add GetRandBytes() as wrapper for RAND_bytes()

- add a small wrapper in util around RAND_bytes() and replace with
  GetRandBytes() in the code to log errors from calling RAND_bytes()
- remove OpenSSL header rand.h where no longer needed
This commit is contained in:
Philip Kaufmann 2014-06-24 14:27:32 +02:00
parent 2ee918d121
commit 001a53d742
8 changed files with 31 additions and 30 deletions

View File

@ -16,8 +16,6 @@
#include <stdint.h> #include <stdint.h>
#include <vector> #include <vector>
#include <openssl/rand.h>
/** Extended statistics about a CAddress */ /** Extended statistics about a CAddress */
class CAddrInfo : public CAddress class CAddrInfo : public CAddress
{ {
@ -384,7 +382,7 @@ public:
CAddrMan() : vRandom(0), vvTried(ADDRMAN_TRIED_BUCKET_COUNT, std::vector<int>(0)), vvNew(ADDRMAN_NEW_BUCKET_COUNT, std::set<int>()) CAddrMan() : vRandom(0), vvTried(ADDRMAN_TRIED_BUCKET_COUNT, std::vector<int>(0)), vvNew(ADDRMAN_NEW_BUCKET_COUNT, std::set<int>())
{ {
nKey.resize(32); nKey.resize(32);
RAND_bytes(&nKey[0], 32); GetRandBytes(&nKey[0], 32);
nIdCount = 0; nIdCount = 0;
nTried = 0; nTried = 0;

View File

@ -1,11 +1,11 @@
// Copyright (c) 2009-2013 The Bitcoin developers // Copyright (c) 2009-2014 The Bitcoin developers
// Distributed under the MIT/X11 software license, see the accompanying // Distributed under the MIT/X11 software license, see the accompanying
// file COPYING or http://www.opensource.org/licenses/mit-license.php. // file COPYING or http://www.opensource.org/licenses/mit-license.php.
#include "key.h" #include "key.h"
#include "crypto/sha2.h" #include "crypto/sha2.h"
#include <openssl/rand.h> #include "random.h"
#ifdef USE_SECP256K1 #ifdef USE_SECP256K1
#include <secp256k1.h> #include <secp256k1.h>
@ -412,7 +412,7 @@ bool CKey::CheckSignatureElement(const unsigned char *vch, int len, bool half) {
void CKey::MakeNewKey(bool fCompressedIn) { void CKey::MakeNewKey(bool fCompressedIn) {
do { do {
RAND_bytes(vch, sizeof(vch)); GetRandBytes(vch, sizeof(vch));
} while (!Check(vch)); } while (!Check(vch));
fValid = true; fValid = true;
fCompressed = fCompressedIn; fCompressed = fCompressedIn;
@ -745,5 +745,3 @@ bool ECC_InitSanityCheck() {
return true; return true;
#endif #endif
} }

View File

@ -4370,7 +4370,7 @@ bool SendMessages(CNode* pto, bool fSendTrickle)
if (pingSend) { if (pingSend) {
uint64_t nonce = 0; uint64_t nonce = 0;
while (nonce == 0) { while (nonce == 0) {
RAND_bytes((unsigned char*)&nonce, sizeof(nonce)); GetRandBytes((unsigned char*)&nonce, sizeof(nonce));
} }
pto->fPingQueued = false; pto->fPingQueued = false;
pto->nPingUsecStart = GetTimeMicros(); pto->nPingUsecStart = GetTimeMicros();

View File

@ -546,7 +546,7 @@ void CNode::PushVersion()
int64_t nTime = (fInbound ? GetAdjustedTime() : GetTime()); int64_t nTime = (fInbound ? GetAdjustedTime() : GetTime());
CAddress addrYou = (addr.IsRoutable() && !IsProxy(addr) ? addr : CAddress(CService("0.0.0.0",0))); CAddress addrYou = (addr.IsRoutable() && !IsProxy(addr) ? addr : CAddress(CService("0.0.0.0",0)));
CAddress addrMe = GetLocalAddress(&addr); CAddress addrMe = GetLocalAddress(&addr);
RAND_bytes((unsigned char*)&nLocalHostNonce, sizeof(nLocalHostNonce)); GetRandBytes((unsigned char*)&nLocalHostNonce, sizeof(nLocalHostNonce));
if (fLogIPs) if (fLogIPs)
LogPrint("net", "send version message: version %d, blocks=%d, us=%s, them=%s, peer=%d\n", PROTOCOL_VERSION, nBestHeight, addrMe.ToString(), addrYou.ToString(), id); LogPrint("net", "send version message: version %d, blocks=%d, us=%s, them=%s, peer=%d\n", PROTOCOL_VERSION, nBestHeight, addrMe.ToString(), addrYou.ToString(), id);
else else
@ -1931,7 +1931,7 @@ bool CAddrDB::Write(const CAddrMan& addr)
{ {
// Generate random temporary filename // Generate random temporary filename
unsigned short randv = 0; unsigned short randv = 0;
RAND_bytes((unsigned char *)&randv, sizeof(randv)); GetRandBytes((unsigned char*)&randv, sizeof(randv));
std::string tmpfn = strprintf("peers.dat.%04x", randv); std::string tmpfn = strprintf("peers.dat.%04x", randv);
// serialize addresses, checksum data up to that point, then append csum // serialize addresses, checksum data up to that point, then append csum

