Merge bitcoin/bitcoin#24213: refactor: use Span in random.*

3ae7791bca refactor: use Span in random.* (pasta)

Pull request description:

  ~This PR does two things~
  1. use a Span<unsigned char> for GetRandBytes and GetStrongRandBytes

  ~2. make GetRand a template for which any integral type can be used, where the default behavior is to return a random integral up to the max of the integral unless a max is provided.
  This simplifies a lot of code from `GetRand(std::numeric_limits<uint64_t>::max()` -> `GetRand<uint64_t>()`~

  MarcoFalke this was inspired by your comment here: https://github.com/bitcoin/bitcoin/pull/24185#issuecomment-1025514263 about using Span, so hopefully I'll be able to get this PR done and merged 😂

  ~Also, if requested I could revert the `GetRand(std::numeric_limits<uint64_t>::max()` -> `GetRand<uint64_t>()` related changes if it ends up causing too many conflicts~

ACKs for top commit:
  laanwj:
    Thank you! Code review re-ACK 3ae7791bca

Tree-SHA512: 12375a83b68b288916ba0de81cfcab4aac14389a66a36811ae850427435eb67dd55e47df9ac3ec47db4e214f4330139e548bec815fff8a3f571484ea558dca79
This commit is contained in:
laanwj 2022-04-21 15:42:41 +02:00
commit 43bb106613
No known key found for this signature in database
GPG key ID: 1E4AED62986CD25D
12 changed files with 21 additions and 19 deletions

View file

@ -49,7 +49,7 @@ bool SerializeFileDB(const std::string& prefix, const fs::path& path, const Data
{ {
// Generate random temporary filename // Generate random temporary filename
uint16_t randv = 0; uint16_t randv = 0;
GetRandBytes((unsigned char*)&randv, sizeof(randv)); GetRandBytes({(unsigned char*)&randv, sizeof(randv)});
std::string tmpfn = strprintf("%s.%04x", prefix, randv); std::string tmpfn = strprintf("%s.%04x", prefix, randv);
// open temp output file, and associate with CAutoFile // open temp output file, and associate with CAutoFile

View file

@ -227,7 +227,7 @@ const unsigned int CDBWrapper::OBFUSCATE_KEY_NUM_BYTES = 8;
std::vector<unsigned char> CDBWrapper::CreateObfuscateKey() const std::vector<unsigned char> CDBWrapper::CreateObfuscateKey() const
{ {
std::vector<uint8_t> ret(OBFUSCATE_KEY_NUM_BYTES); std::vector<uint8_t> ret(OBFUSCATE_KEY_NUM_BYTES);
GetRandBytes(ret.data(), OBFUSCATE_KEY_NUM_BYTES); GetRandBytes(ret);
return ret; return ret;
} }

View file

@ -159,7 +159,7 @@ bool CKey::Check(const unsigned char *vch) {
void CKey::MakeNewKey(bool fCompressedIn) { void CKey::MakeNewKey(bool fCompressedIn) {
do { do {
GetStrongRandBytes(keydata.data(), keydata.size()); GetStrongRandBytes(keydata);
} while (!Check(keydata.data())); } while (!Check(keydata.data()));
fValid = true; fValid = true;
fCompressed = fCompressedIn; fCompressed = fCompressedIn;
@ -244,7 +244,7 @@ bool CKey::VerifyPubKey(const CPubKey& pubkey) const {
} }
unsigned char rnd[8]; unsigned char rnd[8];
std::string str = "Bitcoin key verification\n"; std::string str = "Bitcoin key verification\n";
GetRandBytes(rnd, sizeof(rnd)); GetRandBytes(rnd);
uint256 hash; uint256 hash;
CHash256().Write(MakeUCharSpan(str)).Write(rnd).Finalize(hash); CHash256().Write(MakeUCharSpan(str)).Write(rnd).Finalize(hash);
std::vector<unsigned char> vchSig; std::vector<unsigned char> vchSig;
@ -397,7 +397,7 @@ void ECC_Start() {
{ {
// Pass in a random blinding seed to the secp256k1 context. // Pass in a random blinding seed to the secp256k1 context.
std::vector<unsigned char, secure_allocator<unsigned char>> vseed(32); std::vector<unsigned char, secure_allocator<unsigned char>> vseed(32);
GetRandBytes(vseed.data(), 32); GetRandBytes(vseed);
bool ret = secp256k1_context_randomize(ctx, vseed.data()); bool ret = secp256k1_context_randomize(ctx, vseed.data());
assert(ret); assert(ret);
} }

