Moved obscuren secp256k1-go
This commit is contained in:
obscuren
96
crypto/secp256k1/secp256_rand.go
Normal file
96
crypto/secp256k1/secp256_rand.go
Normal file
@ -0,0 +1,96 @@
|
||||
package secp256k1
|
||||
|
||||
import (
|
||||
crand "crypto/rand"
|
||||
"io"
|
||||
mrand "math/rand"
|
||||
"os"
|
||||
"strings"
|
||||
"time"
|
||||
)
|
||||
|
||||
/*
|
||||
Note:
|
||||
|
||||
- On windows cryto/rand uses CrytoGenRandom which uses RC4 which is insecure
|
||||
- Android random number generator is known to be insecure.
|
||||
- Linux uses /dev/urandom , which is thought to be secure and uses entropy pool
|
||||
|
||||
Therefore the output is salted.
|
||||
*/
|
||||
|
||||
//finalizer from MurmerHash3
|
||||
func mmh3f(key uint64) uint64 {
|
||||
key ^= key >> 33
|
||||
key *= 0xff51afd7ed558ccd
|
||||
key ^= key >> 33
|
||||
key *= 0xc4ceb9fe1a85ec53
|
||||
key ^= key >> 33
|
||||
return key
|
||||
}
|
||||
|
||||
//knuth hash
|
||||
func knuth_hash(in []byte) uint64 {
|
||||
var acc uint64 = 3074457345618258791
|
||||
for i := 0; i < len(in); i++ {
|
||||
acc += uint64(in[i])
|
||||
acc *= 3074457345618258799
|
||||
}
|
||||
return acc
|
||||
}
|
||||
|
||||
var _rand *mrand.Rand
|
||||
|
||||
func init() {
|
||||
var seed1 uint64 = mmh3f(uint64(time.Now().UnixNano()))
|
||||
var seed2 uint64 = knuth_hash([]byte(strings.Join(os.Environ(), "")))
|
||||
var seed3 uint64 = mmh3f(uint64(os.Getpid()))
|
||||
|
||||
_rand = mrand.New(mrand.NewSource(int64(seed1 ^ seed2 ^ seed3)))
|
||||
}
|
||||
|
||||
func saltByte(buff []byte) []byte {
|
||||
for i := 0; i < len(buff); i++ {
|
||||
var v uint64 = uint64(_rand.Int63())
|
||||
var b byte
|
||||
for j := 0; j < 8; j++ {
|
||||
b ^= byte(v & 0xff)
|
||||
v = v >> 8
|
||||
}
|
||||
buff[i] = b
|
||||
}
|
||||
return buff
|
||||
}
|
||||
|
||||
//On Unix-like systems, Reader reads from /dev/urandom.
|
||||
//On Windows systems, Reader uses the CryptGenRandom API.
|
||||
|
||||
//use entropy pool etc and cryptographic random number generator
|
||||
//mix in time
|
||||
//mix in mix in cpu cycle count
|
||||
func RandByte(n int) []byte {
|
||||
buff := make([]byte, n)
|
||||
ret, err := io.ReadFull(crand.Reader, buff)
|
||||
if len(buff) != ret || err != nil {
|
||||
return nil
|
||||
}
|
||||
|
||||
buff2 := RandByteWeakCrypto(n)
|
||||
for i := 0; i < n; i++ {
|
||||
buff[i] ^= buff2[2]
|
||||
}
|
||||
return buff
|
||||
}
|
||||
|
||||
/*
|
||||
On Unix-like systems, Reader reads from /dev/urandom.
|
||||
On Windows systems, Reader uses the CryptGenRandom API.
|
||||
*/
|
||||
func RandByteWeakCrypto(n int) []byte {
|
||||
buff := make([]byte, n)
|
||||
ret, err := io.ReadFull(crand.Reader, buff)
|
||||
if len(buff) != ret || err != nil {
|
||||
return nil
|
||||
}
|
||||
return buff
|
||||
}
|
||||
Reference in New Issue
Block a user