|
|
@ -20,20 +20,20 @@ |
|
|
#include "random_numbers.h" |
|
|
#include "random_numbers.h" |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/* The following code offers an alterate pseudo random number generator
|
|
|
// the following code offers an alterate pseudo random number generator
|
|
|
namely XORSHIFT128+ to use instead of C's rand(). Its performance is |
|
|
// namely XORSHIFT128+ to use instead of C's rand()
|
|
|
on par with C's rand(). |
|
|
// its performance is on par with C's rand()
|
|
|
*/ |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/* The state must be seeded in a way that it is not all zero, choose some
|
|
|
// the state must be seeded in a way that it is not all zero, choose some
|
|
|
arbitrary defaults (in this case: taken from splitmix64) */ |
|
|
// arbitrary defaults (in this case: taken from splitmix64)
|
|
|
static rn_generator_state_t rn_current_state = { |
|
|
static rn_generator_state_t rn_current_state = { |
|
|
.a = 0x9E3779B97F4A7C15, |
|
|
.a = 0x9E3779B97F4A7C15, |
|
|
.b = 0xBF58476D1CE4E5B9 }; |
|
|
.b = 0xBF58476D1CE4E5B9 |
|
|
|
|
|
}; |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/* used for mixing the initializing seed */ |
|
|
// used for mixing the initializing seed
|
|
|
static uint64_t splitmix64 (splitmix64_state_t *state) { |
|
|
static uint64_t splitmix64 (splitmix64_state_t *state) { |
|
|
|
|
|
|
|
|
uint64_t result = state->s; |
|
|
uint64_t result = state->s; |
|
|
@ -50,7 +50,7 @@ static uint64_t splitmix64 (splitmix64_state_t *state) { |
|
|
int n2n_srand (uint64_t seed) { |
|
|
int n2n_srand (uint64_t seed) { |
|
|
|
|
|
|
|
|
uint8_t i; |
|
|
uint8_t i; |
|
|
splitmix64_state_t smstate = {seed}; |
|
|
splitmix64_state_t smstate = { seed }; |
|
|
|
|
|
|
|
|
rn_current_state.a = 0; |
|
|
rn_current_state.a = 0; |
|
|
rn_current_state.b = 0; |
|
|
rn_current_state.b = 0; |
|
|
@ -58,9 +58,9 @@ int n2n_srand (uint64_t seed) { |
|
|
rn_current_state.a = splitmix64 (&smstate); |
|
|
rn_current_state.a = splitmix64 (&smstate); |
|
|
rn_current_state.b = splitmix64 (&smstate); |
|
|
rn_current_state.b = splitmix64 (&smstate); |
|
|
|
|
|
|
|
|
/* the following lines could be deleted as soon as it is formally prooved that
|
|
|
// the following lines could be deleted as soon as it is formally prooved that
|
|
|
there is no seed leading to (a == b == 0). Until then, just to be safe: */ |
|
|
// there is no seed leading to (a == b == 0). until then, just to be safe:
|
|
|
if ( (rn_current_state.a == 0) && (rn_current_state.b == 0) ) { |
|
|
if((rn_current_state.a == 0) && (rn_current_state.b == 0)) { |
|
|
rn_current_state.a = 0x9E3779B97F4A7C15; |
|
|
rn_current_state.a = 0x9E3779B97F4A7C15; |
|
|
rn_current_state.b = 0xBF58476D1CE4E5B9; |
|
|
rn_current_state.b = 0xBF58476D1CE4E5B9; |
|
|
} |
|
|
} |
|
|
@ -73,10 +73,10 @@ int n2n_srand (uint64_t seed) { |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/* The following code of xorshift128p was taken from
|
|
|
// the following code of xorshift128p was taken from
|
|
|
https://en.wikipedia.org/wiki/Xorshift as of July, 2019
|
|
|
// https://en.wikipedia.org/wiki/Xorshift as of July, 2019
|
|
|
and thus is considered public domain. */ |
|
|
// and thus is considered public domain
|
|
|
uint64_t n2n_rand () { |
|
|
uint64_t n2n_rand (void) { |
|
|
|
|
|
|
|
|
uint64_t t = rn_current_state.a; |
|
|
uint64_t t = rn_current_state.a; |
|
|
uint64_t const s = rn_current_state.b; |
|
|
