aboutsummaryrefslogtreecommitdiff
path: root/src/random.cpp
AgeCommit message (Collapse)Author
2017-06-16random: fix crash on some 64bit platformsCory Fields
rbx needs to be stashed in a 64bit register on 64bit platforms. With this crash in particular, it was holding a stack canary which was not properly restored after the cpuid. Split out the x86+PIC case so that x86_64 doesn't have to worry about it.
2017-06-14Merge #10377: Use rdrand as entropy source on supported platformsWladimir J. van der Laan
cb24c85 Use rdrand as entropy source on supported platforms (Pieter Wuille) Tree-SHA512: c42eaa01a14e6bc097c70b6bf8540d61854c2f76cb32be69c2a3c411a126f7b4bf4a4486e4493c4cc367cc689319abde0d4adb799d29a54fd3e81767ce0766fc
2017-06-13Use rdrand as entropy source on supported platformsPieter Wuille
2017-06-05Add FastRandomContext::rand256() and ::randbytes()Pieter Wuille
FastRandomContext now provides all functionality that the real Rand* functions provide.
2017-05-22Add perf counter data to GetStrongRandBytes state in schedulerMatt Corallo
2017-05-22Add internal method to add new random data to our internal RNG stateMatt Corallo
2017-05-09Merge #10338: Maintain state across GetStrongRandBytes callsPieter Wuille
97477c5 Maintain state across GetStrongRandBytes calls (Pieter Wuille) Tree-SHA512: 77e9b1f3c6eeb0c2a3e0c64358150767222ff0b7120ccd5f4ae0276cea0e4fa275c1b757e3f20be07dc0b4ef07f70ab0b70112080c8d3d0cb6ed703db8a59168
2017-05-05Use sanity check timestamps as entropyPieter Wuille
2017-05-05Test that GetPerformanceCounter() incrementsPieter Wuille
2017-05-05Use hardware timestamps in RNG seedingPieter Wuille
2017-05-04Maintain state across GetStrongRandBytes callsPieter Wuille
2017-04-24Merge #9792: FastRandomContext improvements and switch to ChaCha20Wladimir J. van der Laan
4fd2d2f Add a FastRandomContext::randrange and use it (Pieter Wuille) 1632922 Switch FastRandomContext to ChaCha20 (Pieter Wuille) e04326f Add ChaCha20 (Pieter Wuille) 663fbae FastRandom benchmark (Pieter Wuille) c21cbe6 Introduce FastRandomContext::randbool() (Pieter Wuille) Tree-SHA512: 7fff61e3f6d6dc6ac846ca643d877b377db609646dd401a0e8f50b052c6b9bcd2f5fc34de6bbf28f04afd1724f6279ee163ead5f37d724fb782a00239f35db1d
2017-04-01Change LogAcceptCategory to use uint32_t rather than sets of strings.Gregory Maxwell
This changes the logging categories to boolean flags instead of strings. This simplifies the acceptance testing by avoiding accessing a scoped static thread local pointer to a thread local set of strings. It eliminates the only use of boost::thread_specific_ptr outside of lockorder debugging. This change allows log entries to be directed to multiple categories and makes it easy to change the logging flags at runtime (e.g. via an RPC, though that isn't done by this commit.) It also eliminates the fDebug global. Configuration of unknown logging categories now produces a warning.
2017-03-29Switch FastRandomContext to ChaCha20Pieter Wuille
2017-02-22random: Add fallback if getrandom syscall not availableWladimir J. van der Laan
If the code was compiled with newer (>=3.17) kernel headers but executed on a system without the system call, every use of random would crash the program. Add a fallback for that case.
2017-02-22sanity: Move OS random to sanity check functionWladimir J. van der Laan
Move the OS random test to a sanity check function that is called every time bitcoind is initialized. Keep `src/test/random_tests.cpp` for the case that later random tests are added, and keep a rudimentary test that just calls the sanity check.
