zcashd/src/random.cpp

// Copyright (c) 2009-2010 Satoshi Nakamoto
// Copyright (c) 2009-2014 The Bitcoin Core developers
// Copyright (c) 2016-2023 The Zcash developers
// Distributed under the MIT software license, see the accompanying
// file COPYING or https://www.opensource.org/licenses/mit-license.php .

#include "random.h"

#include "support/cleanse.h"
#ifdef WIN32
#include "compat.h" // for Windows API
#endif
#include "logging.h"  // for LogPrint()
#include "util/time.h" // for GetTime()

#include <limits>

#ifndef WIN32
#include <fcntl.h>
#include <sys/time.h>
#endif

#include <librustzcash.h>

static inline int64_t GetPerformanceCounter()
{
    int64_t nCounter = 0;
#ifdef WIN32
    QueryPerformanceCounter((LARGE_INTEGER*)&nCounter);
#else
    timeval t;
    gettimeofday(&t, NULL);
    nCounter = (int64_t)(t.tv_sec * 1000000 + t.tv_usec);
#endif
    return nCounter;
}

void GetRandBytes(unsigned char* buf, size_t num)
{
    librustzcash_getrandom(buf, num);
}

uint128_t GetRandUInt128(uint128_t nMax)
{
    return GetRandGeneric(nMax);
}

int128_t GetRandInt128(int128_t nMax)
{
    assert(nMax >= 0);
    return GetRandUInt128(nMax);
}

uint64_t GetRand(uint64_t nMax)
{
    return GetRandGeneric(nMax);
}

int64_t GetRandInt64(int64_t nMax)
{
    assert(nMax >= 0);
    return GetRand(nMax);
}

int GetRandInt(int nMax)
{
    assert(nMax >= 0);
    return GetRand(nMax);
}

uint256 GetRandHash()
{
    uint256 hash;
    GetRandBytes((unsigned char*)&hash, sizeof(hash));
    return hash;
}

void FastRandomContext::RandomSeed()
{
    uint256 seed = GetRandHash();
    rng.SetKey(seed.begin(), 32);
    requires_seed = false;
}

uint256 FastRandomContext::rand256()
{
    if (bytebuf_size < 32) {
        FillByteBuffer();
    }
    uint256 ret;
    memcpy(ret.begin(), bytebuf + 64 - bytebuf_size, 32);
    bytebuf_size -= 32;
    return ret;
}

std::vector<unsigned char> FastRandomContext::randbytes(size_t len)
{
    std::vector<unsigned char> ret(len);
    if (len > 0) {
        rng.Output(&ret[0], len);
    }
    return ret;
}

FastRandomContext::FastRandomContext(const uint256& seed) : requires_seed(false), bytebuf_size(0), bitbuf_size(0)
{
    rng.SetKey(seed.begin(), 32);
}

int GenIdentity(int n)
{
    return n-1;
}

FastRandomContext::FastRandomContext(bool fDeterministic) : requires_seed(!fDeterministic), bytebuf_size(0), bitbuf_size(0)
{
    if (!fDeterministic) {
        return;
    }
    uint256 seed;
    rng.SetKey(seed.begin(), 32);
}
move rand functions from util to new random.h/.cpp 2014-06-26 05:41:53 -07:00			`// Copyright (c) 2009-2010 Satoshi Nakamoto`
Added "Core" to copyright headers Github-Pull: #5494 Rebased-From: 15de949bb9277e442302bdd8dee299a8d6deee60 2014-12-16 17:47:57 -08:00			`// Copyright (c) 2009-2014 The Bitcoin Core developers`
scripted-diff: Update Zcash copyrights to 2023 -BEGIN VERIFY SCRIPT- for party in "The Zcash developers" "The Bitcoin Core developers" "Bitcoin Developers"; do sed -i"" -e "s#Copyright (c) \([0-9]\{4\}\)\(-[0-9]\{4\}\)\? $party#Copyright (c) \1-2023 $party#" COPYING sed -i"" -e "s#\(.\)\([0-9]\{4\}\)\(-[0-9]\{4\}\)\, $party#\1\2-2023, $party#" contrib/debian/copyright done sed -i"" -e "s/define(_COPYRIGHT_YEAR, [0-9]\{4\})/define(_COPYRIGHT_YEAR, 2023)/" configure.ac sed -i"" -e "s/#define COPYRIGHT_YEAR [0-9]\{4\}/#define COPYRIGHT_YEAR 2023/" src/clientversion.h git grep "^// Copyright (c) . The Zcash developers" \ \| awk -F ':' '{print $1}' \ \| xargs -I {} sed -i"" -e "s#// Copyright (c) \([0-9]\{4\}\)\(-[0-9]\{4\}\)\? The Zcash developers#// Copyright (c) \1-2023 The Zcash developers#" {} -END VERIFY SCRIPT- 2023-01-23 10:31:54 -08:00			`// Copyright (c) 2016-2023 The Zcash developers`
Remove references to X11 licence 2014-12-12 20:09:33 -08:00			`// Distributed under the MIT software license, see the accompanying`
Replace http with https: in links to the MIT license. Also change MIT/X11 to just MIT, since no distinction was intended. Signed-off-by: Daira Hopwood <daira@jacaranda.org> 2019-07-18 07:16:09 -07:00			`// file COPYING or https://www.opensource.org/licenses/mit-license.php .`
move rand functions from util to new random.h/.cpp 2014-06-26 05:41:53 -07:00
			`#include "random.h"`