uint64_t const s = rn_current_state.b; |
|
|
@ -91,13 +91,13 @@ uint64_t n2n_rand () { |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/* The following code tries to gather some entropy from several sources
|
|
|
// the following code tries to gather some entropy from several sources
|
|
|
for use as seed. Note, that this code does not set the random generator |
|
|
// for use as seed. Note, that this code does not set the random generator
|
|
|
state yet, a call to n2n_srand ( n2n_seed() ) would do. */ |
|
|
// state yet, a call to n2n_srand (n2n_seed()) would do
|
|
|
uint64_t n2n_seed (void) { |
|
|
uint64_t n2n_seed (void) { |
|
|
|
|
|
|
|
|
uint64_t seed = 0; |
|
|
uint64_t seed = 0; /* this could even go uninitialized */ |
|
|
uint64_t ret = 0; |
|
|
uint64_t ret = 0; /* this could even go uninitialized */ |
|
|
size_t i; |
|
|
size_t i; |
|
|
|
|
|
|
|
|
#ifdef SYS_getrandom |
|
|
#ifdef SYS_getrandom |
|
|
@ -112,6 +112,7 @@ uint64_t n2n_seed (void) { |
|
|
} |
|
|
} |
|
|
} |
|
|
} |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
// if we still see an EAGAIN error here, we must have run out of retries
|
|
|
// if we still see an EAGAIN error here, we must have run out of retries
|
|
|
if(errno == EAGAIN) { |
|
|
if(errno == EAGAIN) { |
|
|
traceEvent(TRACE_ERROR, "n2n_seed saw getrandom syscall indicate not being able to provide enough entropy yet."); |
|
|
traceEvent(TRACE_ERROR, "n2n_seed saw getrandom syscall indicate not being able to provide enough entropy yet."); |
|
|
@ -122,10 +123,10 @@ uint64_t n2n_seed (void) { |
|
|
// erroneously arbitrary values returned from the syscall for the first time
|
|
|
// erroneously arbitrary values returned from the syscall for the first time
|
|
|
ret += seed; |
|
|
ret += seed; |
|
|
|
|
|
|
|
|
// __RDRND__ is set only if architecturual feature is set, e.g. compile with -march=native
|
|
|
// __RDRND__ is set only if architecturual feature is set, e.g. compiled with -march=native
|
|
|
#ifdef __RDRND__ |
|
|
#ifdef __RDRND__ |
|
|
for(i = 0; i < RND_RETRIES; i++) { |
|
|
for(i = 0; i < RND_RETRIES; i++) { |
|
|
if(_rdrand64_step ((unsigned long long*)&seed)) { |
|
|
if(_rdrand64_step((unsigned long long*)&seed)) { |
|
|
// success!
|
|
|
// success!
|
|
|
// from now on, we keep this inside the loop because in case of failure
|
|
|
// from now on, we keep this inside the loop because in case of failure
|
|
|
// and with unchanged values, we do not want to double the previous value
|
|
|
// and with unchanged values, we do not want to double the previous value
|
|
|
@ -134,7 +135,7 @@ uint64_t n2n_seed (void) { |
|
|
} |
|
|
} |
|
|
// continue loop to try again otherwise
|
|
|
// continue loop to try again otherwise
|
|
|
} |
|
|
} |
|
|
if(i == RND_RETRIES){ |
|
|
if(i == RND_RETRIES) { |
|
|
traceEvent(TRACE_ERROR, "n2n_seed was not able to get a hardware generated random number from RDRND."); |
|
|
traceEvent(TRACE_ERROR, "n2n_seed was not able to get a hardware generated random number from RDRND."); |
|
|
} |
|
|
} |
|
|
#endif |
|
|
#endif |
|
|
@ -149,37 +150,49 @@ uint64_t n2n_seed (void) { |
|
|
} |
|
|
} |
|
|
// continue loop to try again otherwise
|
|
|
// continue loop to try again otherwise
|
|
|
} |
|
|
} |
|
|
if(i == RND_RETRIES){ |
|
|
if(i == RND_RETRIES) { |
|
|
traceEvent(TRACE_ERROR, "n2n_seed was not able to get a hardware generated random number from RDSEED."); |
|
|
