drbg

package
v0.29.3-beta.2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 20, 2024 License: MIT Imports: 11 Imported by: 0

Documentation

Overview

Package drbg implements Random Number Generation Using Deterministic Random Bit Generators.

Index

Examples

Constants

View Source
const DRBG_RESEED_COUNTER_INTERVAL_LEVEL1 uint64 = 1 << 20
View Source
const DRBG_RESEED_COUNTER_INTERVAL_LEVEL2 uint64 = 1 << 10
View Source
const DRBG_RESEED_COUNTER_INTERVAL_LEVEL_TEST uint64 = 8
View Source
const DRBG_RESEED_TIME_INTERVAL_LEVEL1 = time.Duration(600) * time.Second
View Source
const DRBG_RESEED_TIME_INTERVAL_LEVEL2 = time.Duration(60) * time.Second
View Source
const DRBG_RESEED_TIME_INTERVAL_LEVEL_TEST = time.Duration(6) * time.Second
View Source
const HASH_DRBG_MAX_SEED_SIZE = 111
View Source
const HASH_DRBG_SEED_SIZE = 55
View Source
const MAX_BYTES = 1 << 27
View Source
const MAX_BYTES_PER_GENERATE = 1 << 11

Variables

View Source
var ErrReseedRequired = errors.New("drbg: reseed reuqired")

Functions

This section is empty.

Types

type BaseDrbg

type BaseDrbg struct {
	// contains filtered or unexported fields
}

func (*BaseDrbg) NeedReseed

func (hd *BaseDrbg) NeedReseed() bool

type CtrDrbg

type CtrDrbg struct {
	BaseDrbg
	// contains filtered or unexported fields
}

CtrDrbg CTR DRBG structure, its instance is NOT goroutine safe!!!

func NewCtrDrbg

func NewCtrDrbg(cipherProvider func(key []byte) (cipher.Block, error), keyLen int, securityLevel SecurityLevel, gm bool, entropy, nonce, personalization []byte) (*CtrDrbg, error)

NewCtrDrbg create one CTR DRBG instance

func NewGMCtrDrbg

func NewGMCtrDrbg(securityLevel SecurityLevel, entropy, nonce, personalization []byte) (*CtrDrbg, error)

NewGMCtrDrbg create one CTR DRBG implementation which follows GM/T 0105-2021 standard

func NewNISTCtrDrbg

func NewNISTCtrDrbg(cipherProvider func(key []byte) (cipher.Block, error), keyLen int, securityLevel SecurityLevel, entropy, nonce, personalization []byte) (*CtrDrbg, error)

NewNISTCtrDrbg create one CTR DRBG implementation which follows NIST standard

func (*CtrDrbg) Generate

func (hd *CtrDrbg) Generate(b, additional []byte) error

Generate CTR DRBG pseudorandom bits generate process.

func (*CtrDrbg) MaxBytesPerRequest

func (hd *CtrDrbg) MaxBytesPerRequest() int

func (*CtrDrbg) Reseed

func (hd *CtrDrbg) Reseed(entropy, additional []byte) error

type DRBG

type DRBG interface {
	// check internal state, return if reseed required
	NeedReseed() bool
	// reseed process
	Reseed(entropy, additional []byte) error
	// generate requrested bytes to b
	Generate(b, additional []byte) error
	// MaxBytesPerRequest return max bytes per request
	MaxBytesPerRequest() int
}

DRBG interface for both hash and ctr drbg implementations

type DrbgPrng

type DrbgPrng struct {
	// contains filtered or unexported fields
}

DrbgPrng sample pseudo random number generator base on DRBG

func NewCtrDrbgPrng

func NewCtrDrbgPrng(cipherProvider func(key []byte) (cipher.Block, error), keyLen int, entropySource io.Reader, securityStrength int, gm bool, securityLevel SecurityLevel, personalization []byte) (*DrbgPrng, error)

NewCtrDrbgPrng create pseudo random number generator base on CTR DRBG

func NewGmCtrDrbgPrng

func NewGmCtrDrbgPrng(entropySource io.Reader, securityStrength int, securityLevel SecurityLevel, personalization []byte) (*DrbgPrng, error)

NewNistCtrDrbgPrng create pseudo random number generator base on CTR DRBG which follows GM/T 0105-2021 standard

Example
package main

import (
	"bytes"
	"fmt"

	"github.com/emmansun/gmsm/drbg"
)

func main() {
	prng, err := drbg.NewGmCtrDrbgPrng(nil, 32, drbg.SECURITY_LEVEL_TEST, nil)
	if err != nil {
		panic(err)
	}
	c := 10
	b := make([]byte, c)
	_, err = prng.Read(b)
	if err != nil {
		fmt.Println("error:", err)
		return
	}
	// The slice should now contain random bytes instead of only zeroes.
	fmt.Println(bytes.Equal(b, make([]byte, c)))

}
Output:

false

func NewGmHashDrbgPrng

func NewGmHashDrbgPrng(entropySource io.Reader, securityStrength int, securityLevel SecurityLevel, personalization []byte) (*DrbgPrng, error)

NewGmHashDrbgPrng create pseudo random number generator base on hash DRBG which follows GM/T 0105-2021 standard

Example
package main

import (
	"bytes"
	"fmt"

