diff options
Diffstat (limited to 'botan/src/rng/hmac_rng/hmac_rng.h')
-rw-r--r-- | botan/src/rng/hmac_rng/hmac_rng.h | 59 |
1 files changed, 59 insertions, 0 deletions
diff --git a/botan/src/rng/hmac_rng/hmac_rng.h b/botan/src/rng/hmac_rng/hmac_rng.h new file mode 100644 index 0000000..318e2a9 --- /dev/null +++ b/botan/src/rng/hmac_rng/hmac_rng.h @@ -0,0 +1,59 @@ +/* +* HMAC RNG +* (C) 2008 Jack Lloyd +* +* Distributed under the terms of the Botan license +*/ + +#ifndef BOTAN_HMAC_RNG_H__ +#define BOTAN_HMAC_RNG_H__ + +#include <botan/mac.h> +#include <botan/rng.h> +#include <vector> + +namespace Botan { + +/** +HMAC_RNG - based on the design described in "On Extract-then-Expand +Key Derivation Functions and an HMAC-based KDF" by Hugo Krawczyk +(henceforce, 'E-t-E') + +However it actually can be parameterized with any two MAC functions, +not restricted to HMAC (this variation is also described in Krawczyk's +paper), for instance one could use HMAC(SHA-512) as the extractor +and CMAC(AES-256) as the PRF. +*/ +class BOTAN_DLL HMAC_RNG : public RandomNumberGenerator + { + public: + void randomize(byte buf[], u32bit len); + bool is_seeded() const { return seeded; } + void clear() throw(); + std::string name() const; + + void reseed(u32bit poll_bits); + void add_entropy_source(EntropySource* es); + void add_entropy(const byte[], u32bit); + + HMAC_RNG(MessageAuthenticationCode* extractor, + MessageAuthenticationCode* prf); + + ~HMAC_RNG(); + private: + void reseed_with_input(u32bit poll_bits, + const byte input[], u32bit length); + + MessageAuthenticationCode* extractor; + MessageAuthenticationCode* prf; + + std::vector<EntropySource*> entropy_sources; + bool seeded; + + SecureVector<byte> K, io_buffer; + u32bit counter, source_index; + }; + +} + +#endif |