[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-commits] [tor/master] Move weakrng into lib/intmath
commit 48ebd9bf76a0e5ff60b88f8906919016de82e819
Author: Nick Mathewson <nickm@xxxxxxxxxxxxxx>
Date: Thu Jun 28 11:39:49 2018 -0400
Move weakrng into lib/intmath
---
src/common/util.c | 42 ---------------------------------
src/common/util.h | 14 -----------
src/common/workqueue.c | 1 +
src/lib/crypt_ops/crypto_rand.c | 1 +
src/lib/intmath/include.am | 6 +++--
src/lib/intmath/weakrng.c | 51 +++++++++++++++++++++++++++++++++++++++++
src/lib/intmath/weakrng.h | 25 ++++++++++++++++++++
src/or/cpuworker.c | 2 +-
src/or/relay.c | 3 ++-
src/test/test_util.c | 1 +
src/test/test_workqueue.c | 1 +
11 files changed, 87 insertions(+), 60 deletions(-)
diff --git a/src/common/util.c b/src/common/util.c
index 4a26998c1..304101ec0 100644
--- a/src/common/util.c
+++ b/src/common/util.c
@@ -460,48 +460,6 @@ load_windows_system_library(const TCHAR *library_name)
}
#endif /* defined(_WIN32) */
-/** Initialize the insecure RNG <b>rng</b> from a seed value <b>seed</b>. */
-void
-tor_init_weak_random(tor_weak_rng_t *rng, unsigned seed)
-{
- rng->state = (uint32_t)(seed & 0x7fffffff);
-}
-
-/** Return a randomly chosen value in the range 0..TOR_WEAK_RANDOM_MAX based
- * on the RNG state of <b>rng</b>. This entropy will not be cryptographically
- * strong; do not rely on it for anything an adversary should not be able to
- * predict. */
-int32_t
-tor_weak_random(tor_weak_rng_t *rng)
-{
- /* Here's a linear congruential generator. OpenBSD and glibc use these
- * parameters; they aren't too bad, and should have maximal period over the
- * range 0..INT32_MAX. We don't want to use the platform rand() or random(),
- * since some platforms have bad weak RNGs that only return values in the
- * range 0..INT16_MAX, which just isn't enough. */
- rng->state = (rng->state * 1103515245 + 12345) & 0x7fffffff;
- return (int32_t) rng->state;
-}
-
-/** Return a random number in the range [0 , <b>top</b>). {That is, the range
- * of integers i such that 0 <= i < top.} Chooses uniformly. Requires that
- * top is greater than 0. This randomness is not cryptographically strong; do
- * not rely on it for anything an adversary should not be able to predict. */
-int32_t
-tor_weak_random_range(tor_weak_rng_t *rng, int32_t top)
-{
- /* We don't want to just do tor_weak_random() % top, since random() is often
- * implemented with an LCG whose modulus is a power of 2, and those are
- * cyclic in their low-order bits. */
- int divisor, result;
- tor_assert(top > 0);
- divisor = TOR_WEAK_RANDOM_MAX / top;
- do {
- result = (int32_t)(tor_weak_random(rng) / divisor);
- } while (result >= top);
- return result;
-}
-
/** Cast a given double value to a int64_t. Return 0 if number is NaN.