View file

@ -4472,7 +4472,7 @@ void PeerManagerImpl::MaybeSendPing(CNode& node_to, Peer& peer, std::chrono::mic
if (pingSend) { if (pingSend) {
uint64_t nonce = 0; uint64_t nonce = 0;
while (nonce == 0) { while (nonce == 0) {
GetRandBytes((unsigned char*)&nonce, sizeof(nonce)); GetRandBytes({(unsigned char*)&nonce, sizeof(nonce)});
} }
peer.m_ping_queued = false; peer.m_ping_queued = false;
peer.m_ping_start = now; peer.m_ping_start = now;

View file

@ -16,6 +16,7 @@
#include <logging.h> #include <logging.h>
#include <randomenv.h> #include <randomenv.h>
#include <support/allocators/secure.h> #include <support/allocators/secure.h>
#include <span.h>
#include <sync.h> // for Mutex #include <sync.h> // for Mutex
#include <util/time.h> // for GetTimeMicros() #include <util/time.h> // for GetTimeMicros()
@ -578,8 +579,8 @@ static void ProcRand(unsigned char* out, int num, RNGLevel level) noexcept
} }
} }
void GetRandBytes(unsigned char* buf, int num) noexcept { ProcRand(buf, num, RNGLevel::FAST); } void GetRandBytes(Span<unsigned char> bytes) noexcept { ProcRand(bytes.data(), bytes.size(), RNGLevel::FAST); }
void GetStrongRandBytes(unsigned char* buf, int num) noexcept { ProcRand(buf, num, RNGLevel::SLOW); } void GetStrongRandBytes(Span<unsigned char> bytes) noexcept { ProcRand(bytes.data(), bytes.size(), RNGLevel::SLOW); }
void RandAddPeriodic() noexcept { ProcRand(nullptr, 0, RNGLevel::PERIODIC); } void RandAddPeriodic() noexcept { ProcRand(nullptr, 0, RNGLevel::PERIODIC); }
void RandAddEvent(const uint32_t event_info) noexcept { GetRNGState().AddEvent(event_info); } void RandAddEvent(const uint32_t event_info) noexcept { GetRNGState().AddEvent(event_info); }
@ -598,7 +599,7 @@ int GetRandInt(int nMax) noexcept
uint256 GetRandHash() noexcept uint256 GetRandHash() noexcept
{ {
uint256 hash; uint256 hash;
GetRandBytes((unsigned char*)&hash, sizeof(hash)); GetRandBytes(hash);
return hash; return hash;
} }

View file

@ -8,6 +8,7 @@
#include <crypto/chacha20.h> #include <crypto/chacha20.h>
#include <crypto/common.h> #include <crypto/common.h>
#include <span.h>
#include <uint256.h> #include <uint256.h>
#include <chrono> #include <chrono>
@ -66,7 +67,7 @@
* *
* Thread-safe. * Thread-safe.
*/ */
void GetRandBytes(unsigned char* buf, int num) noexcept; void GetRandBytes(Span<unsigned char> bytes) noexcept;
/** Generate a uniform random integer in the range [0..range). Precondition: range > 0 */ /** Generate a uniform random integer in the range [0..range). Precondition: range > 0 */
uint64_t GetRand(uint64_t nMax) noexcept; uint64_t GetRand(uint64_t nMax) noexcept;
/** Generate a uniform random duration in the range [0..max). Precondition: max.count() > 0 */ /** Generate a uniform random duration in the range [0..max). Precondition: max.count() > 0 */
@ -105,7 +106,7 @@ uint256 GetRandHash() noexcept;
* *
* Thread-safe. * Thread-safe.
*/ */
void GetStrongRandBytes(unsigned char* buf, int num) noexcept; void GetStrongRandBytes(Span<unsigned char> bytes) noexcept;
/** /**
* Gather entropy from various expensive sources, and feed them to the PRNG state. * Gather entropy from various expensive sources, and feed them to the PRNG state.

View file

@ -82,7 +82,7 @@ bool GenerateAuthCookie(std::string *cookie_out)
{ {
const size_t COOKIE_SIZE = 32; const size_t COOKIE_SIZE = 32;
unsigned char rand_pwd[COOKIE_SIZE]; unsigned char rand_pwd[COOKIE_SIZE];
GetRandBytes(rand_pwd, COOKIE_SIZE); GetRandBytes(rand_pwd);
std::string cookie = COOKIEAUTH_USER + ":" + HexStr(rand_pwd); std::string cookie = COOKIEAUTH_USER + ":" + HexStr(rand_pwd);
/** the umask determines what permissions are used to create this file - /** the umask determines what permissions are used to create this file -

