| 1 | // rng.h - written and placed in the public domain by Wei Dai |
|---|
| 2 | |
|---|
| 3 | //! \file rng.h |
|---|
| 4 | //! \brief Miscellaneous classes for RNGs |
|---|
| 5 | //! \details This file contains miscellaneous classes for RNGs, including LC_RNG(), |
|---|
| 6 | //! X917RNG() and MaurerRandomnessTest() |
|---|
| 7 | //! \sa osrng.h, randpool.h |
|---|
| 8 | |
|---|
| 9 | #ifndef CRYPTOPP_RNG_H |
|---|
| 10 | #define CRYPTOPP_RNG_H |
|---|
| 11 | |
|---|
| 12 | #include "cryptlib.h" |
|---|
| 13 | #include "filters.h" |
|---|
| 14 | #include "smartptr.h" |
|---|
| 15 | |
|---|
| 16 | NAMESPACE_BEGIN(CryptoPP) |
|---|
| 17 | |
|---|
| 18 | //! \brief Linear Congruential Generator (LCG) |
|---|
| 19 | //! \details Originally propsed by William S. England. |
|---|
| 20 | //! \warning LC_RNG is suitable for simulations, where uniformaly distrubuted numbers are |
|---|
| 21 | //! required quickly. It should not be used for cryptographic purposes. |
|---|
| 22 | class LC_RNG : public RandomNumberGenerator |
|---|
| 23 | { |
|---|
| 24 | public: |
|---|
| 25 | //! \brief Construct a Linear Congruential Generator (LCG) |
|---|
| 26 | //! \param init_seed the initial value for the generator |
|---|
| 27 | LC_RNG(word32 init_seed) |
|---|
| 28 | : seed(init_seed) {} |
|---|
| 29 | |
|---|
| 30 | void GenerateBlock(byte *output, size_t size); |
|---|
| 31 | |
|---|
| 32 | word32 GetSeed() {return seed;} |
|---|
| 33 | |
|---|
| 34 | private: |
|---|
| 35 | word32 seed; |
|---|
| 36 | |
|---|
| 37 | static const word32 m; |
|---|
| 38 | static const word32 q; |
|---|
| 39 | static const word16 a; |
|---|
| 40 | static const word16 r; |
|---|
| 41 | }; |
|---|
| 42 | |
|---|
| 43 | //! \class X917RNG |
|---|
| 44 | //! \brief ANSI X9.17 RNG |
|---|
| 45 | //! \details X917RNG is from ANSI X9.17 Appendix C, and it uses a 64-bit block cipher, like TripleDES. |
|---|
| 46 | //! If you use a 128-bit block cipher, like AES, then you are effectively using an ANSI X9.31 generator. |
|---|
| 47 | //! \sa AutoSeededX917RNG, DefaultAutoSeededRNG |
|---|
| 48 | class CRYPTOPP_DLL X917RNG : public RandomNumberGenerator, public NotCopyable |
|---|
| 49 | { |
|---|
| 50 | public: |
|---|
| 51 | //! \brief Construct a X917RNG |
|---|
| 52 | //! \param cipher the block cipher to use for the generator |
|---|
| 53 | //! \param seed a byte buffer to use as a seed |
|---|
| 54 | //! \param deterministicTimeVector additional entropy |
|---|
| 55 | //! \details <tt>cipher</tt> will be deleted by the destructor. <tt>seed</tt> must be at least |
|---|
| 56 | //! BlockSize() in length. <tt>deterministicTimeVector = 0</tt> means obtain time vector |
|---|
| 57 | //! from the system. |
|---|
| 58 | //! \details When constructing a X917RNG, the generator must be keyed or an access |
|---|
| 59 | //! violation will occur because the time vector is encrypted using the block cipher. |
|---|
| 60 | //! To key the generator during constructions, perform the following: |
|---|
| 61 | //! <pre> |
|---|
| 62 | //! SecByteBlock key(AES::DEFAULT_KEYLENGTH), seed(AES::BLOCKSIZE); |
|---|
| 63 | //! OS_GenerateRandomBlock(false, key, key.size()); |
|---|
| 64 | //! OS_GenerateRandomBlock(false, seed, seed.size()); |
|---|
| 65 | //! X917RNG prng(new AES::Encryption(key, AES::DEFAULT_KEYLENGTH), seed, NULL);</pre> |
|---|
| 66 | //! \sa AutoSeededX917RNG |
|---|
| 67 | X917RNG(BlockTransformation *cipher, const byte *seed, const byte *deterministicTimeVector = 0); |
|---|
| 68 | |
|---|
| 69 | void GenerateIntoBufferedTransformation(BufferedTransformation &target, const std::string &channel, lword size); |
|---|
| 70 | |
|---|
| 71 | private: |
|---|
| 72 | member_ptr<BlockTransformation> m_cipher; |
|---|
| 73 | const unsigned int m_size; // S, blocksize of cipher |
|---|
| 74 | SecByteBlock m_datetime; // DT, buffer for enciphered timestamp |
|---|
| 75 | SecByteBlock m_randseed, m_lastBlock, m_deterministicTimeVector; |
|---|
| 76 | }; |
|---|
| 77 | |
|---|
| 78 | //! \class MaurerRandomnessTest |
|---|
| 79 | //! \brief Maurer's Universal Statistical Test for Random Bit Generators |
|---|
| 80 | //! \details This class implements Maurer's Universal Statistical Test for |
|---|
| 81 | //! Random Bit Generators. It is intended for measuring the randomness of |
|---|
| 82 | //! *PHYSICAL* RNGs. |
|---|
| 83 | //! \details For more details see Maurer's paper in Journal of Cryptology, 1992. |
|---|
| 84 | class MaurerRandomnessTest : public Bufferless<Sink> |
|---|
| 85 | { |
|---|
| 86 | public: |
|---|
| 87 | //! \brief Contruct a MaurerRandomnessTest |
|---|
| 88 | MaurerRandomnessTest(); |
|---|
| 89 | |
|---|
| 90 | size_t Put2(const byte *inString, size_t length, int messageEnd, bool blocking); |
|---|
| 91 | |
|---|
| 92 | //! \brief Provides the number of bytes of input is needed by the test |
|---|
| 93 | //! \returns how many more bytes of input is needed by the test |
|---|
| 94 | // BytesNeeded() returns how many more bytes of input is needed by the test |
|---|
| 95 | // GetTestValue() should not be called before BytesNeeded()==0 |
|---|
| 96 | unsigned int BytesNeeded() const {return n >= (Q+K) ? 0 : Q+K-n;} |
|---|
| 97 | |
|---|
| 98 | // returns a number between 0.0 and 1.0, describing the quality of the |
|---|
| 99 | // random numbers entered |
|---|
| 100 | double GetTestValue() const; |
|---|
| 101 | |
|---|
| 102 | private: |
|---|
| 103 | enum {L=8, V=256, Q=2000, K=2000}; |
|---|
| 104 | double sum; |
|---|
| 105 | unsigned int n; |
|---|
| 106 | unsigned int tab[V]; |
|---|
| 107 | }; |
|---|
| 108 | |
|---|
| 109 | NAMESPACE_END |
|---|
| 110 | |
|---|
| 111 | #endif |
|---|
