diff options
author | Jeffrey Walton <noloader@gmail.com> | 2017-08-01 18:53:31 -0400 |
---|---|---|
committer | Jeffrey Walton <noloader@gmail.com> | 2017-08-01 18:53:31 -0400 |
commit | 02e3a794443ae6d985ddf881d52a87bae1e7cd6f (patch) | |
tree | 300a4938ce461f6dbb2768258023989a7c770d88 /randpool.h | |
parent | 2171a3a3792c43f75e96b8376cadad4836dd1929 (diff) | |
download | cryptopp-git-02e3a794443ae6d985ddf881d52a87bae1e7cd6f.tar.gz |
Add OldRandomPool class (Issue 452)
RandomPool used to be a PGP-style deterministic generator and folks used it as a key generation function. At Crypto++ 5.5 the design changed to harden it agianst rollback attacks. The design change resulted in an upgrade barrier. That is, some folks are stuck at Crypto++ 4.2 or Crypto++ 5.2 because they must interoperate with existing software.
Below is the test program we used for the test vector. It was run against Crypto++ 5.4.
RandomPool prng;
SecByteBlock seed(0x00, 384), result(64);
prng.Put(seed, seed.size());
prng.GenerateBlock(result, result.size());
HexEncoder encoder(new FileSink(std::cout));
std::cout << "RandomPool: ";
encoder.Put(result, sizeof(result));
std::cout << std::endl;
Diffstat (limited to 'randpool.h')
-rw-r--r-- | randpool.h | 67 |
1 files changed, 52 insertions, 15 deletions
@@ -1,4 +1,5 @@ // randpool.h - originally written and placed in the public domain by Wei Dai
+// OldRandPool added by JW in August, 2017.
//! \file randpool.h
//! \brief Class file for Randomness Pool
@@ -9,20 +10,9 @@ //! RandomPool was redesigned to reduce the risk of reusing random numbers after state
//! rollback (which may occur when running in a virtual machine like VMware or a hosted
//! environment).
-//! \details If you need the pre-Crypto++ 5.5 generator then you can find it with:
-//! <pre>
-//! $ git clone https://github.com/weidai11/cryptopp cryptopp-ancient
-//! $ cryptopp-ancient
-//!
-//! # Checkout the RandomPool change
-//! $ git checkout f41245df6fb9b85574260eca9cd32777e8ab5136
-//!
-//! # Go back one more
-//! git checkout HEAD~1
-//!
-//! $ grep 'MDC<SHA1>' *.h *.cpp
-//! randpool.cpp:typedef MDC<SHA1> RandomPoolCipher;
-//! </pre>
+//! \details If you need the pre-Crypto++ 5.5 generator then use OldRandomPool class. You
+//! should migrate away from OldRandomPool at the earliest opportunity. Use RandomPool
+//! or AutoSeededRandomPool instead.
//! \since Crypto++ 4.0 (PGP 2.6.x style), Crypto++ 5.5 (AES-256 based)
#ifndef CRYPTOPP_RANDPOOL_H
@@ -45,6 +35,9 @@ NAMESPACE_BEGIN(CryptoPP) //! RandomPool was redesigned to reduce the risk of reusing random numbers after state
//! rollback (which may occur when running in a virtual machine like VMware or a hosted
//! environment).
+//! \details If you need the pre-Crypto++ 5.5 generator then use OldRandomPool class. You
+//! should migrate away from OldRandomPool at the earliest opportunity. Use RandomPool
+//! or AutoSeededRandomPool instead.
//! \since Crypto++ 4.0 (PGP 2.6.x style), Crypto++ 5.5 (AES-256 based)
class CRYPTOPP_DLL RandomPool : public RandomNumberGenerator, public NotCopyable
{
@@ -56,7 +49,8 @@ public: void IncorporateEntropy(const byte *input, size_t length);
void GenerateIntoBufferedTransformation(BufferedTransformation &target, const std::string &channel, lword size);
- // for backwards compatibility. use RandomNumberSource, RandomNumberStore, and RandomNumberSink for other BufferTransformation functionality
+ // for backwards compatibility. use RandomNumberSource, RandomNumberStore, and
+ // RandomNumberSink for other BufferTransformation functionality
void Put(const byte *input, size_t length) {IncorporateEntropy(input, length);}
private:
@@ -66,6 +60,49 @@ private: bool m_keySet;
};
+//! \class OldRandomPool
+//! \brief Randomness Pool based on PGP 2.6.x with MDC
+//! \details If you need the pre-Crypto++ 5.5 generator then use OldRandomPool class. The
+//! OldRandomPool class is always available so you dont need to define
+//! CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY. However, you should migrate away from
+//! OldRandomPool at the earliest opportunity. Use RandomPool or AutoSeededRandomPool instead.
+//! \deprecated This class uses an old style PGP 2.6.x with MDC. The generator risks reusing
+//! random random numbers after state rollback. Migrate to RandomPool or AutoSeededRandomPool
+//! at the earliest opportunity.
+//! \since Crypto++ 6.0 (PGP 2.6.x style)
+class CRYPTOPP_DLL OldRandomPool : public RandomNumberGenerator,
+ public Bufferless<BufferedTransformation>
+{
+public:
+ //! \brief Construct an OldRandomPool
+ //! \param poolSize internal pool size of the generator
+ //! \details poolSize must be greater than 16
+ OldRandomPool(unsigned int poolSize=384);
+
+ size_t Put2(const byte *begin, size_t length, int messageEnd, bool blocking);
+
+ bool AnyRetrievable() const {return true;}
+ lword MaxRetrievable() const {return ULONG_MAX;}
+
+ size_t TransferTo2(BufferedTransformation &target, lword &transferBytes, const std::string &channel=DEFAULT_CHANNEL, bool blocking=true);
+ size_t CopyRangeTo2(BufferedTransformation &target, lword &begin, lword end=LWORD_MAX, const std::string &channel=DEFAULT_CHANNEL, bool blocking=true) const
+ {
+ throw NotImplemented("OldRandomPool: CopyRangeTo2() is not supported by this store");
+ }
+
+ byte GenerateByte();
+ void GenerateBlock(byte *output, size_t size);
+
+ void IsolatedInitialize(const NameValuePairs ¶meters) {}
+
+protected:
+ void Stir();
+
+private:
+ SecByteBlock pool, key;
+ size_t addPos, getPos;
+};
+
NAMESPACE_END
#endif
|