aboutsummaryrefslogtreecommitdiff
path: root/src/random.cpp
Commit message (Collapse)AuthorAgeFilesLines
* scripted-diff: Bump copyright headersMarcoFalke2020-04-161-1/+1
| | | | | | -BEGIN VERIFY SCRIPT- ./contrib/devtools/copyright_header.py update ./ -END VERIFY SCRIPT-
* build: fix sysctl() detection on macOSfanquake2020-03-191-2/+2
| | | | | | | | | | | | | | | | | | sysctl() on *BSD takes a "const int *name", whereas sysctl() on macOS it takes an "int *name". So our configure check and sysctl() detection on macOS currently fails: ```bash /usr/include/sys/sysctl.h:759:9: note: candidate function not viable: no known conversion from 'const int [2]' to 'int *' for 1st argument int sysctl(int *, u_int, void *, size_t *, void *, size_t); ``` This change removes the name argument from the sysctl() detection check, meaning we will detect correctly on macOS and *BSD. For consistency we also switch to using the more generic, non-const version of the name parameter in the rest of our usage.
* doc: fix GetTimeMicros() comment in random.cppfanquake2020-03-171-1/+1
|
* rand: remove getentropy() fallback for macOS < 10.12fanquake2020-03-171-7/+4
|
* scripted-diff: Bump copyright of files changed in 2019MarcoFalke2019-12-301-1/+1
| | | | | | -BEGIN VERIFY SCRIPT- ./contrib/devtools/copyright_header.py update ./ -END VERIFY SCRIPT-
* Make env data logging optionalPieter Wuille2019-12-081-2/+2
|
* Move events_hasher into RNGState()Pieter Wuille2019-12-051-32/+39
|
* Merge #17507: random: mark RandAddPeriodic and SeedPeriodic as noexceptWladimir J. van der Laan2019-12-051-14/+4
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 55b2cb199c276781b6daa5438af2da57dea3ac52 random: mark RandAddPeriodic and SeedPeriodic as noexcept (fanquake) 461e547877da0c04db69e067c923cc4540aab03a doc: correct random.h docs after #17270 (fanquake) Pull request description: The usage of `MilliSleep()` in SeedPeriodic (previously SeedSleep) was [removed](https://github.com/bitcoin/bitcoin/pull/17270/commits/d61f2bb076d8f17840a8e79f1583d7f6e3e6d09a) in #17270, meaning it, and its users can now be marked `noexcept`. This also corrects the docs in random.h for some of the changes in #17270. ACKs for top commit: practicalswift: ACK 55b2cb199c276781b6daa5438af2da57dea3ac52 laanwj: ACK 55b2cb199c276781b6daa5438af2da57dea3ac52 sipa: ACK 55b2cb199c276781b6daa5438af2da57dea3ac52 Tree-SHA512: 672d369796e7c4f9b4d98dc545e5454999fa1bef373871994a26041d6163c58909e2255e4f820d3ef011679aa3392754eb57477306a89f5fd3d57e2bd7f0811a
| * random: mark RandAddPeriodic and SeedPeriodic as noexceptfanquake2019-11-181-13/+3
| | | | | | | | | | The usage of MilliSleep() in SeedPeriodic (previously SeedSleep) was removed in #17270, meaning it, and its users can now be marked noexcept.
| * doc: correct random.h docs after #17270fanquake2019-11-181-1/+1
| |
* | Seed RNG with precision timestamps on receipt of net messages.Matt Corallo2019-11-231-0/+33
| |
* | random: Remove remaining OpenSSL calls and locking infrastructurefanquake2019-11-181-35/+0
| |
* | random: stop retrieving random bytes from OpenSSLfanquake2019-11-181-4/+0
| | | | | | | | | | | | | | | | | | | | | | On the ::SLOW path we would use OpenSSL as an additional source of random bytes. This commit removes that functionality. Note that this was always only an additional source, and that we never checked the return value RAND_bytes(): https://www.openssl.org/docs/manmaster/man3/RAND_bytes.html RAND_bytes() puts num cryptographically strong pseudo-random bytes into buf.
* | random: stop feeding RNG output back into OpenSSLfanquake2019-11-181-8/+0
|/ | | | | | | | | | | | | On the ::SLOW or ::SLEEP paths, we would feed our RNG output back into OpenSSL using RAND_add. This commit removes that functionality. RAND_add(): https://www.openssl.org/docs/manmaster/man3/RAND_add.html RAND_add() mixes the num bytes at buf into the internal state of the random generator. This function will not normally be needed, as mentioned above. The randomness argument is an estimate of how much randomness is contained in buf, in bytes, and should be a number between zero and num.
