diff options
Diffstat (limited to 'src/rng/randpool')
| -rw-r--r-- | src/rng/randpool/info.txt | 6 | ||||
| -rw-r--r-- | src/rng/randpool/randpool.cpp | 208 | ||||
| -rw-r--r-- | src/rng/randpool/randpool.h | 61 |
3 files changed, 0 insertions, 275 deletions
diff --git a/src/rng/randpool/info.txt b/src/rng/randpool/info.txt deleted file mode 100644 index cc54e5d06..000000000 --- a/src/rng/randpool/info.txt +++ /dev/null @@ -1,6 +0,0 @@ -define RANDPOOL - -<requires> -block -mac -</requires> diff --git a/src/rng/randpool/randpool.cpp b/src/rng/randpool/randpool.cpp deleted file mode 100644 index aa029fef3..000000000 --- a/src/rng/randpool/randpool.cpp +++ /dev/null @@ -1,208 +0,0 @@ -/* -* Randpool -* (C) 1999-2009 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#include <botan/randpool.h> -#include <botan/get_byte.h> -#include <botan/internal/xor_buf.h> -#include <algorithm> -#include <chrono> - -namespace Botan { - -namespace { - -/* -* PRF based on a MAC -*/ -enum RANDPOOL_PRF_TAG { - CIPHER_KEY = 0, - MAC_KEY = 1, - GEN_OUTPUT = 2 -}; - -} - -/* -* Generate a buffer of random bytes -*/ -void Randpool::randomize(byte out[], size_t length) - { - if(!is_seeded()) - throw PRNG_Unseeded(name()); - - update_buffer(); - while(length) - { - const size_t copied = std::min<size_t>(length, buffer.size()); - copy_mem(out, &buffer[0], copied); - out += copied; - length -= copied; - update_buffer(); - } - } - -/* -* Refill the output buffer -*/ -void Randpool::update_buffer() - { - for(size_t i = 0; i != counter.size(); ++i) - if(++counter[i]) - break; - - mac->update(static_cast<byte>(GEN_OUTPUT)); - mac->update(counter); - secure_vector<byte> mac_val = mac->final(); - - for(size_t i = 0; i != mac_val.size(); ++i) - buffer[i % buffer.size()] ^= mac_val[i]; - cipher->encrypt(buffer); - - if(counter[0] % ITERATIONS_BEFORE_RESEED == 0) - mix_pool(); - } - -/* -* Mix the entropy pool -*/ -void Randpool::mix_pool() - { - const size_t BLOCK_SIZE = cipher->block_size(); - - mac->update(static_cast<byte>(MAC_KEY)); - mac->update(pool); - mac->set_key(mac->final()); - - mac->update(static_cast<byte>(CIPHER_KEY)); - mac->update(pool); - cipher->set_key(mac->final()); - - xor_buf(pool, buffer, BLOCK_SIZE); - cipher->encrypt(pool); - for(size_t i = 1; i != POOL_BLOCKS; ++i) - { - const byte* previous_block = &pool[BLOCK_SIZE*(i-1)]; - byte* this_block = &pool[BLOCK_SIZE*i]; - xor_buf(this_block, previous_block, BLOCK_SIZE); - cipher->encrypt(this_block); - } - - update_buffer(); - } - -/* -* Reseed the internal state -*/ -void Randpool::reseed(size_t poll_bits) - { - Entropy_Accumulator_BufferedComputation accum(*mac, poll_bits); - - if(!entropy_sources.empty()) - { - size_t poll_attempt = 0; - - while(!accum.polling_goal_achieved() && poll_attempt < poll_bits) - { - entropy_sources[poll_attempt % entropy_sources.size()]->poll(accum); - ++poll_attempt; - } - } - - secure_vector<byte> mac_val = mac->final(); - - xor_buf(pool, mac_val, mac_val.size()); - mix_pool(); - - if(accum.bits_collected() >= poll_bits) - seeded = true; - } - -/* -* Add user-supplied entropy -*/ -void Randpool::add_entropy(const byte input[], size_t length) - { - secure_vector<byte> mac_val = mac->process(input, length); - xor_buf(pool, mac_val, mac_val.size()); - mix_pool(); - - if(length) - seeded = true; - } - -/* -* Add another entropy source to the list -*/ -void Randpool::add_entropy_source(EntropySource* src) - { - entropy_sources.push_back(src); - } - -/* -* Clear memory of sensitive data -*/ -void Randpool::clear() - { - cipher->clear(); - mac->clear(); - zeroise(pool); - zeroise(buffer); - zeroise(counter); - seeded = false; - } - -/* -* Return the name of this type -*/ -std::string Randpool::name() const - { - return "Randpool(" + cipher->name() + "," + mac->name() + ")"; - } - -/* -* Randpool Constructor -*/ -Randpool::Randpool(BlockCipher* cipher_in, - MessageAuthenticationCode* mac_in, - size_t pool_blocks, - size_t iter_before_reseed) : - ITERATIONS_BEFORE_RESEED(iter_before_reseed), - POOL_BLOCKS(pool_blocks), - cipher(cipher_in), - mac(mac_in) - { - const size_t BLOCK_SIZE = cipher->block_size(); - const size_t OUTPUT_LENGTH = mac->output_length(); - - if(OUTPUT_LENGTH < BLOCK_SIZE || - !cipher->valid_keylength(OUTPUT_LENGTH) || - !mac->valid_keylength(OUTPUT_LENGTH)) - { - delete cipher; - delete mac; - throw Internal_Error("Randpool: Invalid algorithm combination"); - } - - buffer.resize(BLOCK_SIZE); - pool.resize(POOL_BLOCKS * BLOCK_SIZE); - counter.resize(12); - seeded = false; - } - -/* -* Randpool Destructor -*/ -Randpool::~Randpool() - { - delete cipher; - delete mac; - - for(auto i = entropy_sources.begin(); i != entropy_sources.end(); ++i) - delete *i; - } - -} diff --git a/src/rng/randpool/randpool.h b/src/rng/randpool/randpool.h deleted file mode 100644 index 64572bcfb..000000000 --- a/src/rng/randpool/randpool.h +++ /dev/null @@ -1,61 +0,0 @@ -/* -* Randpool -* (C) 1999-2008 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#ifndef BOTAN_RANDPOOL_H__ -#define BOTAN_RANDPOOL_H__ - -#include <botan/rng.h> -#include <botan/block_cipher.h> -#include <botan/mac.h> -#include <vector> - -namespace Botan { - -/** -* Randpool -*/ -class BOTAN_DLL Randpool : public RandomNumberGenerator - { - public: - void randomize(byte[], size_t); - bool is_seeded() const { return seeded; } - void clear(); - std::string name() const; - - void reseed(size_t bits_to_collect); - void add_entropy_source(EntropySource* es); - void add_entropy(const byte input[], size_t length); - - /** - * @param cipher a block cipher to use - * @param mac a message authentication code to use - * @param pool_blocks how many cipher blocks to use for the pool - * @param iterations_before_reseed how many times we'll use the - * internal state to generate output before reseeding - */ - Randpool(BlockCipher* cipher, - MessageAuthenticationCode* mac, - size_t pool_blocks = 32, - size_t iterations_before_reseed = 128); - - ~Randpool(); - private: - void update_buffer(); - void mix_pool(); - - size_t ITERATIONS_BEFORE_RESEED, POOL_BLOCKS; - BlockCipher* cipher; - MessageAuthenticationCode* mac; - - std::vector<EntropySource*> entropy_sources; - secure_vector<byte> pool, buffer, counter; - bool seeded; - }; - -} - -#endif |