openssl: abstract out OPENSSL_cleanse This makes it easier for us to replace it if desired, since it's now only in one spot. Also, it avoids the openssl include from allocators.h, which essentially forced openssl to be included from every compilation unit. 2015-01-20 16:23:25 -08:00			`#include "support/cleanse.h"`
move rand functions from util to new random.h/.cpp 2014-06-26 05:41:53 -07:00			`#ifdef WIN32`
			`#include "compat.h" // for Windows API`
			`#endif`
break circular dependency: random/sync -> util -> random/sync (cherry picked from commit bitcoin/bitcoin@84f41946b9026e8bf7bc44ed848dfb945394b693) 2018-05-15 02:27:14 -07:00			`#include "logging.h" // for LogPrint()`
scripted-diff: Move util files to separate directory. -BEGIN VERIFY SCRIPT- mkdir -p src/util git mv src/util.h src/util/system.h git mv src/util.cpp src/util/system.cpp git mv src/utilmoneystr.h src/util/moneystr.h git mv src/utilmoneystr.cpp src/util/moneystr.cpp git mv src/utilstrencodings.h src/util/strencodings.h git mv src/utilstrencodings.cpp src/util/strencodings.cpp git mv src/utiltime.h src/util/time.h git mv src/utiltime.cpp src/util/time.cpp sed -i -e 's/"util\.h"/"util\/system\.h"/g' $(git ls-files 'src/.h' 'src/.cpp') git checkout HEAD -- src/secp256k1 # exclude secp256k1, which has its own "util.h" sed -i -e 's/"utilmoneystr\.h"/"util\/moneystr\.h"/g' $(git ls-files 'src/.h' 'src/.cpp') sed -i -e 's/"utilstrencodings\.h"/"util\/strencodings\.h"/g' $(git ls-files 'src/.h' 'src/.cpp') sed -i -e 's/<utilstrencodings\.h>/<util\/strencodings\.h>/g' $(git ls-files 'src/.h' 'src/.cpp') sed -i -e 's/"utiltime\.h"/"util\/time\.h"/g' $(git ls-files 'src/.h' 'src/.cpp') sed -i -e 's/BITCOIN_UTIL_H/BITCOIN_UTIL_SYSTEM_H/g' src/util/system.h sed -i -e 's/BITCOIN_UTILMONEYSTR_H/BITCOIN_UTIL_MONEYSTR_H/g' src/util/moneystr.h sed -i -e 's/BITCOIN_UTILSTRENCODINGS_H/BITCOIN_UTIL_STRENCODINGS_H/g' src/util/strencodings.h sed -i -e 's/BITCOIN_UTILTIME_H/BITCOIN_UTIL_TIME_H/g' src/util/time.h sed -i -e 's/ util\.\(h\\|cpp\)/ util\/system\.\1/g' src/Makefile.am sed -i -e 's/utilmoneystr\.\(h\\|cpp\)/util\/moneystr\.\1/g' src/Makefile.am sed -i -e 's/utilstrencodings\.\(h\\|cpp\)/util\/strencodings\.\1/g' src/Makefile.am sed -i -e 's/utiltime\.\(h\\|cpp\)/util\/time\.\1/g' src/Makefile.am sed -i -e 's/src\/util\.cpp/src\/util\/system\.cpp/g' test/lint/lint-locale-dependence.sh sed -i -e 's/src\/utilmoneystr\.cpp/src\/util\/moneystr\.cpp/g' test/lint/lint-locale-dependence.sh sed -i -e 's/src\/utilstrencodings\.\(h\\|cpp\)/src\/util\/strencodings\.\1/g' test/lint/lint-locale-dependence.sh -END VERIFY SCRIPT- 2018-10-22 15:51:11 -07:00			`#include "util/time.h" // for GetTime()`
move rand functions from util to new random.h/.cpp 2014-06-26 05:41:53 -07:00
header include cleanup - ensures alphabetical ordering for includes etc. in source file headers 2014-09-14 03:43:56 -07:00			`#include <limits>`

