Merge bitcoin#24213: refactor: use Span in random.*

laanwj · PastaPastaPasta · commit e9f5b4b735d2 · 2024-06-06T22:58:30.000-05:00
3ae7791 refactor: use Span in random.* (pasta) Pull request description: ~This PR does two things~ 1. use a Span<unsigned char> for GetRandBytes and GetStrongRandBytes ~2. make GetRand a template for which any integral type can be used, where the default behavior is to return a random integral up to the max of the integral unless a max is provided. This simplifies a lot of code from `GetRand(std::numeric_limits<uint64_t>::max()` -> `GetRand<uint64_t>()`~ MarcoFalke this was inspired by your comment here: bitcoin#24185 (comment) about using Span, so hopefully I'll be able to get this PR done and merged 😂 ~Also, if requested I could revert the `GetRand(std::numeric_limits<uint64_t>::max()` -> `GetRand<uint64_t>()` related changes if it ends up causing too many conflicts~ ACKs for top commit: laanwj: Thank you! Code review re-ACK 3ae7791 Tree-SHA512: 12375a83b68b288916ba0de81cfcab4aac14389a66a36811ae850427435eb67dd55e47df9ac3ec47db4e214f4330139e548bec815fff8a3f571484ea558dca79
diff --git a/src/addrdb.cpp b/src/addrdb.cpp
@@ -99,7 +99,7 @@ bool SerializeFileDB(const std::string& prefix, const fs::path& path, const Data
 {
     // Generate random temporary filename
     uint16_t randv = 0;
-    GetRandBytes((unsigned char*)&randv, sizeof(randv));
+    GetRandBytes({(unsigned char*)&randv, sizeof(randv)});
     std::string tmpfn = strprintf("%s.%04x", prefix, randv);
 
     // open temp output file, and associate with CAutoFile
diff --git a/src/bls/bls.cpp b/src/bls/bls.cpp
@@ -63,7 +63,7 @@ void CBLSSecretKey::MakeNewKey()
 {
     unsigned char buf[SerSize];
     while (true) {
-        GetStrongRandBytes(buf, sizeof(buf));
+        GetStrongRandBytes({buf, sizeof(buf)});
         try {
             impl = bls::PrivateKey::FromBytes(bls::Bytes(reinterpret_cast<const uint8_t*>(buf), SerSize));
             break;
diff --git a/src/bls/bls_ies.cpp b/src/bls/bls_ies.cpp
@@ -97,7 +97,7 @@ void CBLSIESMultiRecipientBlobs::InitEncrypt(size_t count)
 {
     ephemeralSecretKey.MakeNewKey();
     ephemeralPubKey = ephemeralSecretKey.GetPublicKey();
-    GetStrongRandBytes(ivSeed.begin(), ivSeed.size());
+    GetStrongRandBytes({ivSeed.begin(), ivSeed.size()});
 
     uint256 iv = ivSeed;
     ivVector.resize(count);
diff --git a/src/dbwrapper.cpp b/src/dbwrapper.cpp
@@ -224,7 +224,7 @@ const unsigned int CDBWrapper::OBFUSCATE_KEY_NUM_BYTES = 8;
 std::vector<unsigned char> CDBWrapper::CreateObfuscateKey() const
 {
     std::vector<uint8_t> ret(OBFUSCATE_KEY_NUM_BYTES);
-    GetRandBytes(ret.data(), OBFUSCATE_KEY_NUM_BYTES);
+    GetRandBytes(ret);
     return ret;
 }
 
diff --git a/src/key.cpp b/src/key.cpp
@@ -157,7 +157,7 @@ bool CKey::Check(const unsigned char *vch) {
 
 void CKey::MakeNewKey(bool fCompressedIn) {
     do {
-        GetStrongRandBytes(keydata.data(), keydata.size());
+        GetStrongRandBytes(keydata);
     } while (!Check(keydata.data()));
     fValid = true;
     fCompressed = fCompressedIn;
@@ -242,7 +242,7 @@ bool CKey::VerifyPubKey(const CPubKey& pubkey) const {
     }
     unsigned char rnd[8];
     std::string str = "Bitcoin key verification\n";
-    GetRandBytes(rnd, sizeof(rnd));
+    GetRandBytes(rnd);
     uint256 hash;
     CHash256().Write(MakeUCharSpan(str)).Write(rnd).Finalize(hash);
     std::vector<unsigned char> vchSig;
@@ -406,7 +406,7 @@ void ECC_Start() {
     {
         // Pass in a random blinding seed to the secp256k1 context.
         std::vector<unsigned char, secure_allocator<unsigned char>> vseed(32);
-        GetRandBytes(vseed.data(), 32);
+        GetRandBytes(vseed);
         bool ret = secp256k1_context_randomize(ctx, vseed.data());
         assert(ret);
     }
diff --git a/src/net_processing.cpp b/src/net_processing.cpp
@@ -1247,7 +1247,7 @@ void PeerManagerImpl::PushNodeVersion(CNode& pnode, const Peer& peer)
     CAddress addrMe = CAddress(CService(), nLocalNodeServices);
 
