Crypto++  8.6
Free C++ class library of cryptographic schemes
randpool.h
Go to the documentation of this file.
1 // randpool.h - originally written and placed in the public domain by Wei Dai
2 // OldRandPool added by JW in August, 2017.
3 
4 /// \file randpool.h
5 /// \brief Class file for Randomness Pool
6 /// \details RandomPool can be used to generate cryptographic quality pseudorandom bytes
7 /// after seeding the pool with IncorporateEntropy(). Internally, the generator uses
8 /// AES-256 to produce the stream. Entropy is stirred in using SHA-256.
9 /// \details RandomPool used to follow the design of randpool in PGP 2.6.x. At version 5.5
10 /// RandomPool was redesigned to reduce the risk of reusing random numbers after state
11 /// rollback (which may occur when running in a virtual machine like VMware or a hosted
12 /// environment).
13 /// \details If you need the pre-Crypto++ 5.5 generator then use OldRandomPool class. You
14 /// should migrate away from OldRandomPool at the earliest opportunity. Use RandomPool
15 /// or AutoSeededRandomPool instead.
16 /// \since Crypto++ 4.0 (PGP 2.6.x style), Crypto++ 5.5 (AES-256 based)
17 
18 #ifndef CRYPTOPP_RANDPOOL_H
19 #define CRYPTOPP_RANDPOOL_H
20 
21 #include "cryptlib.h"
22 #include "filters.h"
23 #include "secblock.h"
24 #include "smartptr.h"
25 #include "aes.h"
26 
27 NAMESPACE_BEGIN(CryptoPP)
28 
29 /// \brief Randomness Pool based on AES-256
30 /// \details RandomPool can be used to generate cryptographic quality pseudorandom bytes
31 /// after seeding the pool with IncorporateEntropy(). Internally, the generator uses
32 /// AES-256 to produce the stream. Entropy is stirred in using SHA-256.
33 /// \details RandomPool used to follow the design of randpool in PGP 2.6.x. At version 5.5
34 /// RandomPool was redesigned to reduce the risk of reusing random numbers after state
35 /// rollback, which may occur when running in a virtual machine like VMware or a hosted
36 /// environment.
37 /// \details You should reseed the generator after a fork() to avoid multiple generators
38 /// with the same internal state.
39 /// \details If you need the pre-Crypto++ 5.5 generator then use OldRandomPool class. You
40 /// should migrate away from OldRandomPool at the earliest opportunity.
41 /// \sa OldRandomPool
42 /// \since Crypto++ 4.0 (PGP 2.6.x style), Crypto++ 5.5 (AES-256 based)
43 class CRYPTOPP_DLL RandomPool : public RandomNumberGenerator, public NotCopyable
44 {
45 public:
46  /// \brief Construct a RandomPool
47  RandomPool();
48 
49  bool CanIncorporateEntropy() const {return true;}
50  void IncorporateEntropy(const byte *input, size_t length);
51  void GenerateIntoBufferedTransformation(BufferedTransformation &target, const std::string &channel, lword size);
52 
53 private:
56  member_ptr<BlockCipher> m_pCipher;
57  bool m_keySet;
58 };
59 
60 /// \brief Randomness Pool based on PGP 2.6.x with MDC
61 /// \details If you need the pre-Crypto++ 5.5 generator then use OldRandomPool class. The
62 /// OldRandomPool also provides the modern interface, including <tt>CanIncorporateEntropy</tt>,
63 /// <tt>IncorporateEntropy</tt> and <tt>GenerateIntoBufferedTransformation</tt>.
64 /// \details You should reseed the generator after a fork() to avoid multiple generators
65 /// with the same internal state.
66 /// \details You should migrate away from OldRandomPool at the earliest opportunity. Use a
67 /// modern random number generator or key derivation function, like AutoSeededRandomPool or
68 /// HKDF.
