Crypto++ 8.7
Free C++ class library of cryptographic schemes
Classes | Public Member Functions | List of all members
NIST_DRBG Class Referenceabstract

Interface for NIST DRBGs from SP 800-90A. More...

#include <drbg.h>

+ Inheritance diagram for NIST_DRBG:

Classes

class  Err
 Exception thrown when a NIST DRBG encounters an error. More...
 

Public Member Functions

virtual bool CanIncorporateEntropy () const
 Determines if a generator can accept additional entropy. More...
 
virtual void IncorporateEntropy (const byte *input, size_t length)=0
 Update RNG state with additional unpredictable values. More...
 
virtual void IncorporateEntropy (const byte *entropy, size_t entropyLength, const byte *additional, size_t additionaLength)=0
 Update RNG state with additional unpredictable values. More...
 
virtual void GenerateBlock (byte *output, size_t size)=0
 Generate random array of bytes. More...
 
virtual void GenerateBlock (const byte *additional, size_t additionaLength, byte *output, size_t size)=0
 Generate random array of bytes. More...
 
virtual unsigned int SecurityStrength () const =0
 Provides the security strength. More...
 
virtual unsigned int SeedLength () const =0
 Provides the seed length. More...
 
virtual unsigned int MinEntropyLength () const =0
 Provides the minimum entropy size. More...
 
virtual unsigned int MaxEntropyLength () const =0
 Provides the maximum entropy size. More...
 
virtual unsigned int MinNonceLength () const =0
 Provides the minimum nonce size. More...
 
virtual unsigned int MaxNonceLength () const =0
 Provides the maximum nonce size. More...
 
virtual unsigned int MaxBytesPerRequest () const =0
 Provides the maximum size of a request to GenerateBlock. More...
 
virtual unsigned int MaxRequestBeforeReseed () const =0
 Provides the maximum number of requests before a reseed. More...
 
- Public Member Functions inherited from RandomNumberGenerator
virtual void IncorporateEntropy (const byte *input, size_t length)
 Update RNG state with additional unpredictable values. More...
 
virtual bool CanIncorporateEntropy () const
 Determines if a generator can accept additional entropy. More...
 
virtual byte GenerateByte ()
 Generate new random byte and return it. More...
 
virtual unsigned int GenerateBit ()
 Generate new random bit and return it. More...
 
virtual word32 GenerateWord32 (word32 min=0, word32 max=0xffffffffUL)
 Generate a random 32 bit word in the range min to max, inclusive. More...
 
virtual void GenerateBlock (byte *output, size_t size)
 Generate random array of bytes. More...
 
virtual void GenerateIntoBufferedTransformation (BufferedTransformation &target, const std::string &channel, lword length)
 Generate random bytes into a BufferedTransformation. More...
 
virtual void DiscardBytes (size_t n)
 Generate and discard n bytes. More...
 
template<class IT >
void Shuffle (IT begin, IT end)
 Randomly shuffle the specified array. More...
 
- Public Member Functions inherited from Algorithm
 Algorithm (bool checkSelfTestStatus=true)
 Interface for all crypto algorithms. More...
 
virtual std::string AlgorithmName () const
 Provides the name of this algorithm. More...
 
virtual std::string AlgorithmProvider () const
 Retrieve the provider of this algorithm. More...
 
- Public Member Functions inherited from Clonable
virtual ClonableClone () const
 Copies this object. More...
 

Detailed Description

Interface for NIST DRBGs from SP 800-90A.

NIST_DRBG is the base class interface for NIST DRBGs from SP 800-90A Rev 1 (June 2015)

You should reseed the generator after a fork() to avoid multiple generators with the same internal state.

See also
Recommendation for Random Number Generation Using Deterministic Random Bit Generators, Rev 1 (June 2015)
Since
Crypto++ 6.0

Definition at line 26 of file drbg.h.

Constructor & Destructor Documentation

◆ ~NIST_DRBG()

virtual NIST_DRBG::~NIST_DRBG ( )
inlinevirtual

Definition at line 38 of file drbg.h.

