File Coverage

blib/lib/Crypt/DRBG/HMAC.pm

Criterion	Covered	Total	%
statement	69	69	100.0
branch	9	10	90.0
condition	5	8	62.5
subroutine	10	10	100.0
pod	1	1	100.0
total	94	98	95.9

line	stmt	bran	cond	sub	pod	time	code
1							package Crypt::DRBG::HMAC;
2							$Crypt::DRBG::HMAC::VERSION = '0.001000';
3	13			13		6766	use 5.006;
	13					49
4	13			13		57	use strict;
	13					27
	13					239
5	13			13		56	use warnings;
	13					20
	13					304
6
7	13			13		644	use parent 'Crypt::DRBG';
	13					601
	13					45
8
9	13			13		1300	use Digest::SHA ();
	13					4627
	13					6643
10
11							=head1 NAME
12
13							Crypt::DRBG::HMAC - Fast, cryptographically secure PRNG
14
15							=head1 SYNOPSIS
16
17							use Crypt::DRBG::HMAC;
18
19							my $drbg = Crypt::DRBG::HMAC->new(auto => 1);
20							my $data = $drbg->generate(42);
21							... # do something with your 42 bytes here
22
23							my $drbg2 = Crypt::DRBG::HMAC->new(seed => "my very secret seed");
24							my $data2 = $drbg->generate(42);
25
26							=head1 DESCRIPTION
27
28							Crypt::DRBG::HMAC is an implementation of the HMAC_DRBG from NIST SP800-90A. It
29							is a fast, cryptographically secure PRNG. By default, it uses HMAC-SHA-512.
30
31							However, if provided a seed, it will produce the same sequence of bytes I
32							called the same way each time>. This makes it useful for simulations that
33							require good but repeatable random numbers.
34
35							Note, however, that due to the way the DRBGs are designed, making a single
36							request and making multiple requests for the same number of bytes will result in
37							different data. For example, two 16-byte requests will not produce the same
38							values as one 32-byte request.
39
40							This class derives from Crypt::DRBG, which provides several utility functions.
41
42							=head1 SUBROUTINES/METHODS
43
44							=head2 Crypt::DRBG::HMAC->new(%params)
45
46							Creates a new Crypt::DRBG::HMAC.
47
48							%params can contain all valid values for Crypt::DRBG::initialize, plus the
49							following.
50
51							=over 4
52
53							=item algo
54
55							The algorithm to use for generating bytes. The default is "512", for
56							HMAC-SHA-512. This provides optimal performance for 64-bit machines.
57
58							If Perl (and hence Digest::SHA) was built with a compiler lacking 64-bit integer
59							support, use "256" here. "256" may also provide better performance for 32-bit
60							machines.
61
62							=item func
63
64							If you would like to use a different hash function, you can specify a function
65							implemeting HMAC for your specific algorithm. The function should take two
66							arguments, the value and the key, in that order.
67
68							For example, if you had C and C installed, you
69							could do the following to use BLAKE2b:
70
71							my $func = sub {
72							return Digest::HMAC::hmac(@_, \&Digest::BLAKEx::blake2b, 128);
73							};
74							my $drbg = Crypt::DRBG::HMAC->new(auto => 1, func => $func;
75							my $data = $drbg->generate(42);
76
77							Note that the algo parameter is still required, explicitly or implicitly, in
78							order to know how large a seed to use.
79
80							=back
81
82							=cut
83
84							sub new {
85	1391			1391	1	5665522	my ($class, %params) = @_;
86
87	1391		33			7484	$class = ref($class) \|\| $class;
88	1391					3136	my $self = bless {}, $class;
89
90	1391		100			5369	my $algo = $self->{algo} = $params{algo} \|\| '512';
91	1391					3942	$algo =~ tr{/}{}d;
92	1391	50	66			13253	$self->{s_func} = ($params{func} \|\| Digest::SHA->can("hmac_sha$algo")) or
93							die "Unsupported algorithm '$algo'";
94	1391	100				8256	$self->{seedlen} = $algo =~ /^(384\|512)$/ ? 111 : 55;
95	1391					3092	$self->{reseed_interval} = 4294967295; # (2^32)-1
96	1391					2488	$self->{bytes_per_request} = 2 ** 16;
97	1391					5125	$self->{outlen} = substr($algo, -3) / 8;
98	1391					3815	$self->{security_strength} = $self->{outlen} / 2;
99	1391					3771	$self->{min_length} = $self->{security_strength};
100	1391					2644	$self->{max_length} = 4294967295; # (2^32)-1
101
102	1391					6681	$self->initialize(%params);
103
104	1390					4446	return $self;
105							}
106
107							sub _seed {
108	1390			1390		2999	my ($self, $seed) = @_;
109
110	1390					4349	my $k = "\x00" x $self->{outlen};
