/ 
Crypt-DRBG-0.001000
River stage zero No dependents
/ Crypt::DRBG::HMAC

NAME

Crypt::DRBG::HMAC - Fast, cryptographically secure PRNG

SYNOPSIS

use Crypt::DRBG::HMAC;

my $drbg = Crypt::DRBG::HMAC->new(auto => 1);
my $data = $drbg->generate(42);
... # do something with your 42 bytes here

my $drbg2 = Crypt::DRBG::HMAC->new(seed => "my very secret seed");
my $data2 = $drbg->generate(42);

DESCRIPTION

Crypt::DRBG::HMAC is an implementation of the HMAC_DRBG from NIST SP800-90A. It is a fast, cryptographically secure PRNG. By default, it uses HMAC-SHA-512.

However, if provided a seed, it will produce the same sequence of bytes if called the same way each time. This makes it useful for simulations that require good but repeatable random numbers.

Note, however, that due to the way the DRBGs are designed, making a single request and making multiple requests for the same number of bytes will result in different data. For example, two 16-byte requests will not produce the same values as one 32-byte request.

This class derives from Crypt::DRBG, which provides several utility functions.

SUBROUTINES/METHODS

Crypt::DRBG::HMAC->new(%params)

Creates a new Crypt::DRBG::HMAC.

%params can contain all valid values for Crypt::DRBG::initialize, plus the following.

algo

The algorithm to use for generating bytes. The default is "512", for HMAC-SHA-512. This provides optimal performance for 64-bit machines.

If Perl (and hence Digest::SHA) was built with a compiler lacking 64-bit integer support, use "256" here. "256" may also provide better performance for 32-bit machines.

func

If you would like to use a different hash function, you can specify a function implemeting HMAC for your specific algorithm. The function should take two arguments, the value and the key, in that order.

For example, if you had Digest::BLAKE2 and Digest::HMAC installed, you could do the following to use BLAKE2b:

my $func = sub {
	return Digest::HMAC::hmac(@_, \&Digest::BLAKEx::blake2b, 128);
};
my $drbg = Crypt::DRBG::HMAC->new(auto => 1, func => $func;
my $data = $drbg->generate(42);

Note that the algo parameter is still required, explicitly or implicitly, in order to know how large a seed to use.

$drbg->generate($bytes, $additional_data)

Generate and return $bytes bytes. $bytes cannot exceed 2^16.

If $additional_data is specified, add this additional data to the DRBG.

AUTHOR

brian m. carlson, <sandals at crustytoothpaste.net>

BUGS

Please report any bugs or feature requests to bug-crypt-drbg at rt.cpan.org, or through the web interface at http://rt.cpan.org/NoAuth/ReportBug.html?Queue=Crypt-DRBG. I will be notified, and then you'll automatically be notified of progress on your bug as I make changes.

SUPPORT

You can find documentation for this module with the perldoc command.

perldoc Crypt::DRBG::HMAC

You can also look for information at:

ACKNOWLEDGEMENTS

LICENSE AND COPYRIGHT

Copyright 2015 brian m. carlson.

This program is distributed under the MIT (X11) License: http://www.opensource.org/licenses/mit-license.php

Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.