Coverage Report

Created: 2024-11-21 07:03

/src/cryptopp/randpool.h
Line
Count
Source (jump to first uncovered line)
1
// randpool.h - originally written and placed in the public domain by Wei Dai
2
//              OldRandPool added by JW in August, 2017.
3
4
/// \file randpool.h
5
/// \brief Class file for Randomness Pool
6
/// \details RandomPool can be used to generate cryptographic quality pseudorandom bytes
7
///  after seeding the pool with IncorporateEntropy(). Internally, the generator uses
8
///  AES-256 to produce the stream. Entropy is stirred in using SHA-256.
9
/// \details RandomPool used to follow the design of randpool in PGP 2.6.x. At version 5.5
10
///  RandomPool was redesigned to reduce the risk of reusing random numbers after state
11
///  rollback (which may occur when running in a virtual machine like VMware or a hosted
12
///  environment).
13
/// \details If you need the pre-Crypto++ 5.5 generator then use OldRandomPool class. You
14
///  should migrate away from OldRandomPool at the earliest opportunity. Use RandomPool
15
///  or AutoSeededRandomPool instead.
16
/// \since Crypto++ 4.0 (PGP 2.6.x style), Crypto++ 5.5 (AES-256 based)
17
18
#ifndef CRYPTOPP_RANDPOOL_H
19
#define CRYPTOPP_RANDPOOL_H
20
21
#include "cryptlib.h"
22
#include "filters.h"
23
#include "secblock.h"
24
#include "smartptr.h"
25
#include "aes.h"
26
27
NAMESPACE_BEGIN(CryptoPP)
28
29
/// \brief Randomness Pool based on AES-256
30
/// \details RandomPool can be used to generate cryptographic quality pseudorandom bytes
31
///  after seeding the pool with IncorporateEntropy(). Internally, the generator uses
32
///  AES-256 to produce the stream. Entropy is stirred in using SHA-256.
33
/// \details RandomPool used to follow the design of randpool in PGP 2.6.x. At version 5.5
34
///  RandomPool was redesigned to reduce the risk of reusing random numbers after state
35
///  rollback, which may occur when running in a virtual machine like VMware or a hosted
36
///  environment.
37
/// \details You should reseed the generator after a fork() to avoid multiple generators
38
///  with the same internal state.
39
/// \details If you need the pre-Crypto++ 5.5 generator then use OldRandomPool class. You
40
///  should migrate away from OldRandomPool at the earliest opportunity.
41
/// \sa OldRandomPool
42
/// \since Crypto++ 4.0 (PGP 2.6.x style), Crypto++ 5.5 (AES-256 based)
43
class CRYPTOPP_DLL RandomPool : public RandomNumberGenerator, public NotCopyable
44
{
45
public:
46
  /// \brief Construct a RandomPool
47
  RandomPool();
48
49
0
  bool CanIncorporateEntropy() const {return true;}
50
  void IncorporateEntropy(const byte *input, size_t length);
51
  void GenerateIntoBufferedTransformation(BufferedTransformation &target, const std::string &channel, lword size);
52
53
private:
54
  FixedSizeAlignedSecBlock<byte, 16, true> m_seed;
55
  FixedSizeAlignedSecBlock<byte, 32> m_key;
56
  member_ptr<BlockCipher> m_pCipher;
57
  bool m_keySet;
58
};
59
60
/// \brief Randomness Pool based on PGP 2.6.x with MDC
61
/// \details If you need the pre-Crypto++ 5.5 generator then use OldRandomPool class. The
62
///  OldRandomPool also provides the modern interface, including <tt>CanIncorporateEntropy</tt>,
63
///  <tt>IncorporateEntropy</tt> and <tt>GenerateIntoBufferedTransformation</tt>.
64
/// \details You should reseed the generator after a fork() to avoid multiple generators
65
///  with the same internal state.
66
/// \details You should migrate away from OldRandomPool at the earliest opportunity. Use a
67
///  modern random number generator or key derivation function, like AutoSeededRandomPool or
68
///  HKDF.
69
/// \warning This class uses an old style PGP 2.6.x with MDC. The generator risks reusing
70
///  random numbers after state rollback. You should migrate away from OldRandomPool at
71
///  the earliest opportunity.
72
/// \sa RandomPool, AutoSeededRandomPool, HKDF, P1363_KDF2, PKCS12_PBKDF, PKCS5_PBKDF2_HMAC
73
/// \since Crypto++ 6.0
74
class CRYPTOPP_DLL OldRandomPool : public RandomNumberGenerator
75
{
76
public:
77
  /// \brief Construct an OldRandomPool
78
  /// \param poolSize internal pool size of the generator
79
  /// \details poolSize must be greater than 16
80
  OldRandomPool(unsigned int poolSize=384);
81
82
  // RandomNumberGenerator interface (Crypto++ 5.5 and above)
83
0
  bool CanIncorporateEntropy() const {return true;}
84
  void IncorporateEntropy(const byte *input, size_t length);
85
  void GenerateIntoBufferedTransformation(BufferedTransformation &target, const std::string &channel, lword size);
86
87
  byte GenerateByte();
88
  void GenerateBlock(byte *output, size_t size);
89
90
  // GenerateWord32 is overridden and provides Crypto++ 5.4 behavior.
91
  // Taken from RandomNumberSource::GenerateWord32 in cryptlib.cpp.
92
  word32 GenerateWord32 (word32 min=0, word32 max=0xffffffffUL);
93
94
protected:
95
  void Stir();
96
97
private:
98
  SecByteBlock pool, key;
99
  size_t addPos, getPos;
100
};
101
102
NAMESPACE_END
103
104
#endif