Data::Entropy::RawSource::CryptCounter - counter mode of block cipher as I/O handle
use Data::Entropy::RawSource::CryptCounter; my $rawsrc = Data::Entropy::RawSource::CryptCounter ->new(Crypt::Rijndael->new($key)); $c = $rawsrc->getc; # and the rest of the I/O handle interface
This class provides an I/O handle connected to a virtual file which contains the output of a block cipher in counter mode. This makes a good source of pseudorandom bits. The handle implements a substantial subset of the interfaces described in IO::Handle and IO::Seekable.
For use as a general entropy source, it is recommended to wrap an object of this class using
Data::Entropy::Source, which provides methods to extract entropy in more convenient forms than mere octets.
The amount of entropy the virtual file actually contains is only the amount that is in the key, which is at most the length of the key. It superficially appears to be much more than this, if (and to the extent that) the block cipher is secure. This technique is not suitable for all problems, and requires a careful choice of block cipher and keying method. Applications requiring true entropy should generate it (see Data::Entropy::RawSource::Local) or download it (see Data::Entropy::RawSource::RandomnumbersInfo and Data::Entropy::RawSource::RandomOrg).
KEYED_CIPHER must be a cipher object supporting the standard
encrypt methods. For example, an instance of
Crypt::Rijndael (with the default
MODE_ECB) would be appropriate. A handle object is created and returned which refers to a virtual file containing the output of the cipher's counter mode.
Buffered reading from the source, as in IO::Handle.
Unbuffered reading from the source, as in IO::Handle.
Retruns true to indicate that the source is available for I/O.
Error handling, as in IO::Handle.
Move around within the buffered source, as in IO::Seekable.
Move around within the unbuffered source, as in IO::Seekable.
The buffered (
read et al) and unbuffered (
sysread et al) sets of methods are interchangeable, because no such distinction is made by this class.
sysseek only work within the first 4 GiB of the virtual file. The file is actually much larger than that: for Rijndael (AES), or any other cipher with a 128-bit block, the file is 2^52 YiB (2^132 B).
setpos work throughout the file.
Methods to write to the file are unimplemented because the virtual file is fundamentally read-only.
Andrew Main (Zefram) <firstname.lastname@example.org>
Copyright (C) 2006, 2007, 2009, 2011 Andrew Main (Zefram) <email@example.com>
This module is free software; you can redistribute it and/or modify it under the same terms as Perl itself.