View file

@ -204,7 +204,7 @@ BOOST_AUTO_TEST_CASE(key_key_negation)
// create a dummy hash for signature comparison // create a dummy hash for signature comparison
unsigned char rnd[8]; unsigned char rnd[8];
std::string str = "Bitcoin key verification\n"; std::string str = "Bitcoin key verification\n";
GetRandBytes(rnd, sizeof(rnd)); GetRandBytes(rnd);
uint256 hash; uint256 hash;
CHash256().Write(MakeUCharSpan(str)).Write(rnd).Finalize(hash); CHash256().Write(MakeUCharSpan(str)).Write(rnd).Finalize(hash);

View file

@ -582,7 +582,7 @@ void TorController::protocolinfo_cb(TorControlConnection& _conn, const TorContro
// _conn.Command("AUTHENTICATE " + HexStr(status_cookie.second), std::bind(&TorController::auth_cb, this, std::placeholders::_1, std::placeholders::_2)); // _conn.Command("AUTHENTICATE " + HexStr(status_cookie.second), std::bind(&TorController::auth_cb, this, std::placeholders::_1, std::placeholders::_2));
cookie = std::vector<uint8_t>(status_cookie.second.begin(), status_cookie.second.end()); cookie = std::vector<uint8_t>(status_cookie.second.begin(), status_cookie.second.end());
clientNonce = std::vector<uint8_t>(TOR_NONCE_SIZE, 0); clientNonce = std::vector<uint8_t>(TOR_NONCE_SIZE, 0);
GetRandBytes(clientNonce.data(), TOR_NONCE_SIZE); GetRandBytes(clientNonce);
_conn.Command("AUTHCHALLENGE SAFECOOKIE " + HexStr(clientNonce), std::bind(&TorController::authchallenge_cb, this, std::placeholders::_1, std::placeholders::_2)); _conn.Command("AUTHCHALLENGE SAFECOOKIE " + HexStr(clientNonce), std::bind(&TorController::authchallenge_cb, this, std::placeholders::_1, std::placeholders::_2));
} else { } else {
if (status_cookie.first) { if (status_cookie.first) {

View file

@ -8,8 +8,8 @@
ByteVectorHash::ByteVectorHash() ByteVectorHash::ByteVectorHash()
{ {
GetRandBytes(reinterpret_cast<unsigned char*>(&m_k0), sizeof(m_k0)); GetRandBytes({reinterpret_cast<unsigned char*>(&m_k0), sizeof(m_k0)});
GetRandBytes(reinterpret_cast<unsigned char*>(&m_k1), sizeof(m_k1)); GetRandBytes({reinterpret_cast<unsigned char*>(&m_k1), sizeof(m_k1)});
} }
size_t ByteVectorHash::operator()(const std::vector<unsigned char>& input) const size_t ByteVectorHash::operator()(const std::vector<unsigned char>& input) const

View file

@ -81,7 +81,7 @@ BOOST_AUTO_TEST_CASE(passphrase) {
std::string hash(GetRandHash().ToString()); std::string hash(GetRandHash().ToString());
std::vector<unsigned char> vchSalt(8); std::vector<unsigned char> vchSalt(8);
GetRandBytes(vchSalt.data(), vchSalt.size()); GetRandBytes(vchSalt);
uint32_t rounds = InsecureRand32(); uint32_t rounds = InsecureRand32();
if (rounds > 30000) if (rounds > 30000)
rounds = 30000; rounds = 30000;

View file

@ -682,12 +682,12 @@ bool CWallet::EncryptWallet(const SecureString& strWalletPassphrase)
CKeyingMaterial _vMasterKey; CKeyingMaterial _vMasterKey;
_vMasterKey.resize(WALLET_CRYPTO_KEY_SIZE); _vMasterKey.resize(WALLET_CRYPTO_KEY_SIZE);
GetStrongRandBytes(_vMasterKey.data(), WALLET_CRYPTO_KEY_SIZE); GetStrongRandBytes(_vMasterKey);
CMasterKey kMasterKey; CMasterKey kMasterKey;
kMasterKey.vchSalt.resize(WALLET_CRYPTO_SALT_SIZE); kMasterKey.vchSalt.resize(WALLET_CRYPTO_SALT_SIZE);
GetStrongRandBytes(kMasterKey.vchSalt.data(), WALLET_CRYPTO_SALT_SIZE); GetStrongRandBytes(kMasterKey.vchSalt);
CCrypter crypter; CCrypter crypter;
int64_t nStartTime = GetTimeMillis(); int64_t nStartTime = GetTimeMillis();