Documentation ¶
Overview ¶
Package drbg implements Random Number Generation Using Deterministic Random Bit Generators.
Index ¶
- Constants
- Variables
- type BaseDrbg
- type CtrDrbg
- func NewCtrDrbg(cipherProvider func(key []byte) (cipher.Block, error), keyLen int, ...) (*CtrDrbg, error)
- func NewGMCtrDrbg(securityLevel SecurityLevel, entropy, nonce, personalization []byte) (*CtrDrbg, error)
- func NewNISTCtrDrbg(cipherProvider func(key []byte) (cipher.Block, error), keyLen int, ...) (*CtrDrbg, error)
- type DRBG
- type DrbgPrng
- func NewCtrDrbgPrng(cipherProvider func(key []byte) (cipher.Block, error), keyLen int, ...) (*DrbgPrng, error)
- func NewGmCtrDrbgPrng(entropySource io.Reader, securityStrength int, securityLevel SecurityLevel, ...) (*DrbgPrng, error)
- func NewGmHashDrbgPrng(entropySource io.Reader, securityStrength int, securityLevel SecurityLevel, ...) (*DrbgPrng, error)
- func NewHashDrbgPrng(newHash func() hash.Hash, entropySource io.Reader, securityStrength int, ...) (*DrbgPrng, error)
- func NewHmacDrbgPrng(newHash func() hash.Hash, entropySource io.Reader, securityStrength int, ...) (*DrbgPrng, error)
- func NewNistCtrDrbgPrng(cipherProvider func(key []byte) (cipher.Block, error), keyLen int, ...) (*DrbgPrng, error)
- func NewNistHashDrbgPrng(newHash func() hash.Hash, entropySource io.Reader, securityStrength int, ...) (*DrbgPrng, error)
- func NewNistHmacDrbgPrng(newHash func() hash.Hash, entropySource io.Reader, securityStrength int, ...) (*DrbgPrng, error)
- type HashDrbg
- func NewGMHashDrbg(securityLevel SecurityLevel, entropy, nonce, personalization []byte) (*HashDrbg, error)
- func NewHashDrbg(newHash func() hash.Hash, securityLevel SecurityLevel, gm bool, ...) (*HashDrbg, error)
- func NewNISTHashDrbg(newHash func() hash.Hash, securityLevel SecurityLevel, ...) (*HashDrbg, error)
- type HmacDrbg
- type SecurityLevel
Examples ¶
Constants ¶
const DRBG_RESEED_COUNTER_INTERVAL_LEVEL1 uint64 = 1 << 20
const DRBG_RESEED_COUNTER_INTERVAL_LEVEL2 uint64 = 1 << 10
const DRBG_RESEED_COUNTER_INTERVAL_LEVEL_TEST uint64 = 8
const DRBG_RESEED_TIME_INTERVAL_LEVEL1 = time.Duration(600) * time.Second
const DRBG_RESEED_TIME_INTERVAL_LEVEL2 = time.Duration(60) * time.Second
const DRBG_RESEED_TIME_INTERVAL_LEVEL_TEST = time.Duration(6) * time.Second
const HASH_DRBG_MAX_SEED_SIZE = 111
const HASH_DRBG_SEED_SIZE = 55
const MAX_BYTES = 1 << 27
const MAX_BYTES_PER_GENERATE = 1 << 11
Variables ¶
var ErrReseedRequired = errors.New("drbg: reseed reuqired")
Functions ¶
This section is empty.
