Alias SystemEntropy

Reads random entropy from a system-specific cryptographic random number generator. On Windows, this loads ADVAPI32.DLL and uses RtlGenRandom. On Posix, this reads from a file (by default, "/dev/urandom" normally and "/dev/random" when Yes.PredictionResistance is requested). The speed and cryptographic security of this is dependent on your operating system.

In most cases, this should not be used directly. It quickly consumes available system entropy, which can decrease the cryptographic RNG effectiveness across the whole computer and, on Linux, can cause reads from "/dev/random" to stall for noticably long periods of time. Instead, this is best used for seeding cryptographic psuedo-random number generators, such as HashDRBG.

Optionally, you can use open() and close() to control the lifetime of SystemEntropyStream's system handles (ie, loading/uloading ADVAPI32.DLL and opening/closing pathToRandom). But this is not normally necessary since SystemEntropyStream automatically opens them upon reading and closes upon module destruction.

On Windows, pathToRandom and pathToStrongRandom must be null because Windows uses a system call, not a file path, to retreive system entropy.

On Posix, pathToRandom must NOT be null. If pathToStrongRandom is null, then pathToStrongRandom is assumed to be pathToRandom.

This is a convenience alias for WrappedStreamRNG!(SystemEntropyStream, Elem).

Note that to conform to the expected InputRange interface, this must keep a copy of the last generated value in memory. For security purposes, it may occasionally be appropriate to make an extra popFront() call before and/or after retreiving entropy values. This may decrease the chance of using a compromized entropy value in the event of a memory-sniffing attacker.

Declaration

module dauth.hashdrbg;

// ...
alias SystemEntropy(Elem, string pathToRandom, string pathToStrongRandom) = WrappedStreamRNG!(SystemEntropyStream!(pathToRandom,pathToStrongRandom),Elem);
// ...

Optional Params

pathToRandom - Default value is 'defaultPathToRandom'

pathToStrongRandom - Default value is 'defaultPathToStrongRandom'

Authors

Copyright

License