Crypto++ 8.9
Free C++ class library of cryptographic schemes
randpool.h
Go to the documentation of this file.
1// randpool.h - originally written and placed in the public domain by Wei Dai
2// OldRandPool added by JW in August, 2017.
3
4/// \file randpool.h
5/// \brief Class file for Randomness Pool
6/// \details RandomPool can be used to generate cryptographic quality pseudorandom bytes
7/// after seeding the pool with IncorporateEntropy(). Internally, the generator uses
8/// AES-256 to produce the stream. Entropy is stirred in using SHA-256.
9/// \details RandomPool used to follow the design of randpool in PGP 2.6.x. At version 5.5
10/// RandomPool was redesigned to reduce the risk of reusing random numbers after state
11/// rollback (which may occur when running in a virtual machine like VMware or a hosted
12/// environment).
13/// \details If you need the pre-Crypto++ 5.5 generator then use OldRandomPool class. You
14/// should migrate away from OldRandomPool at the earliest opportunity. Use RandomPool
15/// or AutoSeededRandomPool instead.
16/// \since Crypto++ 4.0 (PGP 2.6.x style), Crypto++ 5.5 (AES-256 based)
17
18#ifndef CRYPTOPP_RANDPOOL_H
19#define CRYPTOPP_RANDPOOL_H
20
21#include "cryptlib.h"
22#include "filters.h"
23#include "secblock.h"
24#include "smartptr.h"
25#include "aes.h"
26
27NAMESPACE_BEGIN(CryptoPP)
28
29/// \brief Randomness Pool based on AES-256
30/// \details RandomPool can be used to generate cryptographic quality pseudorandom bytes
31/// after seeding the pool with IncorporateEntropy(). Internally, the generator uses
32/// AES-256 to produce the stream. Entropy is stirred in using SHA-256.
33/// \details RandomPool used to follow the design of randpool in PGP 2.6.x. At version 5.5
34/// RandomPool was redesigned to reduce the risk of reusing random numbers after state
35/// rollback, which may occur when running in a virtual machine like VMware or a hosted
36/// environment.
37/// \details You should reseed the generator after a fork() to avoid multiple generators
38/// with the same internal state.
39/// \details If you need the pre-Crypto++ 5.5 generator then use OldRandomPool class. You
40/// should migrate away from OldRandomPool at the earliest opportunity.
41/// \sa OldRandomPool
42/// \since Crypto++ 4.0 (PGP 2.6.x style), Crypto++ 5.5 (AES-256 based)
43class CRYPTOPP_DLL RandomPool : public RandomNumberGenerator, public NotCopyable
44{
45public:
46 /// \brief Construct a RandomPool
48
49 bool CanIncorporateEntropy() const {return true;}
50 void IncorporateEntropy(const byte *input, size_t length);
51 void GenerateIntoBufferedTransformation(BufferedTransformation &target, const std::string &channel, lword size);
52
53private:
57 bool m_keySet;
58};
59
60/// \brief Randomness Pool based on PGP 2.6.x with MDC
61/// \details If you need the pre-Crypto++ 5.5 generator then use OldRandomPool class. The
62/// OldRandomPool also provides the modern interface, including <tt>CanIncorporateEntropy</tt>,
63/// <tt>IncorporateEntropy</tt> and <tt>GenerateIntoBufferedTransformation</tt>.
64/// \details You should reseed the generator after a fork() to avoid multiple generators
65/// with the same internal state.
66/// \details You should migrate away from OldRandomPool at the earliest opportunity. Use a
67/// modern random number generator or key derivation function, like AutoSeededRandomPool or
68/// HKDF.
69/// \warning This class uses an old style PGP 2.6.x with MDC. The generator risks reusing
70/// random numbers after state rollback. You should migrate away from OldRandomPool at
71/// the earliest opportunity.
72/// \sa RandomPool, AutoSeededRandomPool, HKDF, P1363_KDF2, PKCS12_PBKDF, PKCS5_PBKDF2_HMAC
73/// \since Crypto++ 6.0
74class CRYPTOPP_DLL OldRandomPool : public RandomNumberGenerator
75{
76public:
77 /// \brief Construct an OldRandomPool
78 /// \param poolSize internal pool size of the generator
79 /// \details poolSize must be greater than 16
80 OldRandomPool(unsigned int poolSize=384);
81
82 // RandomNumberGenerator interface (Crypto++ 5.5 and above)
83 bool CanIncorporateEntropy() const {return true;}
84 void IncorporateEntropy(const byte *input, size_t length);
85 void GenerateIntoBufferedTransformation(BufferedTransformation &target, const std::string &channel, lword size);
86
88 void GenerateBlock(byte *output, size_t size);
89
90 // GenerateWord32 is overridden and provides Crypto++ 5.4 behavior.
91 // Taken from RandomNumberSource::GenerateWord32 in cryptlib.cpp.
92 word32 GenerateWord32 (word32 min=0, word32 max=0xffffffffUL);
93
94protected:
95 void Stir();
96
97private:
98 SecByteBlock pool, key;
99 size_t addPos, getPos;
100};
101
102NAMESPACE_END
103
104#endif
Class file for the AES cipher (Rijndael)
Interface for buffered transformations.
Definition cryptlib.h:1657
Fixed size stack-based SecBlock with 16-byte alignment.
Definition secblock.h:1259
Ensures an object is not copyable.
Definition misc.h:241
Randomness Pool based on PGP 2.6.x with MDC.
Definition randpool.h:75
void GenerateIntoBufferedTransformation(BufferedTransformation &target, const std::string &channel, lword size)
Generate random bytes into a BufferedTransformation.
word32 GenerateWord32(word32 min=0, word32 max=0xffffffffUL)
Generate a random 32 bit word in the range min to max, inclusive.
bool CanIncorporateEntropy() const
Determines if a generator can accept additional entropy.
Definition randpool.h:83
byte GenerateByte()
Generate new random byte and return it.
void IncorporateEntropy(const byte *input, size_t length)
Update RNG state with additional unpredictable values.
void GenerateBlock(byte *output, size_t size)
Generate random array of bytes.
OldRandomPool(unsigned int poolSize=384)
Construct an OldRandomPool.
Interface for random number generators.
Definition cryptlib.h:1440
Randomness Pool based on AES-256.
Definition randpool.h:44
RandomPool()
Construct a RandomPool.
bool CanIncorporateEntropy() const
Determines if a generator can accept additional entropy.
Definition randpool.h:49
void IncorporateEntropy(const byte *input, size_t length)
Update RNG state with additional unpredictable values.
void GenerateIntoBufferedTransformation(BufferedTransformation &target, const std::string &channel, lword size)
Generate random bytes into a BufferedTransformation.
SecBlock typedef.
Definition secblock.h:1226
Pointer that overloads operator ->
Definition smartptr.h:38
unsigned int word32
32-bit unsigned datatype
Definition config_int.h:72
word64 lword
Large word type.
Definition config_int.h:168
Abstract base classes that provide a uniform interface to this library.
Implementation of BufferedTransformation's attachment interface.
Crypto++ library namespace.
Classes and functions for secure memory allocations.
Classes for automatic resource management.