Types ¶
type BaseDrbg ¶
type BaseDrbg struct {
// contains filtered or unexported fields
}
func (*BaseDrbg) NeedReseed ¶
type CtrDrbg ¶
type CtrDrbg struct { BaseDrbg // contains filtered or unexported fields }
CtrDrbg CTR DRBG structure, its instance is NOT goroutine safe!!!
func NewCtrDrbg ¶
func NewCtrDrbg(cipherProvider func(key []byte) (cipher.Block, error), keyLen int, securityLevel SecurityLevel, gm bool, entropy, nonce, personalization []byte) (*CtrDrbg, error)
NewCtrDrbg create one CTR DRBG instance
func NewGMCtrDrbg ¶
func NewGMCtrDrbg(securityLevel SecurityLevel, entropy, nonce, personalization []byte) (*CtrDrbg, error)
NewGMCtrDrbg create one CTR DRBG implementation which follows GM/T 0105-2021 standard
func NewNISTCtrDrbg ¶
func NewNISTCtrDrbg(cipherProvider func(key []byte) (cipher.Block, error), keyLen int, securityLevel SecurityLevel, entropy, nonce, personalization []byte) (*CtrDrbg, error)
NewNISTCtrDrbg create one CTR DRBG implementation which follows NIST standard
func (*CtrDrbg) MaxBytesPerRequest ¶
type DRBG ¶
type DRBG interface { // check internal state, return if reseed required NeedReseed() bool // reseed process Reseed(entropy, additional []byte) error // generate requrested bytes to b Generate(b, additional []byte) error // MaxBytesPerRequest return max bytes per request MaxBytesPerRequest() int }
DRBG interface for both hash and ctr drbg implementations
type DrbgPrng ¶
type DrbgPrng struct {
// contains filtered or unexported fields
}
DrbgPrng sample pseudo random number generator base on DRBG
func NewCtrDrbgPrng ¶
func NewCtrDrbgPrng(cipherProvider func(key []byte) (cipher.Block, error), keyLen int, entropySource io.Reader, securityStrength int, gm bool, securityLevel SecurityLevel, personalization []byte) (*DrbgPrng, error)
NewCtrDrbgPrng create pseudo random number generator base on CTR DRBG
func NewGmCtrDrbgPrng ¶
func NewGmCtrDrbgPrng(entropySource io.Reader, securityStrength int, securityLevel SecurityLevel, personalization []byte) (*DrbgPrng, error)
NewNistCtrDrbgPrng create pseudo random number generator base on CTR DRBG which follows GM/T 0105-2021 standard
Example ¶
package main import ( "bytes" "fmt" "github.com/emmansun/gmsm/drbg" ) func main() { prng, err := drbg.NewGmCtrDrbgPrng(nil, 32, drbg.SECURITY_LEVEL_TEST, nil) if err != nil { panic(err) } c := 10 b := make([]byte, c) _, err = prng.Read(b) if err != nil { fmt.Println("error:", err) return } // The slice should now contain random bytes instead of only zeroes. fmt.Println(bytes.Equal(b, make([]byte, c))) }
Output: false
func NewGmHashDrbgPrng ¶
func NewGmHashDrbgPrng(entropySource io.Reader, securityStrength int, securityLevel SecurityLevel, personalization []byte) (*DrbgPrng, error)
NewGmHashDrbgPrng create pseudo random number generator base on hash DRBG which follows GM/T 0105-2021 standard
Example ¶
package main import ( "bytes" "fmt" "github.com/emmansun/gmsm/drbg" ) func main() { prng, err := drbg.NewGmHashDrbgPrng(nil, 32, drbg.SECURITY_LEVEL_TEST, nil) if err != nil { panic(err) } c := 10 b := make([]byte, c) _, err = prng.Read(b) if err != nil { fmt.Println("error:", err) return } // The slice should now contain random bytes instead of only zeroes. fmt.Println(bytes.Equal(b, make([]byte, c))) }
Output: false
func NewHashDrbgPrng ¶
func NewHashDrbgPrng(newHash func() hash.Hash, entropySource io.Reader, securityStrength int, gm bool, securityLevel SecurityLevel, personalization []byte) (*DrbgPrng, error)
