Inheritance diagram for PRNG:
Class PRNG implements the SHA-1 based pseudorandom number generator of FIPS 186-2. The CDK also provides other pseudorandom number generators.
The most efficient way to use PRNG is:
Usage flow: PRNG() // instantiate a new PRNG object add() // [optional] add additional entropy addseed() // [optional] add entropy to the starting seed gens(), gen() // obtain as many pseudorandom bytes as required Recommendations for strict FIPS 140-1 compliance: Only gens(), gen(), or getrand2() may be called to obtain a random number used for cryptographic purposes. In other words, if you need to generate a symmetric key, do *not* use genbasic() or getrand1()! Calling churn(), genbasic(), setSeed(), mytime1(), or getrand1() directly is a violation of the FIPS 140-1 Security Policy for this CDK. These methods should be treated as private.
Sample code illustrating the use of this class appears in the Cookbook section Pseudorandom Numbers.
NOTE: The CDK also provides two stateless random number generators via the global functions getrand1() and getrand2(). getrand1() is a rather unsophisticated RNG intendend only for internal use in non-cryptographic applications; it is not FIPS 140-1 compliant. getrand1(n) returns an n-byte string obtained by repeated calls to Random32() (which maintains a rather pitiful 32-bit state vector). getrand2() is a somewhat fancier RNG that uses a temporary instantiation of PRNG.
Public Member Functions
|PRNG (int(*f)(str &)=0)|
|Destructor that zeroizes internal state data. |
|void||add (int n, const char *s)|
|Update object's internal state vector with additional entropy. |
|str||gens (int n)|
|Get a specified number of random bytes and update object's state vector. |
|num||gen (const num &modulus)|
|Get a random integer less than a specified modulus and update object's state vector. |
These functions are declared public, but are intended for internal use only. FIPS 140-1 compliant applications may not use the methods and/or data members in this section. These functions can be used to reproduce the example in NIST FIPS 186-2 App. 5. (Function genbasic() is used by gens().)
|void||setSeed (str &x)|
|Specify a new seed value for this object; for internal use only. |
|void||addSeed (const str &x)|
|Update internal seed value based on supplied input; for internal use only. |
|Update internal state vector using system state information as additional entropy. |
|str||genbasic (int iter)|
|Basic pseudorandom number generator; for internal use only. |
|f||an optional callback function which is to be passed each generated random number. (A callback mechanism to provide additional entropy may be added in the future.)|
|const char *||s|
Update object's internal state vector with additional entropy.
|n||the number of bytes in the input buffer|
|s||a pointer to the input buffer|
|void addSeed||(||const str &||x||)|
Update internal seed value based on supplied input; for internal use only.
|x||a str containing the data to be added to the seed.|
Update internal state vector using system state information as additional entropy.
Get a random integer less than a specified modulus and update object's state vector.
|modulus||the number that the generated random number must be less than|
Basic pseudorandom number generator; for internal use only.
|iter||a mechanism selector or interation count:|
Get a specified number of random bytes and update object's state vector.
|n||the number of random bytes to generate|
|void setSeed||(||str &||x||)||
Specify a new seed value for this object; for internal use only.
|x||the new initial seed value|
|ISC Cryptographic Development Kit - User's Guide|
|Questions? E-mail ISC technical support|
|Copyright© 2002-2006 Information Security Corp. All rights reserved.|