	"github.com/emmansun/gmsm/drbg"
)

func main() {
	prng, err := drbg.NewGmHashDrbgPrng(nil, 32, drbg.SECURITY_LEVEL_TEST, nil)
	if err != nil {
		panic(err)
	}
	c := 10
	b := make([]byte, c)
	_, err = prng.Read(b)
	if err != nil {
		fmt.Println("error:", err)
		return
	}
	// The slice should now contain random bytes instead of only zeroes.
	fmt.Println(bytes.Equal(b, make([]byte, c)))

}
Output:

false

func NewHashDrbgPrng

func NewHashDrbgPrng(newHash func() hash.Hash, entropySource io.Reader, securityStrength int, gm bool, securityLevel SecurityLevel, personalization []byte) (*DrbgPrng, error)

NewHashDrbgPrng create pseudo random number generator base on HASH DRBG

func NewHmacDrbgPrng added in v0.27.1

func NewHmacDrbgPrng(newHash func() hash.Hash, entropySource io.Reader, securityStrength int, gm bool, securityLevel SecurityLevel, personalization []byte) (*DrbgPrng, error)

NewHmacDrbgPrng create pseudo random number generator base on hash mac DRBG

func NewNistCtrDrbgPrng

func NewNistCtrDrbgPrng(cipherProvider func(key []byte) (cipher.Block, error), keyLen int, entropySource io.Reader, securityStrength int, securityLevel SecurityLevel, personalization []byte) (*DrbgPrng, error)

NewNistCtrDrbgPrng create pseudo random number generator base on CTR DRBG which follows NIST standard

func NewNistHashDrbgPrng

func NewNistHashDrbgPrng(newHash func() hash.Hash, entropySource io.Reader, securityStrength int, securityLevel SecurityLevel, personalization []byte) (*DrbgPrng, error)

NewNistHashDrbgPrng create pseudo random number generator base on hash DRBG which follows NIST standard

func NewNistHmacDrbgPrng added in v0.27.1

func NewNistHmacDrbgPrng(newHash func() hash.Hash, entropySource io.Reader, securityStrength int, securityLevel SecurityLevel, personalization []byte) (*DrbgPrng, error)

NewNistHmacDrbgPrng create pseudo random number generator base on hash mac DRBG which follows NIST standard

func (*DrbgPrng) Read

func (prng *DrbgPrng) Read(data []byte) (int, error)

type HashDrbg

type HashDrbg struct {
	BaseDrbg
	// contains filtered or unexported fields
}

HashDrbg hash DRBG structure, its instance is NOT goroutine safe!!!

func NewGMHashDrbg

func NewGMHashDrbg(securityLevel SecurityLevel, entropy, nonce, personalization []byte) (*HashDrbg, error)

NewGMHashDrbg return hash DRBG implementation which follows GM/T 0105-2021 standard

func NewHashDrbg

func NewHashDrbg(newHash func() hash.Hash, securityLevel SecurityLevel, gm bool, entropy, nonce, personalization []byte) (*HashDrbg, error)

NewHashDrbg create one hash DRBG instance

func NewNISTHashDrbg

func NewNISTHashDrbg(newHash func() hash.Hash, securityLevel SecurityLevel, entropy, nonce, personalization []byte) (*HashDrbg, error)

NewNISTHashDrbg return hash DRBG implementation which follows NIST standard

func (*HashDrbg) Generate

func (hd *HashDrbg) Generate(b, additional []byte) error

Generate hash DRBG pseudorandom bits process. GM/T 0105-2021 has a little different with NIST. GM/T 0105-2021 can only generate no more than hash.Size bytes once.

func (*HashDrbg) MaxBytesPerRequest

func (hd *HashDrbg) MaxBytesPerRequest() int

func (*HashDrbg) Reseed

func (hd *HashDrbg) Reseed(entropy, additional []byte) error

Reseed hash DRBG reseed process. GM/T 0105-2021 has a little different with NIST.

type HmacDrbg added in v0.27.1

type HmacDrbg struct {
	BaseDrbg
	// contains filtered or unexported fields
}

HmacDrbg hmac DRBG structure, its instance is NOT goroutine safe!!! The instance should be used in one goroutine only. Thera are NO hmac DRBR definition in GM/T 0105-2021 yet.

func NewHmacDrbg added in v0.27.1

func NewHmacDrbg(newHash func() hash.Hash, securityLevel SecurityLevel, gm bool, entropy, nonce, personalization []byte) (*HmacDrbg, error)

NewHmacDrbg create one hmac DRBG instance

func NewNISTHmacDrbg added in v0.27.1

func NewNISTHmacDrbg(newHash func() hash.Hash, securityLevel SecurityLevel, entropy, nonce, personalization []byte) (*HmacDrbg, error)

NewNISTHmacDrbg return hmac DRBG implementation which follows NIST standard

func (*HmacDrbg) Generate added in v0.27.1

func (hd *HmacDrbg) Generate(output, additional []byte) error

Generate generates pseudo random bytes usging HMAC_DRBG_Generate_process

func (*HmacDrbg) MaxBytesPerRequest added in v0.27.1

func (hd *HmacDrbg) MaxBytesPerRequest() int

func (*HmacDrbg) Reseed added in v0.27.1

func (hd *HmacDrbg) Reseed(entropy, additional []byte) error

Reseed hash DRBG reseed process. GM/T 0105-2021 has a little different with NIST. reference to NIST.SP.800-90Ar1.pdf section 10.1.2.4

type SecurityLevel

type SecurityLevel byte
const (
	SECURITY_LEVEL_ONE  SecurityLevel = 0x01
	SECURITY_LEVEL_TWO  SecurityLevel = 0x02
	SECURITY_LEVEL_TEST SecurityLevel = 0x99
)

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL