Documentation
¶
Index ¶
Constants ¶
const (
SeedSize = keySize + aes.BlockSize
)
Variables ¶
This section is empty.
Functions ¶
func Read ¶
func Read(b []byte)
Read fills b with cryptographically secure random bytes. In FIPS mode, it uses an SP 800-90A Rev. 1 Deterministic Random Bit Generator (DRBG). Otherwise, it uses the operating system's random number generator.
func ReadWithReader ¶
ReadWithReader uses Reader to fill b with cryptographically secure random bytes. It is intended for use in APIs that expose a rand io.Reader.
If Reader is not the default Reader from crypto/rand, randutil.MaybeReadByte and fips140.RecordNonApproved are called.
func ReadWithReaderDeterministic ¶
ReadWithReaderDeterministic is like ReadWithReader, but it doesn't call randutil.MaybeReadByte on non-default Readers.
Types ¶
type Counter ¶
type Counter struct {
// contains filtered or unexported fields
}
Counter is an SP 800-90A Rev. 1 CTR_DRBG instantiated with AES-256.
Per Table 3, it has a security strength of 256 bits, a seed size of 384 bits, a counter length of 128 bits, a reseed interval of 2^48 requests, and a maximum request size of 2^19 bits (2^16 bytes, 64 KiB).
We support a narrow range of parameters that fit the needs of our RNG: AES-256, no derivation function, no personalization string, no prediction resistance, and 384-bit additional input.
func NewCounter ¶
type DefaultReader ¶
type DefaultReader interface {
// contains filtered or unexported methods
}
DefaultReader is a sentinel type, embedded in the default crypto/rand.Reader, used to recognize it when passed to APIs that accept a rand io.Reader.
Source Files