move rand functions from util to new random.h/.cpp 2014-06-26 05:41:53 -07:00			`#ifndef WIN32`
break circular dependency: random/sync -> util -> random/sync (cherry picked from commit bitcoin/bitcoin@84f41946b9026e8bf7bc44ed848dfb945394b693) 2018-05-15 02:27:14 -07:00			`#include <fcntl.h>`
move rand functions from util to new random.h/.cpp 2014-06-26 05:41:53 -07:00			`#include <sys/time.h>`
			`#endif`
header include cleanup - ensures alphabetical ordering for includes etc. in source file headers 2014-09-14 03:43:56 -07:00
Replace libsodium's randombytes_buf with rand_core::OsRng::fill_bytes 2020-07-13 22:34:03 -07:00			`#include <librustzcash.h>`
move rand functions from util to new random.h/.cpp 2014-06-26 05:41:53 -07:00
			`static inline int64_t GetPerformanceCounter()`
			`{`
			`int64_t nCounter = 0;`
			`#ifdef WIN32`
			`QueryPerformanceCounter((LARGE_INTEGER*)&nCounter);`
			`#else`
			`timeval t;`
			`gettimeofday(&t, NULL);`
			`nCounter = (int64_t)(t.tv_sec * 1000000 + t.tv_usec);`
			`#endif`
			`return nCounter;`
			`}`

Use libsodium's CSPRNG instead of OpenSSL's 2016-10-28 19:03:55 -07:00			`void GetRandBytes(unsigned char* buf, size_t num)`
move rand functions from util to new random.h/.cpp 2014-06-26 05:41:53 -07:00			`{`
Replace libsodium's randombytes_buf with rand_core::OsRng::fill_bytes 2020-07-13 22:34:03 -07:00			`librustzcash_getrandom(buf, num);`
move rand functions from util to new random.h/.cpp 2014-06-26 05:41:53 -07:00			`}`

ZIP 317 block construction algorithm. This breaks tests which are repaired in subsequent commits. Signed-off-by: Daira Emma Hopwood <daira@jacaranda.org> 2023-04-14 18:08:04 -07:00			`uint128_t GetRandUInt128(uint128_t nMax)`
move rand functions from util to new random.h/.cpp 2014-06-26 05:41:53 -07:00			`{`
ZIP 317 block construction algorithm. This breaks tests which are repaired in subsequent commits. Signed-off-by: Daira Emma Hopwood <daira@jacaranda.org> 2023-04-14 18:08:04 -07:00			`return GetRandGeneric(nMax);`
			`}`
move rand functions from util to new random.h/.cpp 2014-06-26 05:41:53 -07:00
ZIP 317 block construction algorithm. This breaks tests which are repaired in subsequent commits. Signed-off-by: Daira Emma Hopwood <daira@jacaranda.org> 2023-04-14 18:08:04 -07:00			`int128_t GetRandInt128(int128_t nMax)`
			`{`
Add assertions that `GetRandInt*` functions are called with `nMax >= 0`. All existing uses have been checked to ensure they are consistent with this assertion. Signed-off-by: Daira Emma Hopwood <daira@jacaranda.org> 2023-04-18 04:44:43 -07:00			`assert(nMax >= 0);`
ZIP 317 block construction algorithm. This breaks tests which are repaired in subsequent commits. Signed-off-by: Daira Emma Hopwood <daira@jacaranda.org> 2023-04-14 18:08:04 -07:00			`return GetRandUInt128(nMax);`
			`}`

			`uint64_t GetRand(uint64_t nMax)`
			`{`
			`return GetRandGeneric(nMax);`
move rand functions from util to new random.h/.cpp 2014-06-26 05:41:53 -07:00			`}`

