rng

package
v0.7.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 4, 2025 License: Apache-2.0 Imports: 6 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type CipherWrapper 

type CipherWrapper struct {
	// contains filtered or unexported fields
}

CipherWrapper holds the state for a single ChaCha20 stream.

type SecureRNG 

type SecureRNG struct {
	Pool sync.Pool

	// ReseedInterval forces a re-key after a set duration.
	ReseedInterval time.Duration

	// ReseedVolume forces a re-key after generating a set volume of data.
	ReseedVolume uint64
}

SecureRNG is a high-throughput, concurrency-safe random number generator backed by the ChaCha20 stream cipher.

SECURITY GUARANTEES:

  • Thread Safety: Safe for concurrent use by multiple goroutines.
  • Forward Secrecy: Periodic reseeding ensures future key compromises do not reveal past outputs.
  • Backward Secrecy: NOT guaranteed (compromise reveals output since last reseed).

WARNING: VM SNAPSHOTS & FORKS This RNG lives in userspace. If the process is forked or the VM snapshotted, the state will be duplicated, leading to identical random streams.

func NewSecureRNG 

func NewSecureRNG() *SecureRNG

NewSecureRNG initializes a new RNG with safe defaults (1 Minute / 32GB).

func NewSecureRNGWith 

func NewSecureRNGWith(interval time.Duration, volume uint64) *SecureRNG

NewSecureRNGWith allows custom reseed parameters.

func (*SecureRNG) Read 

func (r *SecureRNG) Read(p []byte) (int, error)

Read fills p with random bytes. It handles pool retrieval, reseeding, and cleanup.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.