The Perl Toolchain Summit needs more sponsors. If your company depends on Perl, please support this very important event.


Data::Entropy::RawSource::CryptCounter - counter mode of block cipher as I/O handle


        use Data::Entropy::RawSource::CryptCounter;

        my $rawsrc = Data::Entropy::RawSource::CryptCounter

        $c = $rawsrc->getc;
        # and the rest of the I/O handle interface


This class provides an I/O handle connected to a virtual file which contains the output of a block cipher in counter mode. This makes a good source of pseudorandom bits. The handle implements a substantial subset of the interfaces described in IO::Handle and IO::Seekable.

For use as a general entropy source, it is recommended to wrap an object of this class using Data::Entropy::Source, which provides methods to extract entropy in more convenient forms than mere octets.

The amount of entropy the virtual file actually contains is only the amount that is in the key, which is at most the length of the key. It superficially appears to be much more than this, if (and to the extent that) the block cipher is secure. This technique is not suitable for all problems, and requires a careful choice of block cipher and keying method. Applications requiring true entropy should generate it (see Data::Entropy::RawSource::Local) or download it (see Data::Entropy::RawSource::RandomnumbersInfo and Data::Entropy::RawSource::RandomOrg).



KEYED_CIPHER must be a cipher object supporting the standard blocksize and encrypt methods. For example, an instance of Crypt::Rijndael (with the default MODE_ECB) would be appropriate. A handle object is created and returned which refers to a virtual file containing the output of the cipher's counter mode.


A subset of the interfaces described in IO::Handle and IO::Seekable are provided:

$rawsrc->read(BUFFER, LENGTH[, OFFSET])

Buffered reading from the source, as in IO::Handle.

$rawsrc->sysread(BUFFER, LENGTH[, OFFSET])

Unbuffered reading from the source, as in IO::Handle.


Does nothing.


Retruns true to indicate that the source is available for I/O.


Error handling, as in IO::Handle.

$rawsrc->seek(POS, WHENCE)

Move around within the buffered source, as in IO::Seekable.

$rawsrc->sysseek(POS, WHENCE)

Move around within the unbuffered source, as in IO::Seekable.

The buffered (read et al) and unbuffered (sysread et al) sets of methods are interchangeable, because no such distinction is made by this class.

tell, seek, and sysseek only work within the first 4 GiB of the virtual file. The file is actually much larger than that: for Rijndael (AES), or any other cipher with a 128-bit block, the file is 2^52 YiB (2^132 B). getpos and setpos work throughout the file.

Methods to write to the file are unimplemented because the virtual file is fundamentally read-only.


Crypt::Rijndael, Data::Entropy::RawSource::Local, Data::Entropy::RawSource::RandomOrg, Data::Entropy::RawSource::RandomnumbersInfo, Data::Entropy::Source


Andrew Main (Zefram) <>


Copyright (C) 2006, 2007, 2009, 2011 Andrew Main (Zefram) <>


This module is free software; you can redistribute it and/or modify it under the same terms as Perl itself.