1 files changed, 59 insertions, 0 deletions

diff --git a/botan/src/rng/hmac_rng/hmac_rng.h b/botan/src/rng/hmac_rng/hmac_rng.h
new file mode 100644
index 0000000..318e2a9
--- /dev/null
+++ b/botan/src/rng/hmac_rng/hmac_rng.h
@@ -0,0 +1,59 @@
+/*
+* HMAC RNG
+* (C) 2008 Jack Lloyd
+*
+* Distributed under the terms of the Botan license
+*/
+
+#ifndef BOTAN_HMAC_RNG_H__
+#define BOTAN_HMAC_RNG_H__
+
+#include <botan/mac.h>
+#include <botan/rng.h>
+#include <vector>
+
+namespace Botan {
+
+/**
+HMAC_RNG - based on the design described in "On Extract-then-Expand
+Key Derivation Functions and an HMAC-based KDF" by Hugo Krawczyk
+(henceforce, 'E-t-E')
+
+However it actually can be parameterized with any two MAC functions,
+not restricted to HMAC (this variation is also described in Krawczyk's
+paper), for instance one could use HMAC(SHA-512) as the extractor
+and CMAC(AES-256) as the PRF.
+*/
+class BOTAN_DLL HMAC_RNG : public RandomNumberGenerator
+   {
+   public:
+      void randomize(byte buf[], u32bit len);
+      bool is_seeded() const { return seeded; }
+      void clear() throw();
+      std::string name() const;
+
+      void reseed(u32bit poll_bits);
+      void add_entropy_source(EntropySource* es);
+      void add_entropy(const byte[], u32bit);
+
+      HMAC_RNG(MessageAuthenticationCode* extractor,
+               MessageAuthenticationCode* prf);
+
+      ~HMAC_RNG();
+   private:
+      void reseed_with_input(u32bit poll_bits,
+                             const byte input[], u32bit length);
+
+      MessageAuthenticationCode* extractor;
+      MessageAuthenticationCode* prf;
+
+      std::vector<EntropySource*> entropy_sources;
+      bool seeded;
+
+      SecureVector<byte> K, io_buffer;
+      u32bit counter, source_index;
+   };
+
+}
+
+#endif