69 /// \warning This class uses an old style PGP 2.6.x with MDC. The generator risks reusing
70 /// random numbers after state rollback. You should migrate away from OldRandomPool at
71 /// the earliest opportunity.
72 /// \sa RandomPool, AutoSeededRandomPool, HKDF, P1363_KDF2, PKCS12_PBKDF, PKCS5_PBKDF2_HMAC
73 /// \since Crypto++ 6.0
74 class CRYPTOPP_DLL OldRandomPool : public RandomNumberGenerator
75 {
76 public:
77  /// \brief Construct an OldRandomPool
78  /// \param poolSize internal pool size of the generator
79  /// \details poolSize must be greater than 16
80  OldRandomPool(unsigned int poolSize=384);
81 
82  // RandomNumberGenerator interface (Crypto++ 5.5 and above)
83  bool CanIncorporateEntropy() const {return true;}
84  void IncorporateEntropy(const byte *input, size_t length);
85  void GenerateIntoBufferedTransformation(BufferedTransformation &target, const std::string &channel, lword size);
86 
87  byte GenerateByte();
88  void GenerateBlock(byte *output, size_t size);
89 
90  // GenerateWord32 is overriden and provides Crypto++ 5.4 behavior.
91  // Taken from RandomNumberSource::GenerateWord32 in cryptlib.cpp.
92  word32 GenerateWord32 (word32 min=0, word32 max=0xffffffffUL);
93 
94 protected:
95  void Stir();
96 
97 private:
98  SecByteBlock pool, key;
99  size_t addPos, getPos;
100 };
101 
102 NAMESPACE_END
103 
104 #endif
FixedSizeAlignedSecBlock< byte, 16, true >
member_ptr< BlockCipher >
secblock.h
Classes and functions for secure memory allocations.
BufferedTransformation
Interface for buffered transformations.
Definition: cryptlib.h:1651
SecByteBlock
SecBlock<byte> typedef.
Definition: secblock.h:1226
smartptr.h
Classes for automatic resource management.
word32
unsigned int word32
32-bit unsigned datatype
Definition: config_int.h:62
RandomNumberGenerator::GenerateIntoBufferedTransformation
virtual void GenerateIntoBufferedTransformation(BufferedTransformation &target, const std::string &channel, lword length)
Generate random bytes into a BufferedTransformation.
filters.h
Implementation of BufferedTransformation's attachment interface.
RandomNumberGenerator
Interface for random number generators.
Definition: cryptlib.h:1434
aes.h
Class file for the AES cipher (Rijndael)
NotCopyable
Ensures an object is not copyable.
Definition: misc.h:238
OldRandomPool
Randomness Pool based on PGP 2.6.x with MDC.
Definition: randpool.h:74
RandomNumberGenerator::GenerateBlock
virtual void GenerateBlock(byte *output, size_t size)
Generate random array of bytes.
RandomNumberGenerator::GenerateWord32
virtual word32 GenerateWord32(word32 min=0, word32 max=0xffffffffUL)
Generate a random 32 bit word in the range min to max, inclusive.
lword
word64 lword
Large word type.
Definition: config_int.h:158
RandomPool
Randomness Pool based on AES-256.
Definition: randpool.h:43
RandomNumberGenerator::IncorporateEntropy
virtual void IncorporateEntropy(const byte *input, size_t length)
Update RNG state with additional unpredictable values.
Definition: cryptlib.h:1447
RandomPool::CanIncorporateEntropy
bool CanIncorporateEntropy() const
Determines if a generator can accept additional entropy.
Definition: randpool.h:49
RandomNumberGenerator::GenerateByte
virtual byte GenerateByte()
Generate new random byte and return it.
CryptoPP
Crypto++ library namespace.
OldRandomPool::CanIncorporateEntropy
bool CanIncorporateEntropy() const
Determines if a generator can accept additional entropy.
Definition: randpool.h:83
cryptlib.h
Abstract base classes that provide a uniform interface to this library.