Crypto++  8.2
Free C++ class library of cryptographic schemes
randpool.h
Go to the documentation of this file.
1 // randpool.h - originally written and placed in the public domain by Wei Dai
2 // OldRandPool added by JW in August, 2017.
3 
4 /// \file randpool.h
5 /// \brief Class file for Randomness Pool
6 /// \details RandomPool can be used to generate cryptographic quality pseudorandom bytes
7 /// after seeding the pool with IncorporateEntropy(). Internally, the generator uses
8 /// AES-256 to produce the stream. Entropy is stirred in using SHA-256.
9 /// \details RandomPool used to follow the design of randpool in PGP 2.6.x. At version 5.5
10 /// RandomPool was redesigned to reduce the risk of reusing random numbers after state
11 /// rollback (which may occur when running in a virtual machine like VMware or a hosted
12 /// environment).
13 /// \details If you need the pre-Crypto++ 5.5 generator then use OldRandomPool class. You
14 /// should migrate away from OldRandomPool at the earliest opportunity. Use RandomPool
15 /// or AutoSeededRandomPool instead.
16 /// \since Crypto++ 4.0 (PGP 2.6.x style), Crypto++ 5.5 (AES-256 based)
17 
18 #ifndef CRYPTOPP_RANDPOOL_H
19 #define CRYPTOPP_RANDPOOL_H
20 
21 #include "cryptlib.h"
22 #include "filters.h"
23 #include "secblock.h"
24 #include "smartptr.h"
25 #include "aes.h"
26 
27 NAMESPACE_BEGIN(CryptoPP)
28 
29 /// \brief Randomness Pool based on AES-256
30 /// \details RandomPool can be used to generate cryptographic quality pseudorandom bytes
31 /// after seeding the pool with IncorporateEntropy(). Internally, the generator uses
32 /// AES-256 to produce the stream. Entropy is stirred in using SHA-256.
33 /// \details RandomPool used to follow the design of randpool in PGP 2.6.x. At version 5.5
34 /// RandomPool was redesigned to reduce the risk of reusing random numbers after state
35 /// rollback, which may occur when running in a virtual machine like VMware or a hosted
36 /// environment.
37 /// \details You should reseed the generator after a fork() to avoid multiple generators
38 /// with the same internal state.
39 /// \details If you need the pre-Crypto++ 5.5 generator then use OldRandomPool class. You
40 /// should migrate away from OldRandomPool at the earliest opportunity.
41 /// \sa OldRandomPool
42 /// \since Crypto++ 4.0 (PGP 2.6.x style), Crypto++ 5.5 (AES-256 based)
43 class CRYPTOPP_DLL RandomPool : public RandomNumberGenerator, public NotCopyable
44 {
45 public:
46  /// \brief Construct a RandomPool
47  RandomPool();
48 
49  bool CanIncorporateEntropy() const {return true;}
50  void IncorporateEntropy(const byte *input, size_t length);
51  void GenerateIntoBufferedTransformation(BufferedTransformation &target, const std::string &channel, lword size);
52 
53 private:
56  member_ptr<BlockCipher> m_pCipher;
57  bool m_keySet;
58 };
59 
60 /// \brief Randomness Pool based on PGP 2.6.x with MDC
61 /// \details If you need the pre-Crypto++ 5.5 generator then use OldRandomPool class. The
62 /// OldRandomPool also provides the modern nterface, including <tt>CanIncorporateEntropy</tt>,
63 /// <tt>IncorporateEntropy</tt> and <tt>GenerateIntoBufferedTransformation</tt>.
64 /// \details You should reseed the generator after a fork() to avoid multiple generators
65 /// with the same internal state.
66 /// \details You should migrate away from OldRandomPool at the earliest opportunity. Use a
67 /// modern random number generator or key derivation function, like AutoSeededRandomPool or
68 /// HKDF.
69 /// \warning This class uses an old style PGP 2.6.x with MDC. The generator risks reusing
70 /// random numbers after state rollback. You should migrate away from OldRandomPool at
71 /// the earliest opportunity.
72 /// \sa RandomPool, AutoSeededRandomPool, HKDF, P1363_KDF2, PKCS12_PBKDF, PKCS5_PBKDF2_HMAC
73 /// \since Crypto++ 6.0 (PGP 2.6.x style)
74 class CRYPTOPP_DLL OldRandomPool : public RandomNumberGenerator
75 {
76 public:
77  /// \brief Construct an OldRandomPool
78  /// \param poolSize internal pool size of the generator
79  /// \details poolSize must be greater than 16
80  OldRandomPool(unsigned int poolSize=384);
81 
82  // RandomNumberGenerator interface (Crypto++ 5.5 and above)
83  bool CanIncorporateEntropy() const {return true;}
84  void IncorporateEntropy(const byte *input, size_t length);
85  void GenerateIntoBufferedTransformation(BufferedTransformation &target, const std::string &channel, lword size);
86 
87  byte GenerateByte();
88  void GenerateBlock(byte *output, size_t size);
89 
90 protected:
91  void Stir();
92 
93 private:
94  SecByteBlock pool, key;
95  size_t addPos, getPos;
96 };
97 
98 NAMESPACE_END
99 
100 #endif
Randomness Pool based on AES-256.
Definition: randpool.h:43
virtual void GenerateBlock(byte *output, size_t size)
Generate random array of bytes.
Definition: cryptlib.cpp:311
Randomness Pool based on PGP 2.6.x with MDC.
Definition: randpool.h:74
bool CanIncorporateEntropy() const
Determines if a generator can accept additional entropy.
Definition: randpool.h:49
Abstract base classes that provide a uniform interface to this library.
Classes for automatic resource management.
Interface for random number generators.
Definition: cryptlib.h:1413
SecBlock<byte> typedef.
Definition: secblock.h:1091
Interface for buffered transformations.
Definition: cryptlib.h:1630
Classes and functions for secure memory allocations.
bool CanIncorporateEntropy() const
Determines if a generator can accept additional entropy.
Definition: randpool.h:83
Class file for the AES cipher (Rijndael)
virtual byte GenerateByte()
Generate new random byte and return it.
Definition: cryptlib.cpp:276
Implementation of BufferedTransformation&#39;s attachment interface.
Crypto++ library namespace.
Ensures an object is not copyable.
Definition: misc.h:236
virtual void GenerateIntoBufferedTransformation(BufferedTransformation &target, const std::string &channel, lword length)
Generate random bytes into a BufferedTransformation.
Definition: cryptlib.cpp:324
virtual void IncorporateEntropy(const byte *input, size_t length)
Update RNG state with additional unpredictable values.
Definition: cryptlib.h:1426