Browse Source

Add seed-able cryptographic random.

pull/1782/head
Jae Kwon 9 years ago
parent
commit
264d2a3eef
4 changed files with 119 additions and 1 deletions
  1. +18
    -0
      hash.go
  2. +1
    -0
      pub_key.go
  3. +100
    -0
      random.go
  4. +0
    -1
      signature_test.go

+ 18
- 0
hash.go View File

@ -0,0 +1,18 @@
package crypto
import (
"crypto/sha256"
"golang.org/x/crypto/ripemd160"
)
func Sha256(bytes []byte) []byte {
hasher := sha256.New()
hasher.Write(bytes)
return hasher.Sum(nil)
}
func Ripemd160(bytes []byte) []byte {
hasher := ripemd160.New()
hasher.Write(bytes)
return hasher.Sum(nil)
}

+ 1
- 0
pub_key.go View File

@ -15,6 +15,7 @@ type PubKey interface {
Address() []byte Address() []byte
KeyString() string KeyString() string
VerifyBytes(msg []byte, sig Signature) bool VerifyBytes(msg []byte, sig Signature) bool
Equals(PubKey) bool
} }
// Types of PubKey implementations // Types of PubKey implementations


+ 100
- 0
random.go View File

@ -0,0 +1,100 @@
package crypto
import (
"crypto/aes"
"crypto/cipher"
crand "crypto/rand"
"encoding/hex"
"io"
"sync"
. "github.com/tendermint/go-common"
)
var gRandInfo *randInfo
func init() {
gRandInfo = &randInfo{}
gRandInfo.AddSeed(randBytes(32)) // Init
}
// Add additional bytes of randomness, e.g. from hardware, user-input, etc.
// It is OK to call it multiple times. It does not deminish security.
func Seed(seedBytes []byte) {
gRandInfo.AddSeed(seedBytes)
}
// This only uses the OS's randomness
func randBytes(numBytes int) []byte {
b := make([]byte, numBytes)
_, err := crand.Read(b)
if err != nil {
PanicCrisis(err)
}
return b
}
// This uses the OS and the Seed(s).
func CRandBytes(numBytes int) []byte {
b := make([]byte, numBytes)
_, err := gRandInfo.Read(b)
if err != nil {
PanicCrisis(err)
}
return b
}
// RandHex(24) gives 96 bits of randomness, strong enough for most purposes.
func CRandHex(numDigits int) string {
return hex.EncodeToString(CRandBytes(numDigits / 2))
}
// Returns a crand.Reader mixed with user-supplied entropy
func CReader() io.Reader {
return gRandInfo
}
//--------------------------------------------------------------------------------
type randInfo struct {
mtx sync.Mutex
seedBytes [32]byte
cipherAES256 cipher.Block
streamAES256 cipher.Stream
reader io.Reader
}
// You can call this as many times as you'd like.
// XXX TODO review
func (ri *randInfo) AddSeed(seedBytes []byte) {
ri.mtx.Lock()
defer ri.mtx.Unlock()
// Make new ri.seedBytes
hashBytes := Sha256(seedBytes)
hashBytes32 := [32]byte{}
copy(hashBytes32[:], hashBytes)
ri.seedBytes = xorBytes32(ri.seedBytes, hashBytes32)
// Create new cipher.Block
var err error
ri.cipherAES256, err = aes.NewCipher(ri.seedBytes[:])
if err != nil {
PanicSanity("Error creating AES256 cipher: " + err.Error())
}
// Create new stream
ri.streamAES256 = cipher.NewCTR(ri.cipherAES256, randBytes(aes.BlockSize))
// Create new reader
ri.reader = &cipher.StreamReader{S: ri.streamAES256, R: crand.Reader}
}
func (ri *randInfo) Read(b []byte) (n int, err error) {
ri.mtx.Lock()
defer ri.mtx.Unlock()
return ri.reader.Read(b)
}
func xorBytes32(bytesA [32]byte, bytesB [32]byte) (res [32]byte) {
for i, b := range bytesA {
res[i] = b ^ bytesB[i]
}
return res
}

+ 0
- 1
signature_test.go View File

@ -5,7 +5,6 @@ import (
"testing" "testing"
"github.com/tendermint/ed25519" "github.com/tendermint/ed25519"
. "github.com/tendermint/go-common"
"github.com/tendermint/go-wire" "github.com/tendermint/go-wire"
) )


Loading…
Cancel
Save