diff --git a/include/polarssl/hmac_drbg.h b/include/polarssl/hmac_drbg.h
index 1f830d8436..36d1200492 100644
--- a/include/polarssl/hmac_drbg.h
+++ b/include/polarssl/hmac_drbg.h
@@ -37,13 +37,13 @@
#define POLARSSL_ERR_HMAC_DRBG_INPUT_TOO_BIG -0x0038 /**< Input too large (Entropy + additional). */
#define POLARSSL_ERR_HMAC_DRBG_FILE_IO_ERROR -0x003A /**< Read/write error in file. */
-#define HMAC_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
-#define HMAC_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
-#define HMAC_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
-#define HMAC_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
+#define POLARSSL_HMAC_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
+#define POLARSSL_HMAC_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
+#define POLARSSL_HMAC_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
+#define POLARSSL_HMAC_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
-#define HMAC_DRBG_PR_OFF 0 /**< No prediction resistance */
-#define HMAC_DRBG_PR_ON 1 /**< Prediction resistance enabled */
+#define POLARSSL_HMAC_DRBG_PR_OFF 0 /**< No prediction resistance */
+#define POLARSSL_HMAC_DRBG_PR_ON 1 /**< Prediction resistance enabled */
#ifdef __cplusplus
extern "C" {
@@ -125,7 +125,7 @@ int hmac_drbg_init_buf( hmac_drbg_context *ctx,
* Only use this if you have ample supply of good entropy!
*
* \param ctx HMAC_DRBG context
- * \param resistance HMAC_DRBG_PR_ON or HMAC_DRBG_PR_OFF
+ * \param resistance POLARSSL_HMAC_DRBG_PR_ON or POLARSSL_HMAC_DRBG_PR_OFF
*/
void hmac_drbg_set_prediction_resistance( hmac_drbg_context *ctx,
int resistance );
@@ -143,7 +143,7 @@ void hmac_drbg_set_entropy_len( hmac_drbg_context *ctx,
/**
* \brief Set the reseed interval
- * (Default: HMAC_DRBG_RESEED_INTERVAL)
+ * (Default: POLARSSL_HMAC_DRBG_RESEED_INTERVAL)
*
* \param ctx HMAC_DRBG context
* \param interval Reseed interval
diff --git a/library/hmac_drbg.c b/library/hmac_drbg.c
index 4195bf1f6d..43ab8f2a08 100644
--- a/library/hmac_drbg.c
+++ b/library/hmac_drbg.c
@@ -90,17 +90,17 @@ int hmac_drbg_init_buf( hmac_drbg_context *ctx,
int hmac_drbg_reseed( hmac_drbg_context *ctx,
const unsigned char *additional, size_t len )
{
- unsigned char seed[HMAC_DRBG_MAX_SEED_INPUT];
+ unsigned char seed[POLARSSL_HMAC_DRBG_MAX_SEED_INPUT];
size_t seedlen;
/* III. Check input length */
- if( len > HMAC_DRBG_MAX_INPUT ||
- ctx->entropy_len + len > HMAC_DRBG_MAX_SEED_INPUT )
+ if( len > POLARSSL_HMAC_DRBG_MAX_INPUT ||
+ ctx->entropy_len + len > POLARSSL_HMAC_DRBG_MAX_SEED_INPUT )
{
return( POLARSSL_ERR_HMAC_DRBG_INPUT_TOO_BIG );
}
- memset( seed, 0, HMAC_DRBG_MAX_SEED_INPUT );
+ memset( seed, 0, POLARSSL_HMAC_DRBG_MAX_SEED_INPUT );
/* IV. Gather entropy_len bytes of entropy for the seed */
if( ctx->f_entropy( ctx->p_entropy, seed, ctx->entropy_len ) != 0 )
@@ -150,7 +150,7 @@ int hmac_drbg_init( hmac_drbg_context *ctx,
ctx->f_entropy = f_entropy;
ctx->p_entropy = p_entropy;
- ctx->reseed_interval = HMAC_DRBG_RESEED_INTERVAL;
+ ctx->reseed_interval = POLARSSL_HMAC_DRBG_RESEED_INTERVAL;
/*
* See SP800-57 5.6.1 (p. 65-66) for the security strength provided by
@@ -217,16 +217,16 @@ int hmac_drbg_random_with_add( void *p_rng,
unsigned char *out = output;
/* II. Check request length */
- if( out_len > HMAC_DRBG_MAX_REQUEST )
+ if( out_len > POLARSSL_HMAC_DRBG_MAX_REQUEST )
return( POLARSSL_ERR_HMAC_DRBG_REQUEST_TOO_BIG );
/* III. Check input length */
- if( add_len > HMAC_DRBG_MAX_INPUT )
+ if( add_len > POLARSSL_HMAC_DRBG_MAX_INPUT )
return( POLARSSL_ERR_HMAC_DRBG_INPUT_TOO_BIG );
/* 1. (aka VII and IX) Check reseed counter and PR */
- if( ctx->f_entropy != NULL &&
- ( ctx->prediction_resistance == HMAC_DRBG_PR_ON ||
+ if( ctx->f_entropy != NULL && /* For no-reseeding instances */
+ ( ctx->prediction_resistance == POLARSSL_HMAC_DRBG_PR_ON ||
ctx->reseed_counter > ctx->reseed_interval ) )
{
if( ( ret = hmac_drbg_reseed( ctx, additional, add_len ) ) != 0 )