* Report amount of data gathered from environmentPieter Wuille2019-11-121-0/+4
|
* Run background seeding periodically instead of unpredictablyPieter Wuille2019-11-121-29/+17
| | | | | | | | | | | | * Instead of calling RandAddSeedSleep anytime the scheduler goes idle, call its replacement (RandAddSeedPeriodic) just once per minute. This has better guarantees of actually being run, and helps limit how frequently the dynamic env data is gathered. * Since this code runs once per minute regardless now, we no longer need to keep track of the last time strengthening was run; just do it always. * Make strengthening time context dependent (100 ms at startup, 10 ms once per minute afterwards).
* [MOVEONLY] Move cpuid code from random & sha256 to compat/cpuidPieter Wuille2019-11-121-15/+2
|
* [MOVEONLY] Move perfmon data gathering to new randomenv modulePieter Wuille2019-11-121-42/+9
|
* doc: minor corrections in random.cppfanquake2019-11-121-3/+3
| | | | This should have been part of #17151.
* random: remove call to RAND_screen() (Windows only)fanquake2019-10-181-4/+0
| | | | | Follow up to https://github.com/bitcoin/bitcoin/pull/17151 where there were multiple calls to also remove our call to RAND_screen().
* doc: correct function name in ReportHardwareRand()fanquake2019-10-161-1/+1
|
* Remove unused includespracticalswift2019-10-151-2/+0
|
* net: Use mockable time for tx downloadMarcoFalke2019-06-171-0/+5
|
* Merge #15224: Add RNG strengthening (10ms once every minute)Wladimir J. van der Laan2019-05-181-4/+54
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 3cb9ce85d0c6d01217babf0df7efc2eabde1b12f Document strenghtening (Pieter Wuille) 1d207bc46f995ad3b5ae89bb504affaca09d10b1 Add hash strengthening to the RNG (Pieter Wuille) Pull request description: This patch improves the built-in RNG using hash strengthening. At startup, and once every minute, 32 bytes of entropy are produced from the RNG, repeatedly hashed using SHA512 for 10ms, and then fed back into the RNG, together with high-precision timestamps obtained every 1000 iterations. ACKs for commit 3cb9ce: pstratem: utACK 3cb9ce85d0c6d01217babf0df7efc2eabde1b12f Tree-SHA512: 4fb6f61639b392697beb81c5f0903f79f10dd1087bed7f34de2abb5c22704a671e37b2d828ed141492491863efb1e7d1fa04408a1d32c9de2f2cc8ac406bbe57
| * Add hash strengthening to the RNGPieter Wuille2019-05-061-4/+54
| | | | | | | | | | | | Once every minute, this will feed the RNG state through repeated SHA512 for 10ms. The timings of that operation are used as entropy source as well.
* | Add ChaCha20 encryption option (XOR)Jonas Schnelli2019-05-031-1/+1
| |
* | Merge #15250: Use RdSeed when available, and reduce RdRand loadWladimir J. van der Laan2019-02-181-38/+134
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 1435fabc19d2143187efb493cbe23225eaf851ae Use RdSeed when available, and reduce RdRand load (Pieter Wuille) Pull request description: This introduces support for autodetecting and using the RdSeed instruction on x86/x86_64 systems. In addition: * In SeedFast, only 64 bits of entropy are generated through RdRand (256 was relatively slow). * In SeedStartup, 256 bits of entropy are generated, using RdSeed (preferably) or RdRand (otherwise). Tree-SHA512: fb7d3e22e93e14592f4b07282aa79d7c3cc4e9debdd9978580b8d2562bbad345e289bf3f80de2c50c9b50b8bac2aa9b838f9f272f7f8d43f1efc0913aa8acce3
| * | Use RdSeed when available, and reduce RdRand loadPieter Wuille2019-02-031-38/+134
| |/ | | | | | | | | | | | | | | This introduces support for autodetecting and using the RdSeed instruction. In addition: * In SeedFast, only 64 bits of entropy are generated through RdRand (256 was relatively slow). * In SeedStartup, 256 bits of entropy are generated, using RdSeed (preferably) or RdRand (otherwise).
