 |
Bitcoin Core
26.99.0
P2P Digital Currency
|
|
Bitcoin Core
26.99.0
P2P Digital Currency
|
#include <random.h>#include <compat/compat.h>#include <compat/cpuid.h>#include <crypto/chacha20.h>#include <crypto/sha256.h>#include <crypto/sha512.h>#include <logging.h>#include <randomenv.h>#include <span.h>#include <support/allocators/secure.h>#include <support/cleanse.h>#include <sync.h>#include <util/time.h>#include <array>#include <cmath>#include <cstdlib>#include <thread>#include <fcntl.h>#include <sys/time.h>Go to the source code of this file.
Enumerations | |
| enum class | RNGLevel { FAST , SLOW , PERIODIC } |
Functions | |
| static void | RandFailure () |
| static int64_t | GetPerformanceCounter () noexcept |
| static void | InitHardwareRand () |
| static void | ReportHardwareRand () |
| static void | SeedHardwareFast (CSHA512 &hasher) noexcept |
| Add 64 bits of entropy gathered from hardware to hasher. More... | |
| static void | SeedHardwareSlow (CSHA512 &hasher) noexcept |
| Add 256 bits of entropy gathered from hardware to hasher. More... | |
| static void | Strengthen (const unsigned char(&seed)[32], SteadyClock::duration dur, CSHA512 &hasher) noexcept |
| Use repeated SHA512 to strengthen the randomness in seed32, and feed into hasher. More... | |
| static void | GetDevURandom (unsigned char *ent32) |
| Fallback: get 32 bytes of system entropy from /dev/urandom. More... | |
| void | GetOSRand (unsigned char *ent32) |
| Get 32 bytes of system entropy. More... | |
| static void | SeedTimestamp (CSHA512 &hasher) noexcept |
| static void | SeedFast (CSHA512 &hasher) noexcept |
| static void | SeedSlow (CSHA512 &hasher, RNGState &rng) noexcept |
| static void | SeedStrengthen (CSHA512 &hasher, RNGState &rng, SteadyClock::duration dur) noexcept |
| Extract entropy from rng, strengthen it, and feed it into hasher. More... | |
| static void | SeedPeriodic (CSHA512 &hasher, RNGState &rng) noexcept |
| static void | SeedStartup (CSHA512 &hasher, RNGState &rng) noexcept |
| static void | ProcRand (unsigned char *out, int num, RNGLevel level) noexcept |
| void | GetRandBytes (Span< unsigned char > bytes) noexcept |
| Overall design of the RNG and entropy sources. More... | |
| void | GetStrongRandBytes (Span< unsigned char > bytes) noexcept |
| Gather entropy from various sources, feed it into the internal PRNG, and generate random data using it. More... | |
| void | RandAddPeriodic () noexcept |
| Gather entropy from various expensive sources, and feed them to the PRNG state. More... | |
| void | RandAddEvent (const uint32_t event_info) noexcept |
| Gathers entropy from the low bits of the time at which events occur. More... | |
| uint64_t | GetRandInternal (uint64_t nMax) noexcept |
| Generate a uniform random integer in the range [0..range). More... | |
| uint256 | GetRandHash () noexcept |
| bool | Random_SanityCheck () |
| Check that OS randomness is available and returning the requested number of bytes. More... | |
| void | RandomInit () |
| Initialize global RNG state and log any CPU features that are used. More... | |
| std::chrono::microseconds | GetExponentialRand (std::chrono::microseconds now, std::chrono::seconds average_interval) |
| Return a timestamp in the future sampled from an exponential distribution (https://en.wikipedia.org/wiki/Exponential_distribution). More... | |
Variables | |
| bool | g_mock_deterministic_tests {false} |
| Flag to make GetRand in random.h return the same number. More... | |
| static constexpr std::array< std::byte, ChaCha20::KEYLEN > | ZERO_KEY {} |
|
strong |
| Enumerator | |
|---|---|
| FAST | Automatically called by GetRandBytes. |
| SLOW | Automatically called by GetStrongRandBytes. |
| PERIODIC | Called by RandAddPeriodic() |
Definition at line 599 of file random.cpp.
|
static |
Fallback: get 32 bytes of system entropy from /dev/urandom.
The most compatible way to get cryptographic randomness on UNIX-ish platforms.
Definition at line 327 of file random.cpp.
| std::chrono::microseconds GetExponentialRand | ( | std::chrono::microseconds | now, |
| std::chrono::seconds | average_interval | ||
| ) |
Return a timestamp in the future sampled from an exponential distribution (https://en.wikipedia.org/wiki/Exponential_distribution).
This distribution is memoryless and should be used for repeated network events (e.g. sending a certain type of message) to minimize leaking information to observers.
The probability of an event occurring before time x is 1 - e^-(x/a) where a is the average interval between events.
Definition at line 760 of file random.cpp.
| void GetOSRand | ( | unsigned char * | ent32 | ) |
Get 32 bytes of system entropy.
Do not use this in application code: use GetStrongRandBytes instead.
Definition at line 347 of file random.cpp.
|
inlinestaticnoexcept |
|
noexcept |
Overall design of the RNG and entropy sources.
We maintain a single global 256-bit RNG state for all high-quality randomness. The following (classes of) functions interact with that state by mixing in new entropy, and optionally extracting random output from it:
On first use of the RNG (regardless of what function is called first), all entropy sources used in the 'slow' seeder are included, but also:
When mixing in new entropy, H = SHA512(entropy || old_rng_state) is computed, and (up to) the first 32 bytes of H are produced as output, while the last 32 bytes become the new RNG state. Generate random data via the internal PRNG.
These functions are designed to be fast (sub microsecond), but do not necessarily meaningfully add entropy to the PRNG state.
Thread-safe.
Definition at line 634 of file random.cpp.
|
noexcept |
Definition at line 646 of file random.cpp.
|
noexcept |
Generate a uniform random integer in the range [0..range).
Precondition: range > 0
Definition at line 641 of file random.cpp.
|
noexcept |
Gather entropy from various sources, feed it into the internal PRNG, and generate random data using it.
This function will cause failure whenever the OS RNG fails.
Thread-safe.
Definition at line 635 of file random.cpp.
|
static |
Definition at line 241 of file random.cpp.
|
staticnoexcept |
Definition at line 605 of file random.cpp.
|
noexcept |
Gathers entropy from the low bits of the time at which events occur.
Should be called with a uint32_t describing the event at the time an event occurs.
Thread-safe.
Definition at line 637 of file random.cpp.
|
noexcept |
Gather entropy from various expensive sources, and feed them to the PRNG state.
Thread-safe.
Definition at line 636 of file random.cpp.
|
static |
| bool Random_SanityCheck | ( | ) |
Check that OS randomness is available and returning the requested number of bytes.
Definition at line 686 of file random.cpp.
| void RandomInit | ( | ) |
Initialize global RNG state and log any CPU features that are used.
Calling this function is optional. RNG state will be initialized when first needed if it is not called.
Definition at line 752 of file random.cpp.
|
static |
|
staticnoexcept |
Definition at line 513 of file random.cpp.
|
staticnoexcept |
Add 64 bits of entropy gathered from hardware to hasher.
Do nothing if not supported.
Definition at line 246 of file random.cpp.
|
staticnoexcept |
Add 256 bits of entropy gathered from hardware to hasher.
Do nothing if not supported.
Definition at line 263 of file random.cpp.
|
staticnoexcept |
Definition at line 559 of file random.cpp.
|
staticnoexcept |
Definition at line 528 of file random.cpp.
|
staticnoexcept |
Definition at line 579 of file random.cpp.
|
staticnoexcept |
Extract entropy from rng, strengthen it, and feed it into hasher.
Definition at line 550 of file random.cpp.
|
staticnoexcept |
Definition at line 507 of file random.cpp.
|
staticnoexcept |
Use repeated SHA512 to strengthen the randomness in seed32, and feed into hasher.
Definition at line 296 of file random.cpp.
| bool g_mock_deterministic_tests {false} |
Flag to make GetRand in random.h return the same number.
Definition at line 639 of file random.cpp.
|
staticconstexpr |
Definition at line 732 of file random.cpp.
1.9.1