traceEvent(TRACE_ERROR, "n2n_seed was not able to get a hardware generated random number from RDSEED."); |
|
|
} |
|
|
} |
|
|
#endif |
|
|
#endif |
|
|
|
|
|
|
|
|
/* The WIN32 code is still untested and thus commented
|
|
|
// the following WIN32 code is still untested and thus commented
|
|
|
#ifdef WIN32 |
|
|
/*
|
|
|
|
|
|
#ifdef WIN32 |
|
|
HCRYPTPROV crypto_provider; |
|
|
HCRYPTPROV crypto_provider; |
|
|
CryptAcquireContext (&crypto_provider, NULL, (LPCWSTR)L"Microsoft Base Cryptographic Provider v1.0", |
|
|
CryptAcquireContext (&crypto_provider, NULL, (LPCWSTR)L"Microsoft Base Cryptographic Provider v1.0", |
|
|
PROV_RSA_FULL, CRYPT_VERIFYCONTEXT); |
|
|
PROV_RSA_FULL, CRYPT_VERIFYCONTEXT); |
|
|
CryptGenRandom (crypto_provider, 8, &seed); |
|
|
CryptGenRandom (crypto_provider, 8, &seed); |
|
|
CryptReleaseContext (crypto_provider, 0); |
|
|
CryptReleaseContext (crypto_provider, 0); |
|
|
ret += seed; |
|
|
ret += seed; |
|
|
#endif */ |
|
|
#endif |
|
|
|
|
|
*/ |
|
|
|
|
|
|
|
|
seed = time(NULL); // UTC in seconds
|
|
|
seed = time(NULL); /* UTC in seconds */ |
|
|
ret += seed; |
|
|
ret += seed; |
|
|
|
|
|
|
|
|
seed = clock() * 18444244737; // clock() = ticks since program start
|
|
|
seed = clock(); /* ticks since program start */ |
|
|
|
|
|
seed *= 18444244737; |
|
|
ret += seed; |
|
|
ret += seed; |
|
|
|
|
|
|
|
|
return ret; |
|
|
return ret; |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
/* an integer squrare root approximation
|
|
|
// an integer squrare root approximation
|
|
|
* from https://stackoverflow.com/a/1100591. */
|
|
|
// from https://stackoverflow.com/a/1100591
|
|
|
static int ftbl [33] = {0,1,1,2,2,4,5,8,11,16,22,32,45,64,90,128,181,256,362,512,724,1024,1448,2048,2896,4096,5792,8192,11585,16384,23170,32768,46340}; |
|
|
static int ftbl[33] = { |
|
|
static int ftbl2[32] = { 32768,33276,33776,34269,34755,35235,35708,36174,36635,37090,37540,37984,38423,38858,39287,39712,40132,40548,40960,41367,41771,42170,42566,42959,43347,43733,44115,44493,44869,45241,45611,45977}; |
|
|
0, 1, 1, 2, 2, 4, 5, 8, 11, 16, 22, 32, 45, 64, 90, |
|
|
|
|
|
128, 181 ,256 ,362, 512, 724, 1024, 1448, 2048, 2896, |
|
|
|
|
|
4096, 5792, 8192, 11585, 16384, 23170, 32768, 46340 }; |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
static int ftbl2[32] = { |
|
|
|
|
|
32768, 33276, 33776, 34269, 34755, 35235, 35708, 36174, |
|
|
|
|
|
36635, 37090, 37540, 37984, 38423, 38858, 39287, 39712, |
|
|
|
|
|
40132, 40548, 40960, 41367, 41771, 42170, 42566, 42959, |
|
|
|
|
|
43347, 43733, 44115, 44493, 44869, 45241, 45611, 45977 }; |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
static int i_sqrt(int val) { |
|
|
static int i_sqrt (int val) { |
|
|
|
|
|
|
|
|
int cnt = 0; |
|
|
int cnt = 0; |
|
|
int t = val; |
|
|
int t = val; |
|
|
@ -198,7 +211,7 @@ static int i_sqrt(int val) { |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
static int32_t int_sqrt(int val) { |
|
|
static int32_t int_sqrt (int val) { |
|
|
|
|
|
|
|
|
int ret; |
|
|
int ret; |
|
|
|
|
|
|
|
|
@ -223,8 +236,10 @@ uint32_t n2n_rand_sqr (uint32_t max_n) { |
|
|
ret = (raw_rnd & 1) ? ret : -ret; |
|
|
ret = (raw_rnd & 1) ? ret : -ret; |
|
|
ret = max_n / 2 + ret; |
|
|
ret = max_n / 2 + ret; |
|
|
|
|
|
|
|
|
if (ret < 0) ret = 0; |
|
|
if(ret < 0) |
|
|
if (ret > max_n) ret = max_n; |
|
|
ret = 0; |
|
|
|
|
|
if (ret > max_n) |
|
|
|
|
|
ret = max_n; |
|
|
|
|
|
|
|
|
return ret; |
|
|
return ret; |
|
|
} |
|
|
} |
|
|
|
Logan oos Even
4 years ago
GitHub