aboutsummaryrefslogtreecommitdiff
path: root/src/random.cpp
Commit message (Collapse)AuthorAgeFilesLines
* Update copyright headers to 2018DrahtBot2018-07-271-1/+1
|
* Fix FreeBSD build by including utilstrencodings.hWladimir J. van der Laan2018-05-241-0/+1
| | | | | | | `random.cpp` needs to explicitly include `utilstrencodings.h` to get `ARRAYLEN`. This fixes the FreeBSD build. This was broken in 84f41946b9026e8bf7bc44ed848dfb945394b693.
* break circular dependency: random/sync -> util -> random/syncChun Kuan Lee2018-05-171-2/+3
|
* Make it clear which functions that are intended to be translation unit localpracticalswift2018-05-031-1/+1
| | | | | Do not share functions that are meant to be translation unit local with other translation units. Use internal linkage for those consistently.
* Remove duplicate includespracticalswift2018-04-091-1/+0
|
* Increment MIT Licence copyright header year on files modified in 2017Akira Takizawa2018-01-031-1/+1
|
* scripted-diff: Replace #include "" with #include <> (ryanofsky)MeshCollider2017-11-161-6/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | -BEGIN VERIFY SCRIPT- for f in \ src/*.cpp \ src/*.h \ src/bench/*.cpp \ src/bench/*.h \ src/compat/*.cpp \ src/compat/*.h \ src/consensus/*.cpp \ src/consensus/*.h \ src/crypto/*.cpp \ src/crypto/*.h \ src/crypto/ctaes/*.h \ src/policy/*.cpp \ src/policy/*.h \ src/primitives/*.cpp \ src/primitives/*.h \ src/qt/*.cpp \ src/qt/*.h \ src/qt/test/*.cpp \ src/qt/test/*.h \ src/rpc/*.cpp \ src/rpc/*.h \ src/script/*.cpp \ src/script/*.h \ src/support/*.cpp \ src/support/*.h \ src/support/allocators/*.h \ src/test/*.cpp \ src/test/*.h \ src/wallet/*.cpp \ src/wallet/*.h \ src/wallet/test/*.cpp \ src/wallet/test/*.h \ src/zmq/*.cpp \ src/zmq/*.h do base=${f%/*}/ relbase=${base#src/} sed -i "s:#include \"\(.*\)\"\(.*\):if test -e \$base'\\1'; then echo \"#include <\"\$relbase\"\\1>\\2\"; else echo \"#include <\\1>\\2\"; fi:e" $f done -END VERIFY SCRIPT-
* Merge #10843: Add attribute [[noreturn]] (C++11) to functions that will not ↵Wladimir J. van der Laan2017-08-221-2/+2
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | return b82c55a Add attribute [[noreturn]] (C++11) to functions that will not return (practicalswift) Pull request description: Add attribute `[[noreturn]]` (C++11) to functions that will not return. Rationale: * Reduce the number of false positives/false negatives from static analyzers with regards to things such as unused or unreachable code * Potentially enable additional compiler optimizations Tree-SHA512: 899683fe8b2fcf19bd334352271d368b46b805be9d426aac1808335fd95732d6d7078d3296951b9879196f3f6e3ec0fdb7695d0afdc3fbe4dd78a2ca70e91ff7
| * Add attribute [[noreturn]] (C++11) to functions that will not returnpracticalswift2017-07-171-2/+2
| | | | | | | | | | | | Rationale: * Reduce the number of false positives from static analyzers * Potentially enable additional compiler optimizations
* | Document the preference of nullptr over NULL or (void*)0practicalswift2017-08-181-1/+1
| |
* | Merge #10483: scripted-diff: Use the C++11 keyword nullptr to denote the ↵Wladimir J. van der Laan2017-08-141-3/+3
