decoder-reseed
- C
- C++
- CSharp
- Java
- JavaScript
- Swift
- Go
- PHP
// Get the Decoder DRBG reseed counter.
// This is the MTE's current seed count.
uint64_t current_seed = mte_dec_reseed_counter(decoder);
// Get the Decoder DRBG max reseed interval.
uint64_t max_seed = mte_base_drbgs_reseed_interval(MTE_DRBG_ENUM);
// For example, if the current seed is greater than 90% of the max seed,
// uninstantiate the MTE then Reinitialize the MTE.
// with a new entropy and nonce to reseed.
if (current_seed > (max_seed * 0.9))
{
// Uninstantiate the Decoder.
mte_status decoder_status = mte_dec_uninstantiate(decoder);
if (decoder_status != mte_status_success)
{
fprintf(stderr, "Failed to uninstantiate Decoder (%s): %s\n",
mte_base_status_name(decoder_status),
mte_base_status_description(decoder_status));
return decoder_status;
}
// Now the Decoder and matching Encoder must be re-paired with a new entropy and nonce.
//=============================================================
// TODO: Developer adds code to re-pair with entropy and nonce.
//=============================================================
}
// Get the Decoder DRBG reseed counter.
// This is the MTE's current seed count.
uint64_t currentSeed = decoder.getReseedCounter();
// Get the Decoder DRBG max reseed interval.
uint64_t maxSeed = MteBase::getDrbgsReseedInterval(MTE_DRBG_ENUM);
// For example, if the current seed is greater than 90% of the max seed,
// uninstantiate the MTE then Reinitialize the MTE.
// with a new entropy and nonce to reseed.
if (currentSeed > (maxSeed * 0.9))
{
// Uninstantiate the Decoder.
mte_status decoderStatus = decoder.uninstantiate();
if (decoderStatus != mte_status_success)
{
std::cerr << "Decoder uninstantiate error ("
<< MteBase::getStatusName(decoderStatus)
<< "): "
<< MteBase::getStatusDescription(decoderStatus)
<< std::endl;
return decoderStatus;
}
// Now the Decoder and matching Encoder must be re-paired with a new entropy and nonce.
//=============================================================
// TODO: Developer adds code to re-pair with entropy and nonce.
//=============================================================
}
//--------------------------------------
// Get the Decoder DRBG reseed counter
// This is the MTE's current seed count
ulong currentSeed = mteDecoder.GetReseedCounter();
//------------------------------------------
// Get the Decoder DRBG max reseed interval
ulong maxSeed = mteBase.GetDrbgsReseedInterval(mteDecoder.GetDrbg());
//---------------------------------------------------------
// If the current seed is greater than 90% of the max seed
// Uninstantiate the MTE then Reinitialize the MTE
// with a new entropy and nonce to reseed
if (currentSeed > (maxSeed * 0.9)) {
//---------------------------
// Uninstantiate the Decoder
MteStatus decoderStatus = mteDecoder.Uninstantiate();
if(decoderStatus != MteStatus.mte_status_success) {
//-------------------------------------------------
// MTE was not uninstantiated as desired so handle
// failure appropriately, below is only an example
throw new Exception("Failed to uninstantiate Decoder. Status: "
+ mteDecoder.GetStatusName(decoderStatus)+ " / "
+ mteDecoder.GetStatusDescription(decoderStatus));
}
//---------------------------------------
// Re-handshake to get new entropy value
// AND new nonce value
// Full code sample not here, to see example
// please see Diffie-Hellman Key Exchange
HandshakeModel handshake = MethodToHandshake();
//-------------------------------
// Set Decoder entropy and nonce
mteDecoder.SetEntropy(Encoding.UTF8.GetBytes(handshake.NewEncoderEntropy));
mteDecoder.SetNonce(handshake.NewNonce);
//------------------------
// Initialize MTE Decoder
MteStatus decoderStatus = mteDecoder.Instantiate(personalizationString);
if(decoderStatus !=MteStatus.mte_status_success) {
//-----------------------------------------------------
// MTE cannot continue so handle failure appropriately
// Below is just an example
throw new ApplicationException($"Failed to initialize the MTE Decoder engine." +
$"Status: {mteDecoder.GetStatusName(decoderStatus)} / " +
$"{mteDecoder.GetStatusDescription(decoderStatus)}");
}
}
//--------------------------------------
