nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-11 21:53:48 +01:00
Code Issues Packages Projects Releases Wiki Activity
31,424 Commits 53 Branches 630 Tags 125 MiB
8e5df40018
Commit Graph

4 Commits

Author SHA1 Message Date
Nick Mathewson
6a29aa7b8c Add whitebox test for the long-output optimization of fast_rng 2019-02-14 09:26:40 -05:00
Nick Mathewson
3f28b98220 Add test for crypto_fast_rng_get_double(). 2019-02-14 09:26:40 -05:00
Nick Mathewson
f3cbd6426c Implement a fast aes-ctr prng 
This module is currently implemented to use the same technique as
libottery (later used by the bsds' arc4random replacement), using
AES-CTR-256 as its underlying stream cipher.  It's backtracking-
resistant immediately after each call, and prediction-resistant
after a while.

Here's how it works:

We generate psuedorandom bytes using AES-CTR-256.  We generate BUFLEN bytes
at a time.  When we do this, we keep the first SEED_LEN bytes as the key
and the IV for our next invocation of AES_CTR, and yield the remaining
BUFLEN - SEED_LEN bytes to the user as they invoke the PRNG.  As we yield
bytes to the user, we clear them from the buffer.

Every RESEED_AFTER times we refill the buffer, we mix in an additional
SEED_LEN bytes from our strong PRNG into the seed.

If the user ever asks for a huge number of bytes at once, we pull SEED_LEN
bytes from the PRNG and use them with our stream cipher to fill the user's
request.
 2019-02-14 09:26:40 -05:00
Nick Mathewson
3d3578ab41 Extract RNG tests into a new test module 
test_crypto.c is pretty big; it wouldn't hurt to split it up some
more before I start adding stuff to the PRNG tests.
 2019-02-14 09:26:40 -05:00