NewHashDrbgPrng create pseudo random number generator base on HASH DRBG
func NewHmacDrbgPrng ¶ added in v0.27.1
func NewHmacDrbgPrng(newHash func() hash.Hash, entropySource io.Reader, securityStrength int, gm bool, securityLevel SecurityLevel, personalization []byte) (*DrbgPrng, error)
NewHmacDrbgPrng create pseudo random number generator base on hash mac DRBG
func NewNistCtrDrbgPrng ¶
func NewNistCtrDrbgPrng(cipherProvider func(key []byte) (cipher.Block, error), keyLen int, entropySource io.Reader, securityStrength int, securityLevel SecurityLevel, personalization []byte) (*DrbgPrng, error)
NewNistCtrDrbgPrng create pseudo random number generator base on CTR DRBG which follows NIST standard
func NewNistHashDrbgPrng ¶
func NewNistHashDrbgPrng(newHash func() hash.Hash, entropySource io.Reader, securityStrength int, securityLevel SecurityLevel, personalization []byte) (*DrbgPrng, error)
NewNistHashDrbgPrng create pseudo random number generator base on hash DRBG which follows NIST standard
func NewNistHmacDrbgPrng ¶ added in v0.27.1
func NewNistHmacDrbgPrng(newHash func() hash.Hash, entropySource io.Reader, securityStrength int, securityLevel SecurityLevel, personalization []byte) (*DrbgPrng, error)
NewNistHmacDrbgPrng create pseudo random number generator base on hash mac DRBG which follows NIST standard
type HashDrbg ¶
type HashDrbg struct { BaseDrbg // contains filtered or unexported fields }
HashDrbg hash DRBG structure, its instance is NOT goroutine safe!!!
func NewGMHashDrbg ¶
func NewGMHashDrbg(securityLevel SecurityLevel, entropy, nonce, personalization []byte) (*HashDrbg, error)
NewGMHashDrbg return hash DRBG implementation which follows GM/T 0105-2021 standard
func NewHashDrbg ¶
func NewHashDrbg(newHash func() hash.Hash, securityLevel SecurityLevel, gm bool, entropy, nonce, personalization []byte) (*HashDrbg, error)
NewHashDrbg create one hash DRBG instance
func NewNISTHashDrbg ¶
func NewNISTHashDrbg(newHash func() hash.Hash, securityLevel SecurityLevel, entropy, nonce, personalization []byte) (*HashDrbg, error)
NewNISTHashDrbg return hash DRBG implementation which follows NIST standard
func (*HashDrbg) Generate ¶
Generate hash DRBG pseudorandom bits process. GM/T 0105-2021 has a little different with NIST. GM/T 0105-2021 can only generate no more than hash.Size bytes once.
func (*HashDrbg) MaxBytesPerRequest ¶
type HmacDrbg ¶ added in v0.27.1
type HmacDrbg struct { BaseDrbg // contains filtered or unexported fields }
HmacDrbg hmac DRBG structure, its instance is NOT goroutine safe!!! The instance should be used in one goroutine only. Thera are NO hmac DRBR definition in GM/T 0105-2021 yet.
func NewHmacDrbg ¶ added in v0.27.1
func NewHmacDrbg(newHash func() hash.Hash, securityLevel SecurityLevel, gm bool, entropy, nonce, personalization []byte) (*HmacDrbg, error)
NewHmacDrbg create one hmac DRBG instance
func NewNISTHmacDrbg ¶ added in v0.27.1
func NewNISTHmacDrbg(newHash func() hash.Hash, securityLevel SecurityLevel, entropy, nonce, personalization []byte) (*HmacDrbg, error)
NewNISTHmacDrbg return hmac DRBG implementation which follows NIST standard
func (*HmacDrbg) Generate ¶ added in v0.27.1
Generate generates pseudo random bytes usging HMAC_DRBG_Generate_process
func (*HmacDrbg) MaxBytesPerRequest ¶ added in v0.27.1
type SecurityLevel ¶
type SecurityLevel byte
const ( SECURITY_LEVEL_ONE SecurityLevel = 0x01 SECURITY_LEVEL_TWO SecurityLevel = 0x02 SECURITY_LEVEL_TEST SecurityLevel = 0x99 )