111	1390					2912	my $v = "\x01" x $self->{outlen};
112	1390					5025	$self->{state} = {k => $k, v => $v};
113	1390					3470	return $self->_reseed($seed);
114							}
115
116							sub _reseed {
117	1398			1398		2997	my ($self, $seed) = @_;
118
119	1398					3609	$self->_update($seed);
120	1398					2376	$self->{reseed_counter} = 1;
121	1398					3098	return 1;
122							}
123
124							sub _update {
125	5525			5525		8339	my ($self, $seed) = @_;
126
127	5525	100				10598	my $data = defined $seed ? $seed : '';
128
129	5525					7507	my $func = $self->{s_func};
130	5525					6741	my $state = $self->{state};
131	5525					6520	my ($k, $v) = @{$state}{qw/k v/};
	5525					10378
132	5525					49686	$k = $func->("$v\x00$data", $k);
133	5525					39994	$v = $func->($v, $k);
134	5525	100				11279	if (defined $seed) {
135	4086					30076	$k = $func->("$v\x01$data", $k);
136	4086					29094	$v = $func->($v, $k);
137							}
138	5525					8311	@{$state}{qw/k v/} = ($k, $v);
	5525					9651
139	5525					9069	return 1;
140							}
141
142							=head2 $drbg->generate($bytes, $additional_data)
143
144							Generate and return $bytes bytes. $bytes cannot exceed 2^16.
145
146							If $additional_data is specified, add this additional data to the DRBG.
147
148							=cut
149
150							sub _generate {
151	2783			2783		5592	my ($self, $len, $seed) = @_;
152
153	2783					8806	$self->_check_reseed($len);
154	2783	100				7139	$self->_update($seed) if defined $seed;
155
156	2783					7863	my $count = ($len + ($self->{outlen} - 1)) / $self->{outlen};
157	2783					4329	my $data = '';
158	2783					4141	my $state = $self->{state};
159	2783					3695	my ($k, $v) = @{$state}{qw/k v/};
	2783					6159
160	2783					4160	my $func = $self->{s_func};
161	2783					6895	for (1..$count) {
162	11034					78550	$v = $func->($v, $k);
163	11034					18017	$data .= $v;
164							}
165	2783					3982	$self->{reseed_counter}++;
166	2783					4816	@{$state}{qw/k v/} = ($k, $v);
	2783					5380
167	2783					6305	$self->_update($seed);
168	2783					9816	return substr($data, 0, $len);
169							}
170
171							=head1 AUTHOR
172
173							brian m. carlson, C<< >>
174
175							=head1 BUGS
176
177							Please report any bugs or feature requests to C, or through
178							the web interface at L. I will be notified, and then you'll
179							automatically be notified of progress on your bug as I make changes.
180
181
182
183
184							=head1 SUPPORT
185
186							You can find documentation for this module with the perldoc command.
187
188							perldoc Crypt::DRBG::HMAC
189
190
191							You can also look for information at:
192
193							=over 4
194
195							=item * RT: CPAN's request tracker (report bugs here)
196
197							L
198
199							=item * AnnoCPAN: Annotated CPAN documentation
200
201							L
202
203							=item * CPAN Ratings
204
205							L
206
207							=item * Search CPAN
208
209							L
210
211							=back
212
213
214							=head1 ACKNOWLEDGEMENTS
215
216
217							=head1 LICENSE AND COPYRIGHT
218
219							Copyright 2015 brian m. carlson.
220
221							This program is distributed under the MIT (X11) License:
222							L
223
224							Permission is hereby granted, free of charge, to any person
225							obtaining a copy of this software and associated documentation
226							files (the "Software"), to deal in the Software without
227							restriction, including without limitation the rights to use,
228							copy, modify, merge, publish, distribute, sublicense, and/or sell
229							copies of the Software, and to permit persons to whom the
230							Software is furnished to do so, subject to the following
231							conditions:
232
233							The above copyright notice and this permission notice shall be
234							included in all copies or substantial portions of the Software.
235
236							THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
237							EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
238							OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
239							NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
240							HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
241							WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
242							FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
243							OTHER DEALINGS IN THE SOFTWARE.
244
245
246							=cut
247
248							1; # End of Crypt::DRBG::HMAC