[tor/master] Move weakrng into lib/intmath - tor-commits

28 Jun 2018

commit 48ebd9bf76a0e5ff60b88f8906919016de82e819
Author: Nick Mathewson nickm@torproject.org
Date:   Thu Jun 28 11:39:49 2018 -0400
Move weakrng into lib/intmath
---
 src/common/util.c               | 42 ---------------------------------
 src/common/util.h               | 14 -----------
 src/common/workqueue.c          |  1 +
 src/lib/crypt_ops/crypto_rand.c |  1 +
 src/lib/intmath/include.am      |  6 +++--
 src/lib/intmath/weakrng.c       | 51 +++++++++++++++++++++++++++++++++++++++++
 src/lib/intmath/weakrng.h       | 25 ++++++++++++++++++++
 src/or/cpuworker.c              |  2 +-
 src/or/relay.c                  |  3 ++-
 src/test/test_util.c            |  1 +
 src/test/test_workqueue.c       |  1 +
 11 files changed, 87 insertions(+), 60 deletions(-)

diff --git a/src/common/util.c b/src/common/util.c
index 4a26998c1..304101ec0 100644
--- a/src/common/util.c
+++ b/src/common/util.c
@@ -460,48 +460,6 @@ load_windows_system_library(const TCHAR *library_name)
 }
 #endif /* defined(_WIN32) */
-/** Initialize the insecure RNG <b>rng</b> from a seed value <b>seed</b>. */
-void
-tor_init_weak_random(tor_weak_rng_t *rng, unsigned seed)
-{
-  rng->state = (uint32_t)(seed & 0x7fffffff);
-}
-
-/** Return a randomly chosen value in the range 0..TOR_WEAK_RANDOM_MAX based
- * on the RNG state of <b>rng</b>.  This entropy will not be cryptographically
- * strong; do not rely on it for anything an adversary should not be able to
- * predict. */
-int32_t
-tor_weak_random(tor_weak_rng_t *rng)
-{
-  /* Here's a linear congruential generator. OpenBSD and glibc use these
-   * parameters; they aren't too bad, and should have maximal period over the
-   * range 0..INT32_MAX. We don't want to use the platform rand() or random(),
-   * since some platforms have bad weak RNGs that only return values in the
-   * range 0..INT16_MAX, which just isn't enough. */
-  rng->state = (rng->state * 1103515245 + 12345) & 0x7fffffff;
-  return (int32_t) rng->state;
-}
-
-/** Return a random number in the range [0 , <b>top</b>). {That is, the range
- * of integers i such that 0 <= i < top.}  Chooses uniformly.  Requires that
- * top is greater than 0. This randomness is not cryptographically strong; do
- * not rely on it for anything an adversary should not be able to predict. */
-int32_t
-tor_weak_random_range(tor_weak_rng_t *rng, int32_t top)
-{
-  /* We don't want to just do tor_weak_random() % top, since random() is often
-   * implemented with an LCG whose modulus is a power of 2, and those are
-   * cyclic in their low-order bits. */
-  int divisor, result;
-  tor_assert(top > 0);
-  divisor = TOR_WEAK_RANDOM_MAX / top;
-  do {
-    result = (int32_t)(tor_weak_random(rng) / divisor);
-  } while (result >= top);
-  return result;
-}
-
 /** Cast a given double value to a int64_t. Return 0 if number is NaN.
