/** * Creates a new hash-based DRBG instance that uses the given digest as the pseudorandom source. * * @param digest Digest algorithm. * @param length Length in bits of values to be produced by DRBG instance. * * @return New DRGB instance. */ public static SP80090DRBG newRBG(final Digest digest, final int length) { return newRBG(digest, length, randomEntropySource(length)); }
/** * Creates a new DRBG instance. * * @param length Length in bits of values produced by DRBG. * @param domain Domain qualifier. * * @return New DRBG instance. */ private static SP80090DRBG newRBG(final int length, final byte[] domain) { return new HashSP800DRBG( new SHA256Digest(), length, NonceUtil.randomEntropySource(length), domain, NonceUtil.timestampNonce(8)); } }
/** * Generates a random IV according to NIST <a href="http://goo.gl/S9z8qF">SP-800-63a</a>, appendix C, method 2 * (pseudorandom), suitable for use with any block cipher mode described in that standard. * * @param prng NIST SP800-63a approved pseudorandom number generator. * @param blockSize Cipher block size in bytes. * * @return Cipher block size number of random bytes. */ public static byte[] nist80063a(final SP800SecureRandom prng, final int blockSize) { prng.setSeed(randomNonce(blockSize)); final byte[] iv = new byte[blockSize]; prng.nextBytes(iv); return iv; }
/** * Creates a new instance that produces length bytes of random data. * * @param length Number of bytes in generated nonce values. */ public RBGNonce(final int length) { if (length < 1) { throw new IllegalArgumentException("Length must be positive"); } this.length = length; this.rbg = NonceUtil.newRBG(length); }
/** * Creates a new hash-based DRBG instance that uses the given digest as the pseudorandom source. * * @param digest Digest algorithm. * @param length Length in bits of values to be produced by DRBG instance. * @param es Entropy source. * * @return New DRGB instance. */ public static SP80090DRBG newRBG(final Digest digest, final int length, final EntropySource es) { return new HashSP800DRBG( digest, length, es, Thread.currentThread().getName().getBytes(), NonceUtil.timestampNonce(8)); } }
@Override public byte[] generate() throws LimitException { final byte[] result = new byte[cipher.getBlockSize()]; final byte[] nonce = NonceUtil.randomNonce(result.length); synchronized (cipher) { cipher.init(true, new KeyParameter(key.getEncoded())); cipher.processBlock(nonce, 0, result, 0); cipher.reset(); } return result; }
/** * Creates a new DRBG instance based on a SHA-256 digest. * * @param length Length in bits of values to be produced by DRBG instance. * * @return New DRGB instance. */ public static SP80090DRBG newRBG(final int length) { return newRBG(new SHA256Digest(), length); }
/** * Generates a symmetric encryption key of the given length. * * @param bitLength Desired key length in bits. * @param cipher Cipher with with key will be used. * * @return Symmetric encryption key. */ public static SecretKey generate(final int bitLength, final BlockCipher cipher) { // Want as much nonce data as key bits final byte[] nonce = NonceUtil.randomNonce((bitLength + 7) / 8); return generate(bitLength, cipher, new SP800SecureRandomBuilder().buildHash(new SHA256Digest(), nonce, false)); }