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | pointer literal instead of the macro NULL 90d4d89 scripted-diff: Use the C++11 keyword nullptr to denote the pointer literal instead of the macro NULL (practicalswift) Pull request description: Since C++11 the macro `NULL` may be: * an integer literal with value zero, or * a prvalue of type `std::nullptr_t` By using the C++11 keyword `nullptr` we are guaranteed a prvalue of type `std::nullptr_t`. For a more thorough discussion, see "A name for the null pointer: nullptr" (Sutter & Stroustrup), http://www.open-std.org/jtc1/sc22/wg21/docs/papers/2007/n2431.pdf With this patch applied there are no `NULL` macro usages left in the repo: ``` $ git grep NULL -- "*.cpp" "*.h" | egrep -v '(/univalue/|/secp256k1/|/leveldb/|_NULL|NULLDUMMY|torcontrol.*NULL|NULL cert)' | wc -l 0 ``` The road towards `nullptr` (C++11) is split into two PRs: * `NULL` → `nullptr` is handled in PR #10483 (scripted, this PR) * `0` → `nullptr` is handled in PR #10645 (manual) Tree-SHA512: 3c395d66f2ad724a8e6fed74b93634de8bfc0c0eafac94e64e5194c939499fefd6e68f047de3083ad0b4eff37df9a8a3a76349aa17d55eabbd8e0412f140a297
| * | scripted-diff: Use the C++11 keyword nullptr to denote the pointer literal ↵practicalswift2017-08-071-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | instead of the macro NULL -BEGIN VERIFY SCRIPT- sed -i 's/\<NULL\>/nullptr/g' src/*.cpp src/*.h src/*/*.cpp src/*/*.h src/qt/*/*.cpp src/qt/*/*.h src/wallet/*/*.cpp src/wallet/*/*.h src/support/allocators/*.h sed -i 's/Prefer nullptr, otherwise SAFECOOKIE./Prefer NULL, otherwise SAFECOOKIE./g' src/torcontrol.cpp sed -i 's/tor: Using nullptr authentication/tor: Using NULL authentication/g' src/torcontrol.cpp sed -i 's/METHODS=nullptr/METHODS=NULL/g' src/test/torcontrol_tests.cpp src/torcontrol.cpp sed -i 's/nullptr certificates/NULL certificates/g' src/qt/paymentserver.cpp sed -i 's/"nullptr"/"NULL"/g' src/torcontrol.cpp src/test/torcontrol_tests.cpp -END VERIFY SCRIPT-
* | | Check if sys/random.h is required for getentropy on OSX.James Hilliard2017-07-271-1/+13
|/ /
* | random: only use getentropy on openbsdCory Fields2017-07-171-1/+3
| |
* | Merge #10837: Fix resource leak on error in GetDevURandomWladimir J. van der Laan2017-07-171-0/+1
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | a8ae0b2 Fix resource leak (Dag Robole) Pull request description: Fixes a potential file handle leak when size of entropy is invalid Tree-SHA512: 692d24daaf370bba1f842925b037275126f9494f54769650bcf5829c794a0fb8561a86f42347bdf088a484e4f107bce7fa14cd7bdbfb4ecfbeb51968953da3ae
| * | Fix resource leakDag Robole2017-07-151-0/+1
| |/
* | Clarify entropy sourcePieter Wuille2017-07-141-1/+1
| |
* | Use cpuid intrinsics instead of asm codePieter Wuille2017-07-131-11/+6
|/
* random: fix crash on some 64bit platformsCory Fields2017-06-161-2/+8
| | | | | | | | rbx needs to be stashed in a 64bit register on 64bit platforms. With this crash in particular, it was holding a stack canary which was not properly restored after the cpuid. Split out the x86+PIC case so that x86_64 doesn't have to worry about it.
* Merge #10377: Use rdrand as entropy source on supported platformsWladimir J. van der Laan2017-06-141-0/+68
|\ | | | | | | | | | | cb24c85 Use rdrand as entropy source on supported platforms (Pieter Wuille) Tree-SHA512: c42eaa01a14e6bc097c70b6bf8540d61854c2f76cb32be69c2a3c411a126f7b4bf4a4486e4493c4cc367cc689319abde0d4adb799d29a54fd3e81767ce0766fc
| * Use rdrand as entropy source on supported platformsPieter Wuille2017-06-131-0/+68
| |
* | Add FastRandomContext::rand256() and ::randbytes()Pieter Wuille2017-06-051-0/+20
|/ | | | | FastRandomContext now provides all functionality that the real Rand* functions provide.