  * Returns either INT64_MIN or INT64_MAX if number is outside of the int64_t
  * range. */
diff --git a/src/common/util.h b/src/common/util.h
index 1967d23e4..7d7544006 100644
--- a/src/common/util.h
+++ b/src/common/util.h
@@ -95,18 +95,4 @@ int64_t tv_to_msec(const struct timeval *tv);
 HANDLE load_windows_system_library(const TCHAR *library_name);
 #endif
-/* ===== Insecure rng */
-typedef struct tor_weak_rng_t {
-  uint32_t state;
-} tor_weak_rng_t;
-
-#define TOR_WEAK_RNG_INIT {383745623}
-#define TOR_WEAK_RANDOM_MAX (INT_MAX)
-void tor_init_weak_random(tor_weak_rng_t *weak_rng, unsigned seed);
-int32_t tor_weak_random(tor_weak_rng_t *weak_rng);
-int32_t tor_weak_random_range(tor_weak_rng_t *rng, int32_t top);
-/** Randomly return true according to <b>rng</b> with probability 1 in
- * <b>n</b> */
-#define tor_weak_random_one_in_n(rng, n) (0==tor_weak_random_range((rng),(n)))
-
 #endif /* !defined(TOR_UTIL_H) */
diff --git a/src/common/workqueue.c b/src/common/workqueue.c
index 4735aadd7..0e8628da9 100644
--- a/src/common/workqueue.c
+++ b/src/common/workqueue.c
@@ -33,6 +33,7 @@
 #include "tor_queue.h"
 #include "lib/net/alertsock.h"
 #include "lib/log/torlog.h"
+#include "lib/intmath/weakrng.h"
#include <event2/event.h>
diff --git a/src/lib/crypt_ops/crypto_rand.c b/src/lib/crypt_ops/crypto_rand.c
index 247a50224..8ac7d3bfe 100644
--- a/src/lib/crypt_ops/crypto_rand.c
+++ b/src/lib/crypt_ops/crypto_rand.c
@@ -30,6 +30,7 @@
 #include "lib/log/torlog.h"
 #include "common/util.h"
 #include "lib/encoding/binascii.h"
+#include "lib/intmath/weakrng.h"
DISABLE_GCC_WARNING(redundant-decls)
 #include <openssl/rand.h>
diff --git a/src/lib/intmath/include.am b/src/lib/intmath/include.am
index 40459d106..1ae5d618d 100644
--- a/src/lib/intmath/include.am
+++ b/src/lib/intmath/include.am
@@ -8,7 +8,8 @@ endif
 src_lib_libtor_intmath_a_SOURCES =			\
    src/lib/intmath/addsub.c			\
    src/lib/intmath/bits.c				\
-	src/lib/intmath/muldiv.c
+	src/lib/intmath/muldiv.c			\
+	src/lib/intmath/weakrng.c
src_lib_libtor_intmath_testing_a_SOURCES = \
    $(src_lib_libtor_intmath_a_SOURCES)
@@ -19,4 +20,5 @@ noinst_HEADERS +=					\
    src/lib/intmath/addsub.h			\
    src/lib/intmath/cmp.h				\
    src/lib/intmath/bits.h				\
-	src/lib/intmath/muldiv.h
+	src/lib/intmath/muldiv.h			\
+	src/lib/intmath/weakrng.h
diff --git a/src/lib/intmath/weakrng.c b/src/lib/intmath/weakrng.c
new file mode 100644
index 000000000..2ecab97cc
--- /dev/null
+++ b/src/lib/intmath/weakrng.c
@@ -0,0 +1,51 @@
+/* Copyright (c) 2003, Roger Dingledine
+ * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
+/* See LICENSE for licensing information */
+
+#include "lib/intmath/weakrng.h"
+#include "lib/err/torerr.h"
+
+#include <stdlib.h>
+
+/** Initialize the insecure RNG <b>rng</b> from a seed value <b>seed</b>. */
+void
+tor_init_weak_random(tor_weak_rng_t *rng, unsigned seed)
+{
+  rng->state = (uint32_t)(seed & 0x7fffffff);
+}
+
+/** Return a randomly chosen value in the range 0..TOR_WEAK_RANDOM_MAX based
+ * on the RNG state of <b>rng</b>.  This entropy will not be cryptographically
+ * strong; do not rely on it for anything an adversary should not be able to
+ * predict. */
+int32_t
+tor_weak_random(tor_weak_rng_t *rng)
+{
+  /* Here's a linear congruential generator. OpenBSD and glibc use these
+   * parameters; they aren't too bad, and should have maximal period over the
+   * range 0..INT32_MAX. We don't want to use the platform rand() or random(),
+   * since some platforms have bad weak RNGs that only return values in the
