Line | Count | Source (jump to first uncovered line) |
1 | | // randpool.h - originally written and placed in the public domain by Wei Dai |
2 | | // OldRandPool added by JW in August, 2017. |
3 | | |
4 | | /// \file randpool.h |
5 | | /// \brief Class file for Randomness Pool |
6 | | /// \details RandomPool can be used to generate cryptographic quality pseudorandom bytes |
7 | | /// after seeding the pool with IncorporateEntropy(). Internally, the generator uses |
8 | | /// AES-256 to produce the stream. Entropy is stirred in using SHA-256. |
9 | | /// \details RandomPool used to follow the design of randpool in PGP 2.6.x. At version 5.5 |
10 | | /// RandomPool was redesigned to reduce the risk of reusing random numbers after state |
11 | | /// rollback (which may occur when running in a virtual machine like VMware or a hosted |
12 | | /// environment). |
13 | | /// \details If you need the pre-Crypto++ 5.5 generator then use OldRandomPool class. You |
14 | | /// should migrate away from OldRandomPool at the earliest opportunity. Use RandomPool |
15 | | /// or AutoSeededRandomPool instead. |
16 | | /// \since Crypto++ 4.0 (PGP 2.6.x style), Crypto++ 5.5 (AES-256 based) |
17 | | |
18 | | #ifndef CRYPTOPP_RANDPOOL_H |
19 | | #define CRYPTOPP_RANDPOOL_H |
20 | | |
21 | | #include "cryptlib.h" |
22 | | #include "filters.h" |
23 | | #include "secblock.h" |
24 | | #include "smartptr.h" |
25 | | #include "aes.h" |
26 | | |
27 | | NAMESPACE_BEGIN(CryptoPP) |
28 | | |
29 | | /// \brief Randomness Pool based on AES-256 |
30 | | /// \details RandomPool can be used to generate cryptographic quality pseudorandom bytes |
31 | | /// after seeding the pool with IncorporateEntropy(). Internally, the generator uses |
32 | | /// AES-256 to produce the stream. Entropy is stirred in using SHA-256. |
33 | | /// \details RandomPool used to follow the design of randpool in PGP 2.6.x. At version 5.5 |
34 | | /// RandomPool was redesigned to reduce the risk of reusing random numbers after state |
35 | | /// rollback, which may occur when running in a virtual machine like VMware or a hosted |
36 | | /// environment. |
37 | | /// \details You should reseed the generator after a fork() to avoid multiple generators |
38 | | /// with the same internal state. |
39 | | /// \details If you need the pre-Crypto++ 5.5 generator then use OldRandomPool class. You |
40 | | /// should migrate away from OldRandomPool at the earliest opportunity. |
41 | | /// \sa OldRandomPool |
42 | | /// \since Crypto++ 4.0 (PGP 2.6.x style), Crypto++ 5.5 (AES-256 based) |
43 | | class CRYPTOPP_DLL RandomPool : public RandomNumberGenerator, public NotCopyable |
44 | | { |
45 | | public: |
46 | | /// \brief Construct a RandomPool |
47 | | RandomPool(); |
48 | | |
49 | 0 | bool CanIncorporateEntropy() const {return true;} |
50 | | void IncorporateEntropy(const byte *input, size_t length); |
51 | | void GenerateIntoBufferedTransformation(BufferedTransformation &target, const std::string &channel, lword size); |
52 | | |
53 | | private: |
54 | | FixedSizeAlignedSecBlock<byte, 16, true> m_seed; |
55 | | FixedSizeAlignedSecBlock<byte, 32> m_key; |
56 | | member_ptr<BlockCipher> m_pCipher; |
57 | | bool m_keySet; |
58 | | }; |
59 | | |
60 | | /// \brief Randomness Pool based on PGP 2.6.x with MDC |
61 | | /// \details If you need the pre-Crypto++ 5.5 generator then use OldRandomPool class. The |
62 | | /// OldRandomPool also provides the modern interface, including <tt>CanIncorporateEntropy</tt>, |
63 | | /// <tt>IncorporateEntropy</tt> and <tt>GenerateIntoBufferedTransformation</tt>. |
64 | | /// \details You should reseed the generator after a fork() to avoid multiple generators |
65 | | /// with the same internal state. |
66 | | /// \details You should migrate away from OldRandomPool at the earliest opportunity. Use a |
67 | | /// modern random number generator or key derivation function, like AutoSeededRandomPool or |
68 | | /// HKDF. |
69 | | /// \warning This class uses an old style PGP 2.6.x with MDC. The generator risks reusing |
70 | | /// random numbers after state rollback. You should migrate away from OldRandomPool at |
71 | | /// the earliest opportunity. |
72 | | /// \sa RandomPool, AutoSeededRandomPool, HKDF, P1363_KDF2, PKCS12_PBKDF, PKCS5_PBKDF2_HMAC |
73 | | /// \since Crypto++ 6.0 |
74 | | class CRYPTOPP_DLL OldRandomPool : public RandomNumberGenerator |
75 | | { |
76 | | public: |
77 | | /// \brief Construct an OldRandomPool |
78 | | /// \param poolSize internal pool size of the generator |
79 | | /// \details poolSize must be greater than 16 |
80 | | OldRandomPool(unsigned int poolSize=384); |
81 | | |
82 | | // RandomNumberGenerator interface (Crypto++ 5.5 and above) |
83 | 0 | bool CanIncorporateEntropy() const {return true;} |
84 | | void IncorporateEntropy(const byte *input, size_t length); |
85 | | void GenerateIntoBufferedTransformation(BufferedTransformation &target, const std::string &channel, lword size); |
86 | | |
87 | | byte GenerateByte(); |
88 | | void GenerateBlock(byte *output, size_t size); |
89 | | |
90 | | // GenerateWord32 is overridden and provides Crypto++ 5.4 behavior. |
91 | | // Taken from RandomNumberSource::GenerateWord32 in cryptlib.cpp. |
92 | | word32 GenerateWord32 (word32 min=0, word32 max=0xffffffffUL); |
93 | | |
94 | | protected: |
95 | | void Stir(); |
96 | | |
97 | | private: |
98 | | SecByteBlock pool, key; |
99 | | size_t addPos, getPos; |
100 | | }; |
101 | | |
102 | | NAMESPACE_END |
103 | | |
104 | | #endif |