* Add perf counter data to GetStrongRandBytes state in schedulerMatt Corallo2017-05-221-0/+17
|
* Add internal method to add new random data to our internal RNG stateMatt Corallo2017-05-221-0/+16
|
* Merge #10338: Maintain state across GetStrongRandBytes callsPieter Wuille2017-05-091-1/+16
|\ | | | | | | | | | | 97477c5 Maintain state across GetStrongRandBytes calls (Pieter Wuille) Tree-SHA512: 77e9b1f3c6eeb0c2a3e0c64358150767222ff0b7120ccd5f4ae0276cea0e4fa275c1b757e3f20be07dc0b4ef07f70ab0b70112080c8d3d0cb6ed703db8a59168
| * Maintain state across GetStrongRandBytes callsPieter Wuille2017-05-041-1/+16
| |
* | Use sanity check timestamps as entropyPieter Wuille2017-05-051-0/+4
| |
* | Test that GetPerformanceCounter() incrementsPieter Wuille2017-05-051-1/+11
| |
* | Use hardware timestamps in RNG seedingPieter Wuille2017-05-051-7/+15
|/
* Merge #9792: FastRandomContext improvements and switch to ChaCha20Wladimir J. van der Laan2017-04-241-15/+18
|\ | | | | | | | | | | | | | | | | | | 4fd2d2f Add a FastRandomContext::randrange and use it (Pieter Wuille) 1632922 Switch FastRandomContext to ChaCha20 (Pieter Wuille) e04326f Add ChaCha20 (Pieter Wuille) 663fbae FastRandom benchmark (Pieter Wuille) c21cbe6 Introduce FastRandomContext::randbool() (Pieter Wuille) Tree-SHA512: 7fff61e3f6d6dc6ac846ca643d877b377db609646dd401a0e8f50b052c6b9bcd2f5fc34de6bbf28f04afd1724f6279ee163ead5f37d724fb782a00239f35db1d
| * Switch FastRandomContext to ChaCha20Pieter Wuille2017-03-291-15/+18
| |
* | Change LogAcceptCategory to use uint32_t rather than sets of strings.Gregory Maxwell2017-04-011-1/+1
|/ | | | | | | | | | | | | | | | | This changes the logging categories to boolean flags instead of strings. This simplifies the acceptance testing by avoiding accessing a scoped static thread local pointer to a thread local set of strings. It eliminates the only use of boost::thread_specific_ptr outside of lockorder debugging. This change allows log entries to be directed to multiple categories and makes it easy to change the logging flags at runtime (e.g. via an RPC, though that isn't done by this commit.) It also eliminates the fDebug global. Configuration of unknown logging categories now produces a warning.
* random: Add fallback if getrandom syscall not availableWladimir J. van der Laan2017-02-221-15/+34
| | | | | | If the code was compiled with newer (>=3.17) kernel headers but executed on a system without the system call, every use of random would crash the program. Add a fallback for that case.
* sanity: Move OS random to sanity check functionWladimir J. van der Laan2017-02-221-0/+30
| | | | | | | | Move the OS random test to a sanity check function that is called every time bitcoind is initialized. Keep `src/test/random_tests.cpp` for the case that later random tests are added, and keep a rudimentary test that just calls the sanity check.
* util: Specific GetOSRandom for Linux/FreeBSD/OpenBSDWladimir J. van der Laan2017-02-211-6/+50
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | These are available in sandboxes without access to files or devices. Also [they are safer and more straightforward](https://en.wikipedia.org/wiki/Entropy-supplying_system_calls) to use than `/dev/urandom` as reading from a file has quite a few edge cases: - Linux: `getrandom(buf, buflen, 0)`. [getrandom(2)](http://man7.org/linux/man-pages/man2/getrandom.2.html) was introduced in version 3.17 of the Linux kernel. - OpenBSD: `getentropy(buf, buflen)`. The [getentropy(2)](http://man.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man2/getentropy.2) function appeared in OpenBSD 5.6. - FreeBSD and NetBSD: `sysctl(KERN_ARND)`. Not sure when this was added but it has existed for quite a while. Alternatives: - Linux has sysctl `CTL_KERN` / `KERN_RANDOM` / `RANDOM_UUID` which gives 16 bytes of randomness. This may be available on older kernels, however [sysctl is deprecated on Linux](https://lwn.net/Articles/605392/) and even removed in some distros so we shouldn't use it. Add tests for `GetOSRand()`: - Test that no error happens (otherwise `RandFailure()` which aborts) - Test that all 32 bytes are overwritten (initialize with zeros, try multiple times) Discussion: - When to use these? Currently they are always used when available. Another option would be to use them only when `/dev/urandom` is not available. But this would mean these code paths receive less testing, and I'm not sure there is any reason to prefer `/dev/urandom`. Closes: #9676
* Increment MIT Licence copyright header year on files modified in 2016isle29832016-12-311-1/+1
| | | | | | Edited via: $ contrib/devtools/copyright_header.py update .
