package mirage-crypto-rng

  1. Overview
  2. Docs
A cryptographically secure PRNG

Install 

dune-project
 Dependency

github.com Readme Changelog ISC License Edit opam file Versions (7)

Authors

  1. D
    David Kaloper <dk505@cam.ac.uk>
  2. H
    Hannes Mehnert <hannes@mehnert.org>

Maintainers

  1. H
    Hannes Mehnert <hannes@mehnert.org>

Sources

mirage-crypto-2.0.2.tbz
sha256=739a9d39f34027fbc93557f87c5cac4190a52bddadff72f212faa803d6215874
sha512=6b72c77026d91d3a8695012f229c54f8131c873955c1ac2177a5f4b26b38d6ff71627fdc264530556830d38e098fe8d9a8fc1504659b75a18c2bf565bb4d896f

doc/mirage-crypto-rng/Mirage_crypto_rng/Entropy/index.html

Module Mirage_crypto_rng.EntropySource

Entropy sources and collection

type source

Entropy sources.

val sources : unit -> source list

sources () returns the list of available sources.

val pp_source : Format.formatter -> source -> unit

pp_source ppf source pretty-prints the entropy source on ppf.

val register_source : string -> source

register_source name registers name as entropy source.

Bootstrap

val whirlwind_bootstrap : int -> string

whirlwind_bootstrap id exploits CPU-level data races which lead to execution-time variability. It returns 200 bytes random data prefixed by id.

See http://www.ieee-security.org/TC/SP2014/papers/Not-So-RandomNumbersinVirtualizedLinuxandtheWhirlwindRNG.pdf for further details.

val cpu_rng_bootstrap : (int -> string, [ `Not_supported ]) Result.t

cpu_rng_bootstrap id returns 8 bytes of random data using the CPU RNG (rdseed). On 32bit platforms, only 4 bytes are filled. The id is used as prefix. If only rdrand is available, the return value is the concatenation of 512 calls to rdrand.

  • raises Failure

    if rdrand fails 512 times, or if rdseed fails and rdrand is not available.

val bootstrap : int -> string

bootstrap id is either cpu_rng_bootstrap, if the CPU supports it, or whirlwind_bootstrap if not.

Timer source

val interrupt_hook : unit -> string

interrupt_hook collects lower bytes from the cycle counter, to be used for entropy collection in the event loop.

val timer_accumulator : g option -> unit -> unit

timer_accumulator g is the accumulator for the timer source, applying interrupt_hook on each call.

Periodic pulled sources

val feed_pools : g option -> source -> (unit -> (string, [ `No_random_available ]) result) -> unit

feed_pools g source f feeds all pools of g using source by executing f for each pool.

val cpu_rng : (g option -> unit -> unit, [ `Not_supported ]) Result.t

cpu_rng g uses the CPU RNG (rdrand or rdseed) to feed all pools of g. It uses feed_pools internally. If neither rdrand nor rdseed are available, `Not_supported is returned.

val rdrand_calls : unit -> int

rdrand_calls () returns the number of rdrand calls.

val rdrand_failures : unit -> int

rdrand_failures () returns the number of rdrand failures.

val rdseed_calls : unit -> int

rdseed_calls () returns the number of rdseed calls.

val rdseed_failures : unit -> int

rdseed_failures () returns the number of rdseed failures.