Member Function Documentation

◆ CanIncorporateEntropy()

virtual bool NIST_DRBG::CanIncorporateEntropy ( ) const
inlinevirtual

Determines if a generator can accept additional entropy.

Returns
true

All NIST_DRBG return true

Reimplemented from RandomNumberGenerator.

Definition at line 43 of file drbg.h.

◆ IncorporateEntropy() [1/2]

virtual void NIST_DRBG::IncorporateEntropy ( const byte input,
size_t  length 
)
pure virtual

Update RNG state with additional unpredictable values.

Parameters
inputthe entropy to add to the generator
lengththe size of the input buffer
Exceptions
NIST_DRBG::Errif the generator is reseeded with insufficient entropy

NIST instantiation and reseed requirements demand the generator is constructed with at least MINIMUM_ENTROPY entropy. The byte array for input must meet NIST SP 800-90B or SP 800-90C requirements.

Reimplemented from RandomNumberGenerator.

Implemented in Hash_DRBG< HASH, STRENGTH, SEEDLENGTH >, and HMAC_DRBG< HASH, STRENGTH, SEEDLENGTH >.

◆ IncorporateEntropy() [2/2]

virtual void NIST_DRBG::IncorporateEntropy ( const byte entropy,
size_t  entropyLength,
const byte additional,
size_t  additionaLength 
)
pure virtual

Update RNG state with additional unpredictable values.

Parameters
entropythe entropy to add to the generator
entropyLengththe size of the input buffer
additionaladditional input to add to the generator
additionaLengththe size of the additional input buffer
Exceptions
NIST_DRBG::Errif the generator is reseeded with insufficient entropy

IncorporateEntropy() is an overload provided to match NIST requirements. NIST instantiation and reseed requirements demand the generator is constructed with at least MINIMUM_ENTROPY entropy. The byte array for entropy must meet NIST SP 800-90B or SP 800-90C requirements.

Implemented in Hash_DRBG< HASH, STRENGTH, SEEDLENGTH >, and HMAC_DRBG< HASH, STRENGTH, SEEDLENGTH >.

◆ GenerateBlock() [1/2]

virtual void NIST_DRBG::GenerateBlock ( byte output,
size_t  size 
)
pure virtual

Generate random array of bytes.

Parameters
outputthe byte buffer
sizethe length of the buffer, in bytes
Exceptions
NIST_DRBG::Errif a reseed is required
NIST_DRBG::Errif the size exceeds MAXIMUM_BYTES_PER_REQUEST

Reimplemented from RandomNumberGenerator.

Implemented in Hash_DRBG< HASH, STRENGTH, SEEDLENGTH >, and HMAC_DRBG< HASH, STRENGTH, SEEDLENGTH >.

◆ GenerateBlock() [2/2]

virtual void NIST_DRBG::GenerateBlock ( const byte additional,
size_t  additionaLength,
byte output,
size_t  size 
)
pure virtual

Generate random array of bytes.

Parameters
additionaladditional input to add to the generator
additionaLengththe size of the additional input buffer
outputthe byte buffer
sizethe length of the buffer, in bytes
Exceptions
NIST_DRBG::Errif a reseed is required
NIST_DRBG::Errif the size exceeds MAXIMUM_BYTES_PER_REQUEST

GenerateBlock() is an overload provided to match NIST requirements. The byte array for additional input is optional. If present the additional randomness is mixed before generating the output bytes.

Implemented in Hash_DRBG< HASH, STRENGTH, SEEDLENGTH >, and HMAC_DRBG< HASH, STRENGTH, SEEDLENGTH >.

◆ SecurityStrength()

virtual unsigned int NIST_DRBG::SecurityStrength ( ) const
pure virtual

Provides the security strength.

Returns
The security strength of the generator, in bytes

The equivalent class constant is SECURITY_STRENGTH

Implemented in Hash_DRBG< HASH, STRENGTH, SEEDLENGTH >, and HMAC_DRBG< HASH, STRENGTH, SEEDLENGTH >.

◆ SeedLength()

virtual unsigned int NIST_DRBG::SeedLength ( ) const
pure virtual

Provides the seed length.

