIZE
-	} else {
-		hd.seedLength = HASH_DRBG_MAX_SEED_SIZE
-	}
 	// HMAC_DRBG_Instantiate_process
 	hd.key = make([]byte, hd.hashSize)
 	hd.v = make([]byte, hd.hashSize)
@@ -119,6 +112,10 @@ func (hd *HmacDrbg) MaxBytesPerRequest() int {
 	return MAX_BYTES_PER_GENERATE
 }
 
+// The HMAC_DRBG_Update function updates the internal state of
+// HMAC_DRBG using the provided_data. Note that for this DRBG mechanism, the
+// HMAC_DRBG_Update function also serves as a derivation function for the
+// instantiate and reseed functions.
 func (hd *HmacDrbg) update(byteSlices ...[]byte) error {
 	// step 1. K = HMAC(K, V || 0x00 || provided_data)
 	md := hmac.New(hd.newHash, hd.key)