View File

@ -531,7 +531,7 @@ void StartRPCThreads()
(mapArgs["-rpcuser"] == mapArgs["-rpcpassword"])) && Params().RequireRPCPassword()) (mapArgs["-rpcuser"] == mapArgs["-rpcpassword"])) && Params().RequireRPCPassword())
{ {
unsigned char rand_pwd[32]; unsigned char rand_pwd[32];
RAND_bytes(rand_pwd, 32); GetRandBytes(rand_pwd, 32);
string strWhatAmI = "To use bitcoind"; string strWhatAmI = "To use bitcoind";
if (mapArgs.count("-server")) if (mapArgs.count("-server"))
strWhatAmI = strprintf(_("To use the %s option"), "\"-server\""); strWhatAmI = strprintf(_("To use the %s option"), "\"-server\"");

View File

@ -69,6 +69,7 @@
#include <boost/program_options/detail/config_file.hpp> #include <boost/program_options/detail/config_file.hpp>
#include <boost/program_options/parsers.hpp> #include <boost/program_options/parsers.hpp>
#include <openssl/crypto.h> #include <openssl/crypto.h>
#include <openssl/err.h>
#include <openssl/rand.h> #include <openssl/rand.h>
// Work around clang compilation problem in Boost 1.46: // Work around clang compilation problem in Boost 1.46:
@ -141,12 +142,14 @@ public:
} }
instance_of_cinit; instance_of_cinit;
bool GetRandBytes(unsigned char *buf, int num)
{
if (RAND_bytes(buf, num) == 0) {
LogPrint("rand", "%s : OpenSSL RAND_bytes() failed with error: %s\n", __func__, ERR_error_string(ERR_get_error(), NULL));
return false;
}
return true;
}
void RandAddSeed() void RandAddSeed()
{ {
@ -207,9 +210,9 @@ uint64_t GetRand(uint64_t nMax)
// to give every possible output value an equal possibility // to give every possible output value an equal possibility
uint64_t nRange = (std::numeric_limits<uint64_t>::max() / nMax) * nMax; uint64_t nRange = (std::numeric_limits<uint64_t>::max() / nMax) * nMax;
uint64_t nRand = 0; uint64_t nRand = 0;
do do {
RAND_bytes((unsigned char*)&nRand, sizeof(nRand)); GetRandBytes((unsigned char*)&nRand, sizeof(nRand));
while (nRand >= nRange); } while (nRand >= nRange);
return (nRand % nMax); return (nRand % nMax);
} }
@ -221,7 +224,7 @@ int GetRandInt(int nMax)
uint256 GetRandHash() uint256 GetRandHash()
{ {
uint256 hash; uint256 hash;
RAND_bytes((unsigned char*)&hash, sizeof(hash)); GetRandBytes((unsigned char*)&hash, sizeof(hash));
return hash; return hash;
} }
@ -1203,11 +1206,11 @@ void seed_insecure_rand(bool fDeterministic)
} else { } else {
uint32_t tmp; uint32_t tmp;
do { do {
RAND_bytes((unsigned char*)&tmp, 4); GetRandBytes((unsigned char*)&tmp, 4);
} while(tmp == 0 || tmp == 0x9068ffffU); } while(tmp == 0 || tmp == 0x9068ffffU);
insecure_rand_Rz = tmp; insecure_rand_Rz = tmp;
do { do {
RAND_bytes((unsigned char*)&tmp, 4); GetRandBytes((unsigned char*)&tmp, 4);
} while(tmp == 0 || tmp == 0x464fffffU); } while(tmp == 0 || tmp == 0x464fffffU);
insecure_rand_Rw = tmp; insecure_rand_Rw = tmp;
} }

View File

@ -103,6 +103,7 @@ extern bool fLogTimestamps;
extern bool fLogIPs; extern bool fLogIPs;
extern volatile bool fReopenDebugLog; extern volatile bool fReopenDebugLog;
bool GetRandBytes(unsigned char *buf, int num);
void RandAddSeed(); void RandAddSeed();
void RandAddSeedPerfmon(); void RandAddSeedPerfmon();
void SetupEnvironment(); void SetupEnvironment();

View File

@ -12,7 +12,6 @@
#include "timedata.h" #include "timedata.h"
#include <boost/algorithm/string/replace.hpp> #include <boost/algorithm/string/replace.hpp>
#include <openssl/rand.h>
using namespace std; using namespace std;
@ -384,13 +383,15 @@ bool CWallet::EncryptWallet(const SecureString& strWalletPassphrase)
RandAddSeedPerfmon(); RandAddSeedPerfmon();
vMasterKey.resize(WALLET_CRYPTO_KEY_SIZE); vMasterKey.resize(WALLET_CRYPTO_KEY_SIZE);
RAND_bytes(&vMasterKey[0], WALLET_CRYPTO_KEY_SIZE); if (!GetRandBytes(&vMasterKey[0], WALLET_CRYPTO_KEY_SIZE))
return false;
CMasterKey kMasterKey; CMasterKey kMasterKey;
RandAddSeedPerfmon(); RandAddSeedPerfmon();
kMasterKey.vchSalt.resize(WALLET_CRYPTO_SALT_SIZE); kMasterKey.vchSalt.resize(WALLET_CRYPTO_SALT_SIZE);
RAND_bytes(&kMasterKey.vchSalt[0], WALLET_CRYPTO_SALT_SIZE); if (!GetRandBytes(&kMasterKey.vchSalt[0], WALLET_CRYPTO_SALT_SIZE))
return false;
CCrypter crypter; CCrypter crypter;
int64_t nStartTime = GetTimeMillis(); int64_t nStartTime = GetTimeMillis();