Returns
The seed size of the generator, in bytes

The equivalent class constant is SEED_LENGTH. The size is used to maintain internal state of V and C.

Implemented in Hash_DRBG< HASH, STRENGTH, SEEDLENGTH >, and HMAC_DRBG< HASH, STRENGTH, SEEDLENGTH >.

◆ MinEntropyLength()

virtual unsigned int NIST_DRBG::MinEntropyLength ( ) const
pure virtual

Provides the minimum entropy size.

Returns
The minimum entropy size required by the generator, in bytes

The equivalent class constant is MINIMUM_ENTROPY. All NIST DRBGs must be instaniated with at least MINIMUM_ENTROPY bytes of entropy. The bytes must meet NIST SP 800-90B or SP 800-90C requirements.

Implemented in Hash_DRBG< HASH, STRENGTH, SEEDLENGTH >, and HMAC_DRBG< HASH, STRENGTH, SEEDLENGTH >.

◆ MaxEntropyLength()

virtual unsigned int NIST_DRBG::MaxEntropyLength ( ) const
pure virtual

Provides the maximum entropy size.

Returns
The maximum entropy size that can be consumed by the generator, in bytes

The equivalent class constant is MAXIMUM_ENTROPY. The bytes must meet NIST SP 800-90B or SP 800-90C requirements. MAXIMUM_ENTROPY has been reduced from 235 to INT_MAX to fit the underlying C++ datatype.

Implemented in Hash_DRBG< HASH, STRENGTH, SEEDLENGTH >, and HMAC_DRBG< HASH, STRENGTH, SEEDLENGTH >.

◆ MinNonceLength()

virtual unsigned int NIST_DRBG::MinNonceLength ( ) const
pure virtual

Provides the minimum nonce size.

Returns
The minimum nonce size recommended for the generator, in bytes

The equivalent class constant is MINIMUM_NONCE. If a nonce is not required then MINIMUM_NONCE is 0. Hash_DRBG does not require a nonce, while HMAC_DRBG and CTR_DRBG require a nonce.

Implemented in Hash_DRBG< HASH, STRENGTH, SEEDLENGTH >, and HMAC_DRBG< HASH, STRENGTH, SEEDLENGTH >.

◆ MaxNonceLength()

virtual unsigned int NIST_DRBG::MaxNonceLength ( ) const
pure virtual

Provides the maximum nonce size.

Returns
The maximum nonce that can be consumed by the generator, in bytes

The equivalent class constant is MAXIMUM_NONCE. MAXIMUM_NONCE has been reduced from 235 to INT_MAX to fit the underlying C++ datatype. If a nonce is not required then MINIMUM_NONCE is 0. Hash_DRBG does not require a nonce, while HMAC_DRBG and CTR_DRBG require a nonce.

Implemented in Hash_DRBG< HASH, STRENGTH, SEEDLENGTH >, and HMAC_DRBG< HASH, STRENGTH, SEEDLENGTH >.

◆ MaxBytesPerRequest()

virtual unsigned int NIST_DRBG::MaxBytesPerRequest ( ) const
pure virtual

Provides the maximum size of a request to GenerateBlock.

Returns
The maximum size of a request to GenerateBlock(), in bytes

The equivalent class constant is MAXIMUM_BYTES_PER_REQUEST

Implemented in Hash_DRBG< HASH, STRENGTH, SEEDLENGTH >, and HMAC_DRBG< HASH, STRENGTH, SEEDLENGTH >.

◆ MaxRequestBeforeReseed()

virtual unsigned int NIST_DRBG::MaxRequestBeforeReseed ( ) const
pure virtual

Provides the maximum number of requests before a reseed.

Returns
The maximum number of requests before a reseed, in bytes

The equivalent class constant is MAXIMUM_REQUESTS_BEFORE_RESEED. MAXIMUM_REQUESTS_BEFORE_RESEED has been reduced from 248 to INT_MAX to fit the underlying C++ datatype.

Implemented in Hash_DRBG< HASH, STRENGTH, SEEDLENGTH >, and HMAC_DRBG< HASH, STRENGTH, SEEDLENGTH >.


The documentation for this class was generated from the following file: