aboutsummaryrefslogtreecommitdiff
path: root/src/test/test_crypto_rng.c
AgeCommit message (Collapse)Author
2021-03-12Update copyrights to 2021, using "make update-copyright"Nick Mathewson
2020-01-08It's 2020. Update the copyright dates with "make update-copyright"Nick Mathewson
2019-02-19Add a quick test for get_thread_fast_rng()Nick Mathewson
2019-02-14Add whitebox test for the long-output optimization of fast_rngNick Mathewson
2019-02-14Add test for crypto_fast_rng_get_double().Nick Mathewson
2019-02-14Implement a fast aes-ctr prngNick Mathewson
This module is currently implemented to use the same technique as libottery (later used by the bsds' arc4random replacement), using AES-CTR-256 as its underlying stream cipher. It's backtracking- resistant immediately after each call, and prediction-resistant after a while. Here's how it works: We generate psuedorandom bytes using AES-CTR-256. We generate BUFLEN bytes at a time. When we do this, we keep the first SEED_LEN bytes as the key and the IV for our next invocation of AES_CTR, and yield the remaining BUFLEN - SEED_LEN bytes to the user as they invoke the PRNG. As we yield bytes to the user, we clear them from the buffer. Every RESEED_AFTER times we refill the buffer, we mix in an additional SEED_LEN bytes from our strong PRNG into the seed. If the user ever asks for a huge number of bytes at once, we pull SEED_LEN bytes from the PRNG and use them with our stream cipher to fill the user's request.
2019-02-14Extract RNG tests into a new test moduleNick Mathewson
test_crypto.c is pretty big; it wouldn't hurt to split it up some more before I start adding stuff to the PRNG tests.