// Get the Decoder DRBG reseed counter
// This is the MTE's current seed count
long currentSeed = mteDecoder.getReseedCounter();
//------------------------------------------
// Get the Decoder DRBG max reseed interval
long maxSeed = MteBase.getDrbgsReseedInterval(mteDecoder.getDrbg());
//---------------------------------------------------------
// If the current seed is greater than 90% of the max seed
// Uninstantiate the MTE then Reinitialize the MTE
// with a new entropy and nonce to reseed
if(currentSeed > (_maxSeed * .9)) {
// Uninstantiate the Decoder
MteStatus decoderStatus = mkeDecoder.uninstantiate();
if(decoderStatus != MteStatus.mte_status_success) {
// MTE was not uninstantiated as desired so handle failure appropriately
// Below is only an example
throw new Exception("Failed to uninstantiate Decoder. Status: "
+ MteBase.getStatusName(decoderStatus)+ " / "
+ MteBase.getStatusDescription(decoderStatus));
}
//---------------------------------------
// Re-handshake to get new entropy value
// AND new nonce value
// Full code sample not here, to see example
// please see Diffie-Hellman Key Exchange
HandshakeResponse handshake = MethodToHandshake();
//-------------------------------
// Set Encoder entropy and nonce
mteDecoder.setEntropy(handshake.NewEncoderEntropy.getBytes()));
mteDecoder.setNonce(handshake.NewNonce);
//------------------------
// Initialize MTE Encoder
MteStatus decoderStatus = mteDecoder.instantiate(personalizationString);
if(decoderStatus !=MteStatus.mte_status_success) {
//-----------------------------------------------------
// MTE cannot continue so handle failure appropriately
// Below is just an example
throw new Exception("Error creating Decoder: Status: "
+ MteBase.getStatusName(decoderStatus) + " / "
+ MteBase.getStatusDescription(decoderStatus);
}
}
info
JavaScript works a little differently than other languages due to having to use a different type once it reaches 16 digits. You can get more info on BigInts on MDN. Because of this, we specifically cast to Number, only grab 15 digits of precision, and reseed at 80% of the max seed instead of 90%.
//--------------------------------------
// Get the Decoder DRBG reseed counter
// This is the MTE's current seed count
const currentSeed = Number(
String(mteDecoder.getReseedCounter()).substring(0, 15),
);
//------------------------------------------
// Get the Decoder DRBG max reseed interval
const maxSeed = Number(
String(mteDecoder.getDrbgsReseedInterval(drbg)).substring(0, 15),
);
//---------------------------------------------------------
// If the current seed is greater than 90% of the max seed
// Uninstantiate the MTE then Reinitialize the MTE
// with a new entropy and nonce to reseed
if (currentSeed > maxSeed * 0.8) {
//---------------------------
// Uninstantiate the Decoder
const decoderStatus = mteDecoder.uninstantiate();
if (decoderStatus !== MteStatus.mte_status_success) {
//-------------------------------------------------
// MTE was not uninstantiated as desired so handle
// failure appropriately, below is only an example
throw new Error(
`Failed to uninstantiate Decoder. ` +
`Status: ${mteDecoder.getStatusName(decoderStatus)} ` +
`/ ${mteDecoder.getStatusDescription(decoderStatus)}`,
);
}
//---------------------------------------
// Re-handshake to get new entropy value
// AND new nonce value
// Full code sample not here, to see example
// please see Diffie-Hellman Key Exchange
const handshake = methodToHandshake();
//-------------------------------
// Set Decoder entropy and nonce
mteDecoder.setEntropy(handshake.newEncoderEntropy);
mteDecoder.setNonce(handshake.newNonce);
//------------------------
// Initialize MTE Decoder
const decoderStatus = mteDecoder.instantiate(personalizationString);
if (decoderStatus !== MteStatus.mte_status_success) {
//-----------------------------------------------------
// MTE cannot continue so handle failure appropriately
// Below is just an example
throw new Error(
`Failed to initialize the MTE Decoder engine.` +
`Status: ${mteDecoder.getStatusName(decoderStatus)} / ` +
`${mteDecoder.getStatusDescription(decoderStatus)}`,
);
}
}
// Get the Decoder DRBG reseed counter.