2017-02-21util: Specific GetOSRandom for Linux/FreeBSD/OpenBSDWladimir J. van der Laan
These are available in sandboxes without access to files or devices. Also [they are safer and more straightforward](https://en.wikipedia.org/wiki/Entropy-supplying_system_calls) to use than `/dev/urandom` as reading from a file has quite a few edge cases: - Linux: `getrandom(buf, buflen, 0)`. [getrandom(2)](http://man7.org/linux/man-pages/man2/getrandom.2.html) was introduced in version 3.17 of the Linux kernel. - OpenBSD: `getentropy(buf, buflen)`. The [getentropy(2)](http://man.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man2/getentropy.2) function appeared in OpenBSD 5.6. - FreeBSD and NetBSD: `sysctl(KERN_ARND)`. Not sure when this was added but it has existed for quite a while. Alternatives: - Linux has sysctl `CTL_KERN` / `KERN_RANDOM` / `RANDOM_UUID` which gives 16 bytes of randomness. This may be available on older kernels, however [sysctl is deprecated on Linux](https://lwn.net/Articles/605392/) and even removed in some distros so we shouldn't use it. Add tests for `GetOSRand()`: - Test that no error happens (otherwise `RandFailure()` which aborts) - Test that all 32 bytes are overwritten (initialize with zeros, try multiple times) Discussion: - When to use these? Currently they are always used when available. Another option would be to use them only when `/dev/urandom` is not available. But this would mean these code paths receive less testing, and I'm not sure there is any reason to prefer `/dev/urandom`. Closes: #9676
2016-12-31Increment MIT Licence copyright header year on files modified in 2016isle2983
Edited via: $ contrib/devtools/copyright_header.py update .
2016-12-09Refactor: Removed begin/end_ptr functions.Karl-Johan Alm
2016-10-17Kill insecure_random and associated global stateWladimir J. van der Laan
There are only a few uses of `insecure_random` outside the tests. This PR replaces uses of insecure_random (and its accompanying global state) in the core code with an FastRandomContext that is automatically seeded on creation. This is meant to be used for inner loops. The FastRandomContext can be in the outer scope, or the class itself, then rand32() is used inside the loop. Useful e.g. for pushing addresses in CNode or the fee rounding, or randomization for coin selection. As a context is created per purpose, thus it gets rid of cross-thread unprotected shared usage of a single set of globals, this should also get rid of the potential race conditions. - I'd say TxMempool::check is not called enough to warrant using a special fast random context, this is switched to GetRand() (open for discussion...) - The use of `insecure_rand` in ConnectThroughProxy has been replaced by an atomic integer counter. The only goal here is to have a different credentials pair for each connection to go on a different Tor circuit, it does not need to be random nor unpredictable. - To avoid having a FastRandomContext on every CNode, the context is passed into PushAddress as appropriate. There remains an insecure_random for test usage in `test_random.h`.
2016-05-29Don't use assert for catching randomness failuresPieter Wuille
2016-05-29Always require OS randomness when generating secret keysPieter Wuille
2015-12-13Bump copyright headers to 2015MarcoFalke
2015-02-25WIN32 Seed Cleanup: Move nLastPerfmon behind win32 ifdef.21E14
Code to avoid calling Perfmon too often is only needed when perfmon is actually going to get called. This is not intended to make any functional difference in the addition of entropy to the random pool.
2015-02-15openssl: abstract out OPENSSL_cleanseCory Fields
This makes it easier for us to replace it if desired, since it's now only in one spot. Also, it avoids the openssl include from allocators.h, which essentially forced openssl to be included from every compilation unit.
2014-12-19Added "Core" to copyright headerssandakersmann
Github-Pull: #5494 Rebased-From: 15de949bb9277e442302bdd8dee299a8d6deee60
2014-12-16Remove references to X11 licenceMichael Ford
2014-11-07Make sure that GetRandomBytes never failsWladimir J. van der Laan
We're using GetRandomBytes in several contexts where it's either unwieldy to return an error, or an error would mean a fatal exception anyhow. @gmaxwell checked OpenSSL a while ago and discovered that it never actually fails, but it can't hurt to be a bit paranoid here.
2014-09-19Apply clang-format on some infrequently-updated filesPieter Wuille
2014-09-14header include cleanupPhilip Kaufmann
- ensures alphabetical ordering for includes etc. in source file headers
2014-08-26Split up util.cpp/hWladimir J. van der Laan
Split up util.cpp/h into: - string utilities (hex, base32, base64): no internal dependencies, no dependency on boost (apart from foreach) - money utilities (parsesmoney, formatmoney) - time utilities (gettime*, sleep, format date): - and the rest (logging, argument parsing, config file parsing) The latter is basically the environment and OS handling, and is stripped of all utility functions, so we may want to rename it to something else than util.cpp/h for clarity (Matt suggested osinterface). Breaks dependency of sha256.cpp on all the things pulled in by util.
2014-07-09make RandAddSeed() use OPENSSL_cleanse()Philip Kaufmann
- removes the cstring include and is also used in RandAddSeedPerfmon()
2014-07-09move rand functions from util to new random.h/.cppPhilip Kaufmann