Refactoring to split the weighted tx tree out of mempool_limit.{cpp,h} and make it more reusable. Signed-off-by: Daira Hopwood <daira@jacaranda.org> 2023-02-03 02:38:25 -08:00			`int64_t GetRandInt64(int64_t nMax)`
			`{`
Add assertions that `GetRandInt*` functions are called with `nMax >= 0`. All existing uses have been checked to ensure they are consistent with this assertion. Signed-off-by: Daira Emma Hopwood <daira@jacaranda.org> 2023-04-18 04:44:43 -07:00			`assert(nMax >= 0);`
Refactoring to split the weighted tx tree out of mempool_limit.{cpp,h} and make it more reusable. Signed-off-by: Daira Hopwood <daira@jacaranda.org> 2023-02-03 02:38:25 -08:00			`return GetRand(nMax);`
			`}`

move rand functions from util to new random.h/.cpp 2014-06-26 05:41:53 -07:00			`int GetRandInt(int nMax)`
			`{`
Add assertions that `GetRandInt*` functions are called with `nMax >= 0`. All existing uses have been checked to ensure they are consistent with this assertion. Signed-off-by: Daira Emma Hopwood <daira@jacaranda.org> 2023-04-18 04:44:43 -07:00			`assert(nMax >= 0);`
move rand functions from util to new random.h/.cpp 2014-06-26 05:41:53 -07:00			`return GetRand(nMax);`
			`}`

			`uint256 GetRandHash()`
			`{`
			`uint256 hash;`
			`GetRandBytes((unsigned char*)&hash, sizeof(hash));`
			`return hash;`
			`}`

Switch FastRandomContext to ChaCha20 (cherry picked from commit 16329224e70d0525208f6b0ba00c5e1531a4f5ea) 2017-02-15 17:45:22 -08:00			`void FastRandomContext::RandomSeed()`
move rand functions from util to new random.h/.cpp 2014-06-26 05:41:53 -07:00			`{`
Switch FastRandomContext to ChaCha20 (cherry picked from commit 16329224e70d0525208f6b0ba00c5e1531a4f5ea) 2017-02-15 17:45:22 -08:00			`uint256 seed = GetRandHash();`
			`rng.SetKey(seed.begin(), 32);`
			`requires_seed = false;`
			`}`

Add FastRandomContext::rand256() and ::randbytes() FastRandomContext now provides all functionality that the real Rand* functions provide. (cherry picked from commit bitcoin/bitcoin@37e864eb9fee4b592bd61c5ec3555b00a2de2cf7) 2017-05-02 11:04:31 -07:00			`uint256 FastRandomContext::rand256()`
			`{`
			`if (bytebuf_size < 32) {`
			`FillByteBuffer();`
			`}`
			`uint256 ret;`
			`memcpy(ret.begin(), bytebuf + 64 - bytebuf_size, 32);`
			`bytebuf_size -= 32;`
			`return ret;`
			`}`

			`std::vector<unsigned char> FastRandomContext::randbytes(size_t len)`
			`{`
			`std::vector<unsigned char> ret(len);`
			`if (len > 0) {`
			`rng.Output(&ret[0], len);`
			`}`
			`return ret;`
			`}`

Switch FastRandomContext to ChaCha20 (cherry picked from commit 16329224e70d0525208f6b0ba00c5e1531a4f5ea) 2017-02-15 17:45:22 -08:00			`FastRandomContext::FastRandomContext(const uint256& seed) : requires_seed(false), bytebuf_size(0), bitbuf_size(0)`
			`{`
			`rng.SetKey(seed.begin(), 32);`
move rand functions from util to new random.h/.cpp 2014-06-26 05:41:53 -07:00			`}`
Add GenIdentity, an identity function for MappedShuffle. We use this function in z_sendmany as part of the fix for #1779. 2016-11-05 14:12:41 -07:00
			`int GenIdentity(int n)`
			`{`
			`return n-1;`
			`}`
Switch FastRandomContext to ChaCha20 (cherry picked from commit 16329224e70d0525208f6b0ba00c5e1531a4f5ea) 2017-02-15 17:45:22 -08:00
			`FastRandomContext::FastRandomContext(bool fDeterministic) : requires_seed(!fDeterministic), bytebuf_size(0), bitbuf_size(0)`
			`{`
			`if (!fDeterministic) {`
			`return;`
			`}`
			`uint256 seed;`
			`rng.SetKey(seed.begin(), 32);`
			`}`