* / test: Make bloom tests deterministicMarcoFalke2019-02-021-1/+3
|/
* Document RNG design in random.hPieter Wuille2019-01-161-0/+8
|
* Use secure allocator for RNG statePieter Wuille2019-01-161-2/+4
|
* Encapsulate RNGState betterPieter Wuille2019-01-161-3/+6
|
* DRY: Implement GetRand using FastRandomContext::randrangePieter Wuille2019-01-161-11/+1
|
* Sprinkle some sweet noexcepts over the RNG codePieter Wuille2019-01-161-17/+32
|
* Remove hwrand_initialized.Pieter Wuille2019-01-161-4/+0
| | | | All access to hwrand is now gated by GetRNGState, which initializes the hwrand code.
* Switch all RNG code to the built-in PRNG.Pieter Wuille2019-01-161-67/+118
| | | | | | | | | | | | | | | | | | | | | | | It includes the following policy changes: * All GetRand* functions seed the stack pointer and rdrand result (in addition to the performance counter) * The periodic entropy added by the idle scheduler now seeds stack pointer, rdrand and perfmon data (once every 10 minutes) in addition to just a sleep timing. * The entropy added when calling GetStrongRandBytes no longer includes the once-per-10-minutes perfmon data on windows (it is moved to the idle scheduler instead, where latency matters less). Other changes: * OpenSSL is no longer seeded directly anywhere. Instead, any generated randomness through our own RNG is fed back to OpenSSL (after an additional hashing step to prevent leaking our RNG state). * Seeding that was previously done directly in RandAddSeedSleep is now moved to SeedSleep(), which is indirectly invoked through ProcRand from RandAddSeedSleep. * Seeding that was previously done directly in GetStrongRandBytes() is now moved to SeedSlow(), which is indirectly invoked through ProcRand from GetStrongRandBytes().
* Integrate util/system's CInit into RNGStatePieter Wuille2019-01-161-0/+43
| | | | | | | | | This guarantees that OpenSSL is initialized properly whenever randomness is used, even when that randomness is invoked from global constructors. Note that this patch uses Mutex directly, rather than CCriticalSection. This is because the lock-detection code is not necessarily initialized during global constructors.
* Abstract out seeding/extracting entropy into RNGState::MixExtractPieter Wuille2019-01-161-24/+36
|
* Add thread safety annotations to RNG statePieter Wuille2019-01-161-3/+4
|
* Rename some hardware RNG related functionsPieter Wuille2019-01-161-8/+13
|
* Automatically initialize RNG on first use.Pieter Wuille2019-01-161-18/+50
|
* Don't log RandAddSeedPerfmon detailsPieter Wuille2019-01-161-6/+6
| | | | | These are hard to deal with, as in a follow-up this function can get called before the logging infrastructure is initialized.
* Do not permit copying FastRandomContextsPieter Wuille2018-12-121-0/+14
|
* Bugfix: randbytes should seed when needed (non reachable issue)Pieter Wuille2018-12-121-0/+1
|
* scripted-diff: Move util files to separate directory.Jim Posen2018-11-041-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | -BEGIN VERIFY SCRIPT- mkdir -p src/util git mv src/util.h src/util/system.h git mv src/util.cpp src/util/system.cpp git mv src/utilmemory.h src/util/memory.h git mv src/utilmoneystr.h src/util/moneystr.h git mv src/utilmoneystr.cpp src/util/moneystr.cpp git mv src/utilstrencodings.h src/util/strencodings.h git mv src/utilstrencodings.cpp src/util/strencodings.cpp git mv src/utiltime.h src/util/time.h git mv src/utiltime.cpp src/util/time.cpp sed -i 's/<util\.h>/<util\/system\.h>/g' $(git ls-files 'src/*.h' 'src/*.cpp') sed -i 's/<utilmemory\.h>/<util\/memory\.h>/g' $(git ls-files 'src/*.h' 'src/*.cpp') sed -i 's/<utilmoneystr\.h>/<util\/moneystr\.h>/g' $(git ls-files 'src/*.h' 'src/*.cpp') sed -i 's/<utilstrencodings\.h>/<util\/strencodings\.h>/g' $(git ls-files 'src/*.h' 'src/*.cpp') sed -i 's/<utiltime\.h>/<util\/time\.h>/g' $(git ls-files 'src/*.h' 'src/*.cpp') sed -i 's/BITCOIN_UTIL_H/BITCOIN_UTIL_SYSTEM_H/g' src/util/system.h sed -i 's/BITCOIN_UTILMEMORY_H/BITCOIN_UTIL_MEMORY_H/g' src/util/memory.h sed -i 's/BITCOIN_UTILMONEYSTR_H/BITCOIN_UTIL_MONEYSTR_H/g' src/util/moneystr.h sed -i 's/BITCOIN_UTILSTRENCODINGS_H/BITCOIN_UTIL_STRENCODINGS_H/g' src/util/strencodings.h sed -i 's/BITCOIN_UTILTIME_H/BITCOIN_UTIL_TIME_H/g' src/util/time.h sed -i 's/ util\.