+   * range 0..INT16_MAX, which just isn't enough. */
+  rng->state = (rng->state * 1103515245 + 12345) & 0x7fffffff;
+  return (int32_t) rng->state;
+}
+
+/** Return a random number in the range [0 , <b>top</b>). {That is, the range
+ * of integers i such that 0 <= i < top.}  Chooses uniformly.  Requires that
+ * top is greater than 0. This randomness is not cryptographically strong; do
+ * not rely on it for anything an adversary should not be able to predict. */
+int32_t
+tor_weak_random_range(tor_weak_rng_t *rng, int32_t top)
+{
+  /* We don't want to just do tor_weak_random() % top, since random() is often
+   * implemented with an LCG whose modulus is a power of 2, and those are
+   * cyclic in their low-order bits. */
+  int divisor, result;
+  raw_assert(top > 0);
+  divisor = TOR_WEAK_RANDOM_MAX / top;
+  do {
+    result = (int32_t)(tor_weak_random(rng) / divisor);
+  } while (result >= top);
+  return result;
+}
diff --git a/src/lib/intmath/weakrng.h b/src/lib/intmath/weakrng.h
new file mode 100644
index 000000000..e5a88b30f
--- /dev/null
+++ b/src/lib/intmath/weakrng.h
@@ -0,0 +1,25 @@
+/* Copyright (c) 2003, Roger Dingledine
+ * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
+/* See LICENSE for licensing information */
+
+#ifndef TOR_WEAKRNG_H
+#define TOR_WEAKRNG_H
+
+#include "lib/cc/torint.h"
+
+/* ===== Insecure rng */
+typedef struct tor_weak_rng_t {
+  uint32_t state;
+} tor_weak_rng_t;
+
+#define TOR_WEAK_RNG_INIT {383745623}
+#define TOR_WEAK_RANDOM_MAX (INT_MAX)
+void tor_init_weak_random(tor_weak_rng_t *weak_rng, unsigned seed);
+int32_t tor_weak_random(tor_weak_rng_t *weak_rng);
+int32_t tor_weak_random_range(tor_weak_rng_t *rng, int32_t top);
+/** Randomly return true according to <b>rng</b> with probability 1 in
+ * <b>n</b> */
+#define tor_weak_random_one_in_n(rng, n) (0==tor_weak_random_range((rng),(n)))
+
+#endif
diff --git a/src/or/cpuworker.c b/src/or/cpuworker.c
index 24a75b16d..675079020 100644
--- a/src/or/cpuworker.c
+++ b/src/or/cpuworker.c
@@ -33,6 +33,7 @@
 #include "common/workqueue.h"
#include "or/or_circuit_st.h"
+#include "lib/intmath/weakrng.h"
static void queue_pending_tasks(void);
@@ -596,4 +597,3 @@ cpuworker_cancel_circ_handshake(or_circuit_t *circ)
     circ->workqueue_entry = NULL;
   }
 }
-
diff --git a/src/or/relay.c b/src/or/relay.c
index 85b5cf7aa..9ff3d96c1 100644
--- a/src/or/relay.c
+++ b/src/or/relay.c
@@ -94,6 +94,8 @@
 #include "or/routerinfo_st.h"
 #include "or/socks_request_st.h"
+#include "lib/intmath/weakrng.h"
+
 static edge_connection_t *relay_lookup_conn(circuit_t *circ, cell_t *cell,
                                             cell_direction_t cell_direction,
                                             crypt_path_t *layer_hint);
@@ -3084,4 +3086,3 @@ circuit_queue_streams_are_blocked(circuit_t *circ)
     return circ->streams_blocked_on_p_chan;
   }
 }
-
diff --git a/src/test/test_util.c b/src/test/test_util.c
index 0c7e794b4..8afd9473e 100644
--- a/src/test/test_util.c
+++ b/src/test/test_util.c
@@ -25,6 +25,7 @@
 #include "lib/process/env.h"
 #include "lib/process/pidfile.h"
 #include "lib/process/subprocess.h"
+#include "lib/intmath/weakrng.h"
#ifdef HAVE_PWD_H
 #include <pwd.h>
diff --git a/src/test/test_workqueue.c b/src/test/test_workqueue.c
index 5cda99b58..dda724b78 100644
--- a/src/test/test_workqueue.c
+++ b/src/test/test_workqueue.c
@@ -11,6 +11,7 @@
 #include "lib/crypt_ops/crypto_rand.h"
 #include "lib/net/alertsock.h"
 #include "common/compat_libevent.h"
+#include "lib/intmath/weakrng.h"
#include <stdio.h>

    