// This is the MTE's current seed count.
let currentSeed:UInt64 = decoder.getReseedCounter()
// Get the Decoder DRBG max reseed interval.
let maxSeed:UInt64 = MteBase.getDrbgsReseedInterval(decoder.getDrbg())
// For example, if the current seed is greater than 90% of the max seed,
// uninstantiate the MTE then Reinitialize the MTE.
// with a new entropy and nonce to reseed.
if (currentSeed > (maxSeed * UInt64(0.9))) {
// Uninstantiate the Decoder.
let decoderStatus:mte_status = decoder.uninstantiate()
if (decoderStatus != mte_status_success) {
print("Decoder uninstantiate error (\(MteBase.getStatusName(decoderStatus))): " +
MteBase.getStatusDescription(decoderStatus))
return Int32(decoderStatus.rawValue)
}
// Now the Decoder and matching Encoder must be re-paired with a new entropy and nonce.
//=============================================================
// TODO: Developer adds code to re-pair with entropy and nonce.
//=============================================================
}
//--------------------------------------
// Get the Decoder DRBG reseed counter
// This is the MTE's current seed count
currentSeed := mteDecoder.getReseedCounter()
//------------------------------------------
// Get the Decoder DRBG max reseed interval
maxSeed := mteDecoder.getDrbgReseedInterval(mteDecoder.getDrbg())
if currentSeed > (maxSeed * .9) {
// Uninstantiate the Decoder
decoderStatus := mteDecoder.Uninstantiate()
if decoderStatus != mte.Status_mte_status_success {
// Handle Decoder uninstantiate failure appropriately
// Below is only an example
fmt.Fprintf(os.Stderr, "Decoder uninstantiate error (%v): %v\n",
mte.GetStatusName(decoderStatus),
mte.GetStatusDescription(decoderStatus))
return int(decoderStatus)
}
//---------------------------------------
// Re-handshake to get new entropy value
// AND new nonce value
// Full code sample not here, to see example
// please see Diffie-Hellman Key Exchange
handshake := MethodToHandshake();
//--------------------
// Initialize Decoder
//--------------------
mteDecoder.SetEntropy(handshake.newDecoderEntropy)
mteDecoder.SetNonceInt(handshake.newNonce)
decoderStatus := mteDecoder.InstantiateStr(personalizationString)
if decoderStatus != mte.Status_mte_status_success {
fmt.Fprintf(os.Stderr, "Decoder instantiate error (%v): %v\n",
mte.GetStatusName(decoderStatus),
mte.GetStatusDescription(decoderStatus))
return (int)decoderStatus
}
}
<?php
//--------------------------------------
// Get the Decoder DRBG reseed counter
// This is the MTE's current seed count
$currentSeed = $mteDecoder->getReseedCounter();
//------------------------------------------
// Get the Decoder DRBG max reseed interval
$maxSeed = $mteDecoder->getDrbgReseedInterval(constant($mteDecoder->getDrbg()));
if ($currentSeed > ($maxSeed * .9)) {
//---------------------------
// Uninstantiate the Decoder
$decoderStatus = $mteDecoder->uninstantiate();
if (constant($decoderStatus) != mte_status_success) {
//----------------------------------------------------
// Handle Decoder uninstantiate failure appropriately
// Below is only an example
echo "Decoder uninstantiate error: "
.$mteDecoder->getStatusName(constant($decoderStatus)).":"
.$mteDecoder->getStatusDescription(constant($decoderStatus));
return $mteDecoder->getStatusCode(constant($decoderStatus));
}
unset($mteDecoder);
//---------------------------------------
// Re-handshake to get new entropy value
// AND new nonce value
// Full code sample not here, to see example
// please see Diffie-Hellman Key Exchange
$handshake = MethodToHandshake();
//--------------------
// Initialize Decoder
//--------------------
$mteDecoder = new MteDec();
$mteDecoder->setEntropy($handshake["newEncoderEntropy"]);
$mteDecoder->setNonce($handshake["newNonce"]);
$decoderStatus = $mteDecoder->instantiate($personalizationString);
if (constant($decoderStatus) != mte_status_success) {
//----------------------------------------------------
// Handle Decoder instantiate failure appropriately
// Below is only an example
echo "Decoder instantiate error: "
.$mteDecoder->getStatusName(constant($decoderStatus)).":"
.$mteDecoder->getStatusDescription(constant($decoderStatus));
return $mteDecoder->getStatusCode(constant($decoderStatus));
}
}
?>