HomePhabricator

Switch all RNG code to the built-in PRNG.

Authored by Pieter Wuille <pieter.wuille@gmail.com> on Dec 14 2018, 02:37.

Description

Switch all RNG code to the built-in PRNG.

Summary:
It includes the following policy changes:

  • All GetRand* functions seed the stack pointer and rdrand result (in addition to the performance counter)
  • The periodic entropy added by the idle scheduler now seeds stack pointer, rdrand and perfmon data (once every 10 minutes) in addition to just a sleep timing.
  • The entropy added when calling GetStrongRandBytes no longer includes the once-per-10-minutes perfmon data on windows (it is moved to the idle scheduler instead, where latency matters less).

Other changes:

  • OpenSSL is no longer seeded directly anywhere. Instead, any generated randomness through our own RNG is fed back to OpenSSL (after an additional hashing step to prevent leaking our RNG state).
  • Seeding that was previously done directly in RandAddSeedSleep is now moved to SeedSleep(), which is indirectly invoked through ProcRand from RandAddSeedSleep.
  • Seeding that was previously done directly in GetStrongRandBytes() is now moved to SeedSlow(), which is indirectly invoked through ProcRand from GetStrongRandBytes().

Partial backport of Core PR14955
https://github.com/bitcoin/bitcoin/pull/14955/commits/9d7032e4f066777c97c58b1394884716e213790a

Depends on D4394

Test Plan:

make check
test_runner.py

Reviewers: deadalnix, Fabien, jasonbcox, O1 Bitcoin ABC, #bitcoin_abc

Reviewed By: Fabien, O1 Bitcoin ABC, #bitcoin_abc

Differential Revision: https://reviews.bitcoinabc.org/D4395

Details

Committed
nakihitoFri, Nov 8, 18:02
Pushed
nakihitoFri, Nov 8, 18:02
Reviewer
Restricted Owners Package
Differential Revision
D4395: Switch all RNG code to the built-in PRNG.
Parents
rABC49ceff8b4b78: Integrate util/system's CInit into RNGState
Branches
Unknown
Tags
Unknown

Event Timeline

Nico Guiton <nico@bitframe.org> committed rABC478736a84541: Switch all RNG code to the built-in PRNG. (authored by Pieter Wuille <pieter.wuille@gmail.com>).Fri, Nov 8, 18:02