add GetRandBytes() as wrapper for RAND_bytes()

- add a small wrapper in util around RAND_bytes() and replace with
  GetRandBytes() in the code to log errors from calling RAND_bytes()
- remove OpenSSL header rand.h where no longer needed
This commit is contained in:
Philip Kaufmann 2014-06-24 14:27:32 +02:00
parent 2ee918d121
commit 001a53d742
8 changed files with 31 additions and 30 deletions

View File

@ -16,8 +16,6 @@
#include <stdint.h>
#include <vector>
#include <openssl/rand.h>
/** Extended statistics about a CAddress */
class CAddrInfo : public CAddress
{
@ -384,7 +382,7 @@ public:
CAddrMan() : vRandom(0), vvTried(ADDRMAN_TRIED_BUCKET_COUNT, std::vector<int>(0)), vvNew(ADDRMAN_NEW_BUCKET_COUNT, std::set<int>())
{
nKey.resize(32);
RAND_bytes(&nKey[0], 32);
GetRandBytes(&nKey[0], 32);
nIdCount = 0;
nTried = 0;

View File

@ -1,11 +1,11 @@
// Copyright (c) 2009-2013 The Bitcoin developers
// Copyright (c) 2009-2014 The Bitcoin developers
// Distributed under the MIT/X11 software license, see the accompanying
// file COPYING or http://www.opensource.org/licenses/mit-license.php.
#include "key.h"
#include "crypto/sha2.h"
#include <openssl/rand.h>
#include "random.h"
#ifdef USE_SECP256K1
#include <secp256k1.h>
@ -194,7 +194,7 @@ public:
if (d2i_ECPrivateKey(&pkey, &pbegin, privkey.size())) {
if(fSkipCheck)
return true;
// d2i_ECPrivateKey returns true if parsing succeeds.
// This doesn't necessarily mean the key is valid.
if (EC_KEY_check_key(pkey))
@ -412,7 +412,7 @@ bool CKey::CheckSignatureElement(const unsigned char *vch, int len, bool half) {
void CKey::MakeNewKey(bool fCompressedIn) {
do {
RAND_bytes(vch, sizeof(vch));
GetRandBytes(vch, sizeof(vch));
} while (!Check(vch));
fValid = true;
fCompressed = fCompressedIn;
@ -745,5 +745,3 @@ bool ECC_InitSanityCheck() {
return true;
#endif
}

View File

@ -4370,7 +4370,7 @@ bool SendMessages(CNode* pto, bool fSendTrickle)
if (pingSend) {
uint64_t nonce = 0;
while (nonce == 0) {
RAND_bytes((unsigned char*)&nonce, sizeof(nonce));
GetRandBytes((unsigned char*)&nonce, sizeof(nonce));
}
pto->fPingQueued = false;
pto->nPingUsecStart = GetTimeMicros();

View File

@ -546,7 +546,7 @@ void CNode::PushVersion()
int64_t nTime = (fInbound ? GetAdjustedTime() : GetTime());
CAddress addrYou = (addr.IsRoutable() && !IsProxy(addr) ? addr : CAddress(CService("0.0.0.0",0)));
CAddress addrMe = GetLocalAddress(&addr);
RAND_bytes((unsigned char*)&nLocalHostNonce, sizeof(nLocalHostNonce));
GetRandBytes((unsigned char*)&nLocalHostNonce, sizeof(nLocalHostNonce));
if (fLogIPs)
LogPrint("net", "send version message: version %d, blocks=%d, us=%s, them=%s, peer=%d\n", PROTOCOL_VERSION, nBestHeight, addrMe.ToString(), addrYou.ToString(), id);
else
@ -1931,7 +1931,7 @@ bool CAddrDB::Write(const CAddrMan& addr)
{
// Generate random temporary filename
unsigned short randv = 0;
RAND_bytes((unsigned char *)&randv, sizeof(randv));
GetRandBytes((unsigned char*)&randv, sizeof(randv));
std::string tmpfn = strprintf("peers.dat.%04x", randv);
// serialize addresses, checksum data up to that point, then append csum