* Refactor: Removed begin/end_ptr functions.Karl-Johan Alm2016-12-091-4/+3
|
* Kill insecure_random and associated global stateWladimir J. van der Laan2016-10-171-6/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | There are only a few uses of `insecure_random` outside the tests. This PR replaces uses of insecure_random (and its accompanying global state) in the core code with an FastRandomContext that is automatically seeded on creation. This is meant to be used for inner loops. The FastRandomContext can be in the outer scope, or the class itself, then rand32() is used inside the loop. Useful e.g. for pushing addresses in CNode or the fee rounding, or randomization for coin selection. As a context is created per purpose, thus it gets rid of cross-thread unprotected shared usage of a single set of globals, this should also get rid of the potential race conditions. - I'd say TxMempool::check is not called enough to warrant using a special fast random context, this is switched to GetRand() (open for discussion...) - The use of `insecure_rand` in ConnectThroughProxy has been replaced by an atomic integer counter. The only goal here is to have a different credentials pair for each connection to go on a different Tor circuit, it does not need to be random nor unpredictable. - To avoid having a FastRandomContext on every CNode, the context is passed into PushAddress as appropriate. There remains an insecure_random for test usage in `test_random.h`.
* Don't use assert for catching randomness failuresPieter Wuille2016-05-291-6/+20
|
* Always require OS randomness when generating secret keysPieter Wuille2016-05-291-1/+47
|
* Bump copyright headers to 2015MarcoFalke2015-12-131-1/+1
|
* WIN32 Seed Cleanup: Move nLastPerfmon behind win32 ifdef.21E142015-02-251-3/+4
| | | | | Code to avoid calling Perfmon too often is only needed when perfmon is actually going to get called. This is not intended to make any functional difference in the addition of entropy to the random pool.
* openssl: abstract out OPENSSL_cleanseCory Fields2015-02-151-3/+3
| | | | | | This makes it easier for us to replace it if desired, since it's now only in one spot. Also, it avoids the openssl include from allocators.h, which essentially forced openssl to be included from every compilation unit.
* Added "Core" to copyright headerssandakersmann2014-12-191-1/+1
| | | | | Github-Pull: #5494 Rebased-From: 15de949bb9277e442302bdd8dee299a8d6deee60
* Remove references to X11 licenceMichael Ford2014-12-161-1/+1
|
* Make sure that GetRandomBytes never failsWladimir J. van der Laan2014-11-071-3/+2
| | | | | | | | | We're using GetRandomBytes in several contexts where it's either unwieldy to return an error, or an error would mean a fatal exception anyhow. @gmaxwell checked OpenSSL a while ago and discovered that it never actually fails, but it can't hurt to be a bit paranoid here.
* Apply clang-format on some infrequently-updated filesPieter Wuille2014-09-191-16/+12
|
* header include cleanupPhilip Kaufmann2014-09-141-1/+3
| | | | - ensures alphabetical ordering for includes etc. in source file headers
* Split up util.cpp/hWladimir J. van der Laan2014-08-261-1/+3
| | | | | | | | | | | | | | | | Split up util.cpp/h into: - string utilities (hex, base32, base64): no internal dependencies, no dependency on boost (apart from foreach) - money utilities (parsesmoney, formatmoney) - time utilities (gettime*, sleep, format date): - and the rest (logging, argument parsing, config file parsing) The latter is basically the environment and OS handling, and is stripped of all utility functions, so we may want to rename it to something else than util.cpp/h for clarity (Matt suggested osinterface). Breaks dependency of sha256.cpp on all the things pulled in by util.
* make RandAddSeed() use OPENSSL_cleanse()Philip Kaufmann2014-07-091-2/+1
| | | | - removes the cstring include and is also used in RandAddSeedPerfmon()
generated by cgit v1.2.3 (git 2.25.1) at 2026-03-11 21:25:57 +0000