\(h\|cpp\)/ util\/system\.\1/g' src/Makefile.am sed -i 's/utilmemory\.\(h\|cpp\)/util\/memory\.\1/g' src/Makefile.am sed -i 's/utilmoneystr\.\(h\|cpp\)/util\/moneystr\.\1/g' src/Makefile.am sed -i 's/utilstrencodings\.\(h\|cpp\)/util\/strencodings\.\1/g' src/Makefile.am sed -i 's/utiltime\.\(h\|cpp\)/util\/time\.\1/g' src/Makefile.am sed -i 's/-> util ->/-> util\/system ->/' test/lint/lint-circular-dependencies.sh sed -i 's/src\/util\.cpp/src\/util\/system\.cpp/g' test/lint/lint-format-strings.py test/lint/lint-locale-dependence.sh sed -i 's/src\/utilmoneystr\.cpp/src\/util\/moneystr\.cpp/g' test/lint/lint-locale-dependence.sh sed -i 's/src\/utilstrencodings\.\(h\|cpp\)/src\/util\/strencodings\.\1/g' test/lint/lint-locale-dependence.sh sed -i 's/src\\utilstrencodings\.cpp/src\\util\\strencodings\.cpp/' build_msvc/libbitcoinconsensus/libbitcoinconsensus.vcxproj -END VERIFY SCRIPT-
* scripted-diff: Small locking renameRussell Yanofsky2018-08-311-1/+1
| | | | | | | | | | | | | | | | | | | | | | | Call sync.h primitives "locks" and "mutexes" instead of "blocks" and "waitable critical sections" to match current coding conventions and c++11 standard names. This PR does not rename the "CCriticalSection" class (though this could be done as a followup) because it is used everywhere and would swamp the other changes in this PR. Plain mutexes should mostly be preferred instead of recursive mutexes in new code anyway. -BEGIN VERIFY SCRIPT- set -x set -e ren() { git grep -l $1 | xargs sed -i s/$1/$2/; } ren CCriticalBlock UniqueLock ren CWaitableCriticalSection Mutex ren CConditionVariable std::condition_variable ren cs_GenesisWait g_genesis_wait_mutex ren condvar_GenesisWait g_genesis_wait_cv perl -0777 -pi -e 's/.*typedef.*condition_variable.*\n\n?//g' src/sync.h -END VERIFY SCRIPT-
* Merge #11640: Make LOCK, LOCK2, TRY_LOCK work with CWaitableCriticalSectionWladimir J. van der Laan2018-08-311-3/+4
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | 9c4dc597ddc66acfd58a945a5ab11f833731abba Use LOCK macros for non-recursive locks (Russell Yanofsky) 1382913e61f5db6ba849b1e261e8aefcd5a1ae68 Make LOCK, LOCK2, TRY_LOCK work with CWaitableCriticalSection (Russell Yanofsky) ba1f095aadf29bddb0bd8176d2e0b908f92a5623 MOVEONLY Move AnnotatedMixin declaration (Russell Yanofsky) 41b88e93375d57db12da923f45f87b9a2db8e730 Add unit test for DEBUG_LOCKORDER code (Russell Yanofsky) Pull request description: Make LOCK macros work with non-recursive mutexes, and use wherever possible for better deadlock detection. Also add unit test for DEBUG_LOCKORDER code. Tree-SHA512: 64ef209307f28ecd0813a283f15c6406138c6ffe7f6cbbd084161044db60e2c099a7d0d2edcd1c5e7770a115e9b931b486e86c9a777bdc96d2e8a9f4dc192942
| * Use LOCK macros for non-recursive locksRussell Yanofsky2018-08-031-3/+4
| | | | | | | | Instead of std::unique_lock.
* | Update copyright headers to 2018DrahtBot2018-07-271-1/+1
|/
* Fix FreeBSD build by including utilstrencodings.hWladimir J. van der Laan2018-05-241-0/+1
| | | | | | | `random.cpp` needs to explicitly include `utilstrencodings.h` to get `ARRAYLEN`. This fixes the FreeBSD build. This was broken in 84f41946b9026e8bf7bc44ed848dfb945394b693.
generated by cgit v1.2.3 (git 2.25.1) at 2026-05-02 13:53:12 +0000