View File

@ -531,7 +531,7 @@ void StartRPCThreads()
(mapArgs["-rpcuser"] == mapArgs["-rpcpassword"])) && Params().RequireRPCPassword())
{
unsigned char rand_pwd[32];
RAND_bytes(rand_pwd, 32);
GetRandBytes(rand_pwd, 32);
string strWhatAmI = "To use bitcoind";
if (mapArgs.count("-server"))
strWhatAmI = strprintf(_("To use the %s option"), "\"-server\"");

View File

@ -69,6 +69,7 @@
#include <boost/program_options/detail/config_file.hpp>
#include <boost/program_options/parsers.hpp>
#include <openssl/crypto.h>
#include <openssl/err.h>
#include <openssl/rand.h>
// Work around clang compilation problem in Boost 1.46:
@ -141,12 +142,14 @@ public:
}
instance_of_cinit;
bool GetRandBytes(unsigned char *buf, int num)
{
if (RAND_bytes(buf, num) == 0) {
LogPrint("rand", "%s : OpenSSL RAND_bytes() failed with error: %s\n", __func__, ERR_error_string(ERR_get_error(), NULL));
return false;
}
return true;
}
void RandAddSeed()
{
@ -207,9 +210,9 @@ uint64_t GetRand(uint64_t nMax)
// to give every possible output value an equal possibility
uint64_t nRange = (std::numeric_limits<uint64_t>::max() / nMax) * nMax;
uint64_t nRand = 0;
do
RAND_bytes((unsigned char*)&nRand, sizeof(nRand));
while (nRand >= nRange);
do {
GetRandBytes((unsigned char*)&nRand, sizeof(nRand));
} while (nRand >= nRange);
return (nRand % nMax);
}
@ -221,7 +224,7 @@ int GetRandInt(int nMax)
uint256 GetRandHash()
{
uint256 hash;
RAND_bytes((unsigned char*)&hash, sizeof(hash));
GetRandBytes((unsigned char*)&hash, sizeof(hash));
return hash;
}
@ -1196,18 +1199,18 @@ uint32_t insecure_rand_Rz = 11;
uint32_t insecure_rand_Rw = 11;
void seed_insecure_rand(bool fDeterministic)
{
//The seed values have some unlikely fixed points which we avoid.
// The seed values have some unlikely fixed points which we avoid.
if(fDeterministic)
{
insecure_rand_Rz = insecure_rand_Rw = 11;
} else {
uint32_t tmp;
do {
RAND_bytes((unsigned char*)&tmp, 4);
GetRandBytes((unsigned char*)&tmp, 4);
} while(tmp == 0 || tmp == 0x9068ffffU);
insecure_rand_Rz = tmp;
do {
RAND_bytes((unsigned char*)&tmp, 4);
GetRandBytes((unsigned char*)&tmp, 4);
} while(tmp == 0 || tmp == 0x464fffffU);
insecure_rand_Rw = tmp;
}

View File

@ -103,6 +103,7 @@ extern bool fLogTimestamps;
extern bool fLogIPs;
extern volatile bool fReopenDebugLog;
bool GetRandBytes(unsigned char *buf, int num);
void RandAddSeed();
void RandAddSeedPerfmon();
void SetupEnvironment();

View File

@ -12,7 +12,6 @@
#include "timedata.h"
#include <boost/algorithm/string/replace.hpp>
#include <openssl/rand.h>
using namespace std;
@ -384,13 +383,15 @@ bool CWallet::EncryptWallet(const SecureString& strWalletPassphrase)
RandAddSeedPerfmon();
vMasterKey.resize(WALLET_CRYPTO_KEY_SIZE);
RAND_bytes(&vMasterKey[0], WALLET_CRYPTO_KEY_SIZE);
if (!GetRandBytes(&vMasterKey[0], WALLET_CRYPTO_KEY_SIZE))
return false;
CMasterKey kMasterKey;
RandAddSeedPerfmon();
kMasterKey.vchSalt.resize(WALLET_CRYPTO_SALT_SIZE);
RAND_bytes(&kMasterKey.vchSalt[0], WALLET_CRYPTO_SALT_SIZE);
if (!GetRandBytes(&kMasterKey.vchSalt[0], WALLET_CRYPTO_SALT_SIZE))
return false;
CCrypter crypter;
int64_t nStartTime = GetTimeMillis();