     uint256 mnauthChallenge;
-    GetRandBytes(mnauthChallenge.begin(), mnauthChallenge.size());
+    GetRandBytes({mnauthChallenge.begin(), mnauthChallenge.size()});
     pnode.SetSentMNAuthChallenge(mnauthChallenge);
 
     int nProtocolVersion = PROTOCOL_VERSION;
@@ -5220,7 +5220,7 @@ void PeerManagerImpl::MaybeSendPing(CNode& node_to, Peer& peer, std::chrono::mic
     if (pingSend) {
         uint64_t nonce = 0;
         while (nonce == 0) {
-            GetRandBytes((unsigned char*)&nonce, sizeof(nonce));
+            GetRandBytes({(unsigned char*)&nonce, sizeof(nonce)});
         }
         peer.m_ping_queued = false;
         peer.m_ping_start = now;
diff --git a/src/random.cpp b/src/random.cpp
@@ -17,6 +17,7 @@
 #include <logging.h>  // for LogPrintf()
 #include <randomenv.h>
 #include <support/allocators/secure.h>
+#include <span.h>
 #include <sync.h>     // for Mutex
 #include <util/time.h> // for GetTimeMicros()
 
@@ -582,8 +583,8 @@ static void ProcRand(unsigned char* out, int num, RNGLevel level) noexcept
     }
 }
 
-void GetRandBytes(unsigned char* buf, int num) noexcept { ProcRand(buf, num, RNGLevel::FAST); }
-void GetStrongRandBytes(unsigned char* buf, int num) noexcept { ProcRand(buf, num, RNGLevel::SLOW); }
+void GetRandBytes(Span<unsigned char> bytes) noexcept { ProcRand(bytes.data(), bytes.size(), RNGLevel::FAST); }
+void GetStrongRandBytes(Span<unsigned char> bytes) noexcept { ProcRand(bytes.data(), bytes.size(), RNGLevel::SLOW); }
 void RandAddPeriodic() noexcept { ProcRand(nullptr, 0, RNGLevel::PERIODIC); }
 void RandAddEvent(const uint32_t event_info) noexcept { GetRNGState().AddEvent(event_info); }
 
@@ -602,7 +603,7 @@ int GetRandInt(int nMax) noexcept
 uint256 GetRandHash() noexcept
 {
     uint256 hash;
-    GetRandBytes((unsigned char*)&hash, sizeof(hash));
+    GetRandBytes(hash);
     return hash;
 }
 
diff --git a/src/random.h b/src/random.h
@@ -69,7 +69,7 @@
  *
  * Thread-safe.
  */
-void GetRandBytes(unsigned char* buf, int num) noexcept;
+void GetRandBytes(Span<unsigned char> bytes) noexcept;
 /** Generate a uniform random integer in the range [0..range). Precondition: range > 0 */
 uint64_t GetRand(uint64_t nMax) noexcept;
 /** Generate a uniform random duration in the range [0..max). Precondition: max.count() > 0 */
@@ -98,7 +98,7 @@ bool GetRandBool(double rate);
  *
  * Thread-safe.
  */
-void GetStrongRandBytes(unsigned char* buf, int num) noexcept;
+void GetStrongRandBytes(Span<unsigned char> bytes) noexcept;
 
 /**
  * Gather entropy from various expensive sources, and feed them to the PRNG state.
diff --git a/src/rpc/request.cpp b/src/rpc/request.cpp
@@ -77,7 +77,7 @@ bool GenerateAuthCookie(std::string *cookie_out)
 {
     const size_t COOKIE_SIZE = 32;
     unsigned char rand_pwd[COOKIE_SIZE];
-    GetRandBytes(rand_pwd, COOKIE_SIZE);
+    GetRandBytes(rand_pwd);
     std::string cookie = COOKIEAUTH_USER + ":" + HexStr(rand_pwd);
 
