src/math/rand/v2/chacha8.go - go - Git at Google

 // Copyright 2023 The Go Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.

 package rand

 import (
 	"errors"
 	"internal/byteorder"
 	"internal/chacha8rand"
 )

 // A ChaCha8 is a ChaCha8-based cryptographically strong
 // random number generator.
 type ChaCha8 struct {
 	state chacha8rand.State

 	// The last readLen bytes of readBuf are still to be consumed by Read.
 	readBuf [8]byte
 	readLen int // 0 <= readLen <= 8
 }

 // NewChaCha8 returns a new ChaCha8 seeded with the given seed.
 func NewChaCha8(seed [32]byte) *ChaCha8 {
 	c := new(ChaCha8)
 	c.state.Init(seed)
 	return c
 }

 // Seed resets the ChaCha8 to behave the same way as NewChaCha8(seed).
 func (c *ChaCha8) Seed(seed [32]byte) {
 	c.state.Init(seed)
 	c.readLen = 0
 	c.readBuf = [8]byte{}
 }

 // Uint64 returns a uniformly distributed random uint64 value.
 func (c *ChaCha8) Uint64() uint64 {
 	for {
 		x, ok := c.state.Next()
 		if ok {
 			return x
 		}
 		c.state.Refill()
 	}
 }

 // Read reads exactly len(p) bytes into p.
 // It always returns len(p) and a nil error.
 //
 // If calls to Read and Uint64 are interleaved, the order in which bits are
 // returned by the two is undefined, and Read may return bits generated before
 // the last call to Uint64.
 func (c *ChaCha8) Read(p []byte) (n int, err error) {
 	if c.readLen > 0 {
 		n = copy(p, c.readBuf[len(c.readBuf)-c.readLen:])
 		c.readLen -= n
 		p = p[n:]
 	}
 	for len(p) >= 8 {
 		byteorder.LePutUint64(p, c.Uint64())
 		p = p[8:]
 		n += 8
 	}
 	if len(p) > 0 {
 		byteorder.LePutUint64(c.readBuf[:], c.Uint64())
 		n += copy(p, c.readBuf[:])
 		c.readLen = 8 - len(p)
 	}
 	return
 }

 // UnmarshalBinary implements the encoding.BinaryUnmarshaler interface.
 func (c *ChaCha8) UnmarshalBinary(data []byte) error {
 	data, ok := cutPrefix(data, []byte("readbuf:"))
 	if ok {
 		var buf []byte
 		buf, data, ok = readUint8LengthPrefixed(data)
 		if !ok {
 			return errors.New("invalid ChaCha8 Read buffer encoding")
 		}
 		c.readLen = copy(c.readBuf[len(c.readBuf)-len(buf):], buf)
 	}
 	return chacha8rand.Unmarshal(&c.state, data)
 }

 func cutPrefix(s, prefix []byte) (after []byte, found bool) {
 	if len(s) < len(prefix) || string(s[:len(prefix)]) != string(prefix) {
 		return s, false
 	}
 	return s[len(prefix):], true
 }

 func readUint8LengthPrefixed(b []byte) (buf, rest []byte, ok bool) {
 	if len(b) == 0 || len(b) < int(1+b[0]) {
 		return nil, nil, false
 	}
 	return b[1 : 1+b[0]], b[1+b[0]:], true
 }

 // MarshalBinary implements the encoding.BinaryMarshaler interface.
 func (c *ChaCha8) MarshalBinary() ([]byte, error) {
 	if c.readLen > 0 {
 		out := []byte("readbuf:")
 		out = append(out, uint8(c.readLen))
 		out = append(out, c.readBuf[len(c.readBuf)-c.readLen:]...)
 		return append(out, chacha8rand.Marshal(&c.state)...), nil
 	}
 	return chacha8rand.Marshal(&c.state), nil
 }
	// Copyright 2023 The Go Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style
	// license that can be found in the LICENSE file.

	package rand

	import (
	"errors"
	"internal/byteorder"
	"internal/chacha8rand"
	)

	// A ChaCha8 is a ChaCha8-based cryptographically strong
	// random number generator.
	type ChaCha8 struct {
	state chacha8rand.State

	// The last readLen bytes of readBuf are still to be consumed by Read.
	readBuf [8]byte
	readLen int // 0 <= readLen <= 8
	}

	// NewChaCha8 returns a new ChaCha8 seeded with the given seed.
	func NewChaCha8(seed [32]byte) *ChaCha8 {
	c := new(ChaCha8)
	c.state.Init(seed)
	return c
	}

	// Seed resets the ChaCha8 to behave the same way as NewChaCha8(seed).
	func (c *ChaCha8) Seed(seed [32]byte) {
	c.state.Init(seed)
	c.readLen = 0
	c.readBuf = [8]byte{}
	}

	// Uint64 returns a uniformly distributed random uint64 value.
	func (c *ChaCha8) Uint64() uint64 {
	for {
	x, ok := c.state.Next()
	if ok {
	return x
	}
	c.state.Refill()
	}
	}

	// Read reads exactly len(p) bytes into p.
	// It always returns len(p) and a nil error.
	//
	// If calls to Read and Uint64 are interleaved, the order in which bits are
	// returned by the two is undefined, and Read may return bits generated before
	// the last call to Uint64.
	func (c *ChaCha8) Read(p []byte) (n int, err error) {
	if c.readLen > 0 {
	n = copy(p, c.readBuf[len(c.readBuf)-c.readLen:])
	c.readLen -= n
	p = p[n:]
	}
	for len(p) >= 8 {
	byteorder.LePutUint64(p, c.Uint64())
	p = p[8:]
	n += 8
	}
	if len(p) > 0 {
	byteorder.LePutUint64(c.readBuf[:], c.Uint64())
	n += copy(p, c.readBuf[:])
	c.readLen = 8 - len(p)
	}
	return
	}

	// UnmarshalBinary implements the encoding.BinaryUnmarshaler interface.
	func (c *ChaCha8) UnmarshalBinary(data []byte) error {
	data, ok := cutPrefix(data, []byte("readbuf:"))
	if ok {
	var buf []byte
	buf, data, ok = readUint8LengthPrefixed(data)
	if !ok {
	return errors.New("invalid ChaCha8 Read buffer encoding")
	}
	c.readLen = copy(c.readBuf[len(c.readBuf)-len(buf):], buf)
	}
	return chacha8rand.Unmarshal(&c.state, data)
	}

	func cutPrefix(s, prefix []byte) (after []byte, found bool) {
	if len(s) < len(prefix) \|\| string(s[:len(prefix)]) != string(prefix) {
	return s, false
	}
	return s[len(prefix):], true
	}

	func readUint8LengthPrefixed(b []byte) (buf, rest []byte, ok bool) {
	if len(b) == 0 \|\| len(b) < int(1+b[0]) {
	return nil, nil, false
	}
	return b[1 : 1+b[0]], b[1+b[0]:], true
	}

	// MarshalBinary implements the encoding.BinaryMarshaler interface.
	func (c *ChaCha8) MarshalBinary() ([]byte, error) {
	if c.readLen > 0 {
	out := []byte("readbuf:")
	out = append(out, uint8(c.readLen))
	out = append(out, c.readBuf[len(c.readBuf)-c.readLen:]...)
	return append(out, chacha8rand.Marshal(&c.state)...), nil
	}
	return chacha8rand.Marshal(&c.state), nil
	}