Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

backport: Adds SipHashUint256Extra and moves CSipHasher to it's own file in crypto/ directory #3496

Draft
wants to merge 11 commits into
base: 1.15.0-dev
Choose a base branch
from
Draft

backport: Adds SipHashUint256Extra and moves CSipHasher to it's own file in crypto/ directory #3496

wants to merge 11 commits into from

Commits on Mar 23, 2024

  1. Introduce FastRandomContext::randbool()

    @sipa @chromatic
    sipa authored and chromatic committed Mar 23, 2024
    Configuration menu
    Copy the full SHA
    b0b97d1 View commit details
    Browse the repository at this point in the history

  2. FastRandom benchmark

    @sipa @chromatic
    sipa authored and chromatic committed Mar 23, 2024
    Configuration menu
    Copy the full SHA
    8d4e0bd View commit details
    Browse the repository at this point in the history

  3. Add ChaCha20

    @sipa @chromatic
    sipa authored and chromatic committed Mar 23, 2024
    Configuration menu
    Copy the full SHA
    5be21d8 View commit details
    Browse the repository at this point in the history

  4. util: Specific GetOSRandom for Linux/FreeBSD/OpenBSD 

    These are available in sandboxes without access to files or
devices. Also [they are safer and more straightforward](https://en.wikipedia.org/wiki/Entropy-supplying_system_calls)
to use than `/dev/urandom` as reading from a file has quite a few edge
cases:

- Linux: `getrandom(buf, buflen, 0)`. [getrandom(2)](http://man7.org/linux/man-pages/man2/getrandom.2.html)
  was introduced in version 3.17 of the Linux kernel.
- OpenBSD: `getentropy(buf, buflen)`. The [getentropy(2)](http://man.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man2/getentropy.2)
  function appeared in OpenBSD 5.6.
- FreeBSD and NetBSD: `sysctl(KERN_ARND)`. Not sure when this was added
  but it has existed for quite a while.

Alternatives:

- Linux has sysctl `CTL_KERN` / `KERN_RANDOM` / `RANDOM_UUID`
  which gives 16 bytes of randomness. This may be available
  on older kernels, however [sysctl is deprecated on Linux](https://lwn.net/Articles/605392/)
  and even removed in some distros so we shouldn't use it.

Add tests for `GetOSRand()`:

- Test that no error happens (otherwise `RandFailure()` which aborts)
- Test that all 32 bytes are overwritten (initialize with zeros, try multiple times)

Discussion:

- When to use these? Currently they are always used when available.
  Another option would be to use them only when `/dev/urandom` is not
  available. But this would mean these code paths receive less testing,
  and I'm not sure there is any reason to prefer `/dev/urandom`.

Closes: #9676
    @laanwj @chromatic
    laanwj authored and chromatic committed Mar 23, 2024
    Configuration menu
    Copy the full SHA
    1e67923 View commit details
    Browse the repository at this point in the history

  5. squashme: comment that NUM_OS_RANDOM_BYTES should not be changed lightly

    @laanwj @chromatic
    laanwj authored and chromatic committed Mar 23, 2024
    Configuration menu
    Copy the full SHA
    ca7c655 View commit details
    Browse the repository at this point in the history

  6. sanity: Move OS random to sanity check function 

    Move the OS random test to a sanity check function that is called every
time bitcoind is initialized.

Keep `src/test/random_tests.cpp` for the case that later random tests
are added, and keep a rudimentary test that just calls the sanity check.
    @laanwj @chromatic
    laanwj authored and chromatic committed Mar 23, 2024
    Configuration menu
    Copy the full SHA
    8f0ad1c View commit details
    Browse the repository at this point in the history

  7. random: Add fallback if getrandom syscall not available 

    If the code was compiled with newer (>=3.17) kernel headers but executed
on a system without the system call, every use of random would crash the
program. Add a fallback for that case.
    @laanwj @chromatic
    laanwj authored and chromatic committed Mar 23, 2024
    Configuration menu
    Copy the full SHA
    04f21a3 View commit details
    Browse the repository at this point in the history

  8. Switch FastRandomContext to ChaCha20

    @sipa @chromatic
    sipa authored and chromatic committed Mar 23, 2024
    Configuration menu
    Copy the full SHA
    603caf9 View commit details
    Browse the repository at this point in the history

  9. Add a FastRandomContext::randrange and use it

    @sipa @chromatic
    sipa authored and chromatic committed Mar 23, 2024
    Configuration menu
    Copy the full SHA
    9c33a27 View commit details
    Browse the repository at this point in the history

Commits on Mar 27, 2024

  1. Add specialization of SipHash for 256 + 32 bit data 

    We'll need a version of SipHash for tuples of 256 bits and 32 bits
data, when CCoinsViewCache switches from using txids to COutPoints as
keys.
    @sipa @xanimo
    sipa authored and xanimo committed Mar 27, 2024
    Configuration menu
    Copy the full SHA
    66df26b View commit details
    Browse the repository at this point in the history

  2. Extract CSipHasher to it's own file in crypto/ directory. 

    This is a move-only commit with the exception of changes to includes.

Cherry-picked from: 4fb789e
    @jimpo @xanimo
    jimpo authored and xanimo committed Mar 27, 2024
    Configuration menu
    Copy the full SHA
    4aa8403 View commit details
    Browse the repository at this point in the history