     /** the umask determines what permissions are used to create this file -
diff --git a/src/test/key_tests.cpp b/src/test/key_tests.cpp
@@ -204,7 +204,7 @@ BOOST_AUTO_TEST_CASE(key_key_negation)
     // create a dummy hash for signature comparison
     unsigned char rnd[8];
     std::string str = "Bitcoin key verification\n";
-    GetRandBytes(rnd, sizeof(rnd));
+    GetRandBytes(rnd);
     uint256 hash;
     CHash256().Write(MakeUCharSpan(str)).Write(rnd).Finalize(hash);
 
diff --git a/src/torcontrol.cpp b/src/torcontrol.cpp
@@ -511,7 +511,7 @@ void TorController::protocolinfo_cb(TorControlConnection& _conn, const TorContro
                 // _conn.Command("AUTHENTICATE " + HexStr(status_cookie.second), std::bind(&TorController::auth_cb, this, std::placeholders::_1, std::placeholders::_2));
                 cookie = std::vector<uint8_t>(status_cookie.second.begin(), status_cookie.second.end());
                 clientNonce = std::vector<uint8_t>(TOR_NONCE_SIZE, 0);
-                GetRandBytes(clientNonce.data(), TOR_NONCE_SIZE);
+                GetRandBytes(clientNonce);
                 _conn.Command("AUTHCHALLENGE SAFECOOKIE " + HexStr(clientNonce), std::bind(&TorController::authchallenge_cb, this, std::placeholders::_1, std::placeholders::_2));
             } else {
                 if (status_cookie.first) {
diff --git a/src/util/bytevectorhash.cpp b/src/util/bytevectorhash.cpp
@@ -8,8 +8,8 @@
 
 ByteVectorHash::ByteVectorHash()
 {
-    GetRandBytes(reinterpret_cast<unsigned char*>(&m_k0), sizeof(m_k0));
-    GetRandBytes(reinterpret_cast<unsigned char*>(&m_k1), sizeof(m_k1));
+    GetRandBytes({reinterpret_cast<unsigned char*>(&m_k0), sizeof(m_k0)});
+    GetRandBytes({reinterpret_cast<unsigned char*>(&m_k1), sizeof(m_k1)});
 }
 
 size_t ByteVectorHash::operator()(const std::vector<unsigned char>& input) const
diff --git a/src/wallet/bip39.cpp b/src/wallet/bip39.cpp
@@ -36,7 +36,7 @@ SecureString CMnemonic::Generate(int strength)
         return SecureString();
     }
     SecureVector data(32);
-    GetStrongRandBytes(data.data(), 32);
+    GetStrongRandBytes({data.data(), 32});
     SecureString mnemonic = FromData(data, strength / 8);
     return mnemonic;
 }
diff --git a/src/wallet/test/wallet_crypto_tests.cpp b/src/wallet/test/wallet_crypto_tests.cpp
@@ -93,7 +93,7 @@ BOOST_AUTO_TEST_CASE(passphrase) {
 
     std::string hash(GetRandHash().ToString());
     std::vector<unsigned char> vchSalt(8);
-    GetRandBytes(vchSalt.data(), vchSalt.size());
+    GetRandBytes(vchSalt);
     uint32_t rounds = InsecureRand32();
     if (rounds > 30000)
         rounds = 30000;
diff --git a/src/wallet/wallet.cpp b/src/wallet/wallet.cpp
@@ -616,12 +616,12 @@ bool CWallet::EncryptWallet(const SecureString& strWalletPassphrase)
     CKeyingMaterial _vMasterKey;
 
     _vMasterKey.resize(WALLET_CRYPTO_KEY_SIZE);
-    GetStrongRandBytes(_vMasterKey.data(), WALLET_CRYPTO_KEY_SIZE);
+    GetStrongRandBytes(_vMasterKey);
 
     CMasterKey kMasterKey;
 
     kMasterKey.vchSalt.resize(WALLET_CRYPTO_SALT_SIZE);
-    GetStrongRandBytes(kMasterKey.vchSalt.data(), WALLET_CRYPTO_SALT_SIZE);
+    GetStrongRandBytes(kMasterKey.vchSalt);
 
     CCrypter crypter;
     int64_t nStartTime = GetTimeMillis();

Original file line number	Diff line number	Diff line change
`@@ -99,7 +99,7 @@ bool SerializeFileDB(const std::string& prefix, const fs::path& path, const Data`
`99`	`99`	`{`
`100`	`100`	`// Generate random temporary filename`
`101`	`101`	`uint16_t randv = 0;`
`102`		`- GetRandBytes((unsigned char*)&randv, sizeof(randv));`
	`102`	`+ GetRandBytes({(unsigned char*)&randv, sizeof(randv)});`
`103`	`103`	`std::string tmpfn = strprintf("%s.%04