* Returns either INT64_MIN or INT64_MAX if number is outside of the int64_t
* range. */
diff --git a/src/common/util.h b/src/common/util.h
index 1967d23e4..7d7544006 100644
--- a/src/common/util.h
+++ b/src/common/util.h
@@ -95,18 +95,4 @@ int64_t tv_to_msec(const struct timeval *tv);
HANDLE load_windows_system_library(const TCHAR *library_name);
#endif
-/* ===== Insecure rng */
-typedef struct tor_weak_rng_t {
- uint32_t state;
-} tor_weak_rng_t;
-
-#define TOR_WEAK_RNG_INIT {383745623}
-#define TOR_WEAK_RANDOM_MAX (INT_MAX)
-void tor_init_weak_random(tor_weak_rng_t *weak_rng, unsigned seed);
-int32_t tor_weak_random(tor_weak_rng_t *weak_rng);
-int32_t tor_weak_random_range(tor_weak_rng_t *rng, int32_t top);
-/** Randomly return true according to <b>rng</b> with probability 1 in
- * <b>n</b> */
-#define tor_weak_random_one_in_n(rng, n) (0==tor_weak_random_range((rng),(n)))
-
#endif /* !defined(TOR_UTIL_H) */
diff --git a/src/common/workqueue.c b/src/common/workqueue.c
index 4735aadd7..0e8628da9 100644
--- a/src/common/workqueue.c
+++ b/src/common/workqueue.c
@@ -33,6 +33,7 @@
#include "tor_queue.h"
#include "lib/net/alertsock.h"
#include "lib/log/torlog.h"
+#include "lib/intmath/weakrng.h"
#include <event2/event.h>
diff --git a/src/lib/crypt_ops/crypto_rand.c b/src/lib/crypt_ops/crypto_rand.c
index 247a50224..8ac7d3bfe 100644
--- a/src/lib/crypt_ops/crypto_rand.c
+++ b/src/lib/crypt_ops/crypto_rand.c
@@ -30,6 +30,7 @@
#include "lib/log/torlog.h"
#include "common/util.h"
#include "lib/encoding/binascii.h"
+#include "lib/intmath/weakrng.h"
DISABLE_GCC_WARNING(redundant-decls)
#include <openssl/rand.h>
diff --git a/src/lib/intmath/include.am b/src/lib/intmath/include.am
index 40459d106..1ae5d618d 100644
--- a/src/lib/intmath/include.am
+++ b/src/lib/intmath/include.am
@@ -8,7 +8,8 @@ endif
src_lib_libtor_intmath_a_SOURCES = \
src/lib/intmath/addsub.c \
src/lib/intmath/bits.c \
- src/lib/intmath/muldiv.c
+ src/lib/intmath/muldiv.c \
+ src/lib/intmath/weakrng.c
src_lib_libtor_intmath_testing_a_SOURCES = \
$(src_lib_libtor_intmath_a_SOURCES)
@@ -19,4 +20,5 @@ noinst_HEADERS += \
src/lib/intmath/addsub.h \
src/lib/intmath/cmp.h \
src/lib/intmath/bits.h \
- src/lib/intmath/muldiv.h
+ src/lib/intmath/muldiv.h \
+ src/lib/intmath/weakrng.h
diff --git a/src/lib/intmath/weakrng.c b/src/lib/intmath/weakrng.c
new file mode 100644
index 000000000..2ecab97cc
--- /dev/null
+++ b/src/lib/intmath/weakrng.c
@@ -0,0 +1,51 @@
+/* Copyright (c) 2003, Roger Dingledine
+ * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
+/* See LICENSE for licensing information */
+
+#include "lib/intmath/weakrng.h"
+#include "lib/err/torerr.h"
+
+#include <stdlib.h>
+
+/** Initialize the insecure RNG <b>rng</b> from a seed value <b>seed</b>. */
+void
+tor_init_weak_random(tor_weak_rng_t *rng, unsigned seed)
+{
+ rng->state = (uint32_t)(seed & 0x7fffffff);
+}
+
+/** Return a randomly chosen value in the range 0..TOR_WEAK_RANDOM_MAX based
+ * on the RNG state of <b>rng</b>. This entropy will not be cryptographically
+ * strong; do not rely on it for anything an adversary should not be able to
+ * predict. */
+int32_t
+tor_weak_random(tor_weak_rng_t *rng)
+{
+ /* Here's a linear congruential generator. OpenBSD and glibc use these
+ * parameters; they aren't too bad, and should have maximal period over the
+ * range 0..INT32_MAX. We don't want to use the platform rand() or random(),
+ * since some platforms have bad weak RNGs that only return values in the
+ * range 0..INT16_MAX, which just isn't enough. */
+ rng->state = (rng->state * 1103515245 + 12345) & 0x7fffffff;
+ return (int32_t) rng->state;
+}
+
+/** Return a random number in the range [0 , <b>top</b>). {That is, the range
+ * of integers i such that 0 <= i < top.} Chooses uniformly. Requires that
+ * top is greater than 0. This randomness is not cryptographically strong; do
+ * not rely on it for anything an adversary should not be able to predict. */
+int32_t
+tor_weak_random_range(tor_weak_rng_t *rng, int32_t top)
+{
+ /* We don't want to just do tor_weak_random() % top, since random() is often
+ * implemented with an LCG whose modulus is a power of 2, and those are
+ * cyclic in their low-order bits. */
+ int divisor, result;
+ raw_assert(top > 0);
+ divisor = TOR_WEAK_RANDOM_MAX / top;
+ do {
+ result = (int32_t)(tor_weak_random(rng) / divisor);
+ } while (result >= top);
+ return result;
+}
diff --git a/src/lib/intmath/weakrng.h b/src/lib/intmath/weakrng.h
new file mode 100644
index 000000000..e5a88b30f
--- /dev/null
+++ b/src/lib/intmath/weakrng.h
@@ -0,0 +1,25 @@
+/* Copyright (c) 2003, Roger Dingledine
+ * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
+/* See LICENSE for licensing information */
+
+#ifndef TOR_WEAKRNG_H
+#define TOR_WEAKRNG_H
+
+#include "lib/cc/torint.h"
+
+/* ===== Insecure rng */
+typedef struct tor_weak_rng_t {
+ uint32_t state;
+} tor_weak_rng_t;
+
+#define TOR_WEAK_RNG_INIT {383745623}
+#define TOR_WEAK_RANDOM_MAX (INT_MAX)
+void tor_init_weak_random(tor_weak_rng_t *weak_rng, unsigned seed);
+int32_t tor_weak_random(tor_weak_rng_t *weak_rng);
+int32_t tor_weak_random_range(tor_weak_rng_t *rng, int32_t top);
+/** Randomly return true according to <b>rng</b> with probability 1 in
+ * <b>n</b> */
+#define tor_weak_random_one_in_n(rng, n) (0==tor_weak_random_range((rng),(n)))
+
+#endif
diff --git a/src/or/cpuworker.c b/src/or/cpuworker.c
index 24a75b16d..675079020 100644
--- a/src/or/cpuworker.c
+++ b/src/or/cpuworker.c
@@ -33,6 +33,7 @@
#include "common/workqueue.h"
#include "or/or_circuit_st.h"
+#include "lib/intmath/weakrng.h"
static void queue_pending_tasks(void);
@@ -596,4 +597,3 @@ cpuworker_cancel_circ_handshake(or_circuit_t *circ)
circ->workqueue_entry = NULL;
}
}
-
diff --git a/src/or/relay.c b/src/or/relay.c
index 85b5cf7aa..9ff3d96c1 100644
--- a/src/or/relay.c
+++ b/src/or/relay.c
@@ -94,6 +94,8 @@
#include "or/routerinfo_st.h"
#include "or/socks_request_st.h"
+#include "lib/intmath/weakrng.h"
+
static edge_connection_t *relay_lookup_conn(circuit_t *circ, cell_t *cell,
cell_direction_t cell_direction,
crypt_path_t *layer_hint);
@@ -3084,4 +3086,3 @@ circuit_queue_streams_are_blocked(circuit_t *circ)
return circ->streams_blocked_on_p_chan;
}
}
-
diff --git a/src/test/test_util.c b/src/test/test_util.c
index 0c7e794b4..8afd9473e 100644
--- a/src/test/test_util.c
+++ b/src/test/test_util.c
@@ -25,6 +25,7 @@
#include "lib/process/env.h"
#include "lib/process/pidfile.h"
#include "lib/process/subprocess.h"
+#include "lib/intmath/weakrng.h"
#ifdef HAVE_PWD_H
#include <pwd.h>
diff --git a/src/test/test_workqueue.c b/src/test/test_workqueue.c
index 5cda99b58..dda724b78 100644
--- a/src/test/test_workqueue.c
+++ b/src/test/test_workqueue.c
@@ -11,6 +11,7 @@
#include "lib/crypt_ops/crypto_rand.h"
#include "lib/net/alertsock.h"
#include "common/compat_libevent.h"
+#include "lib/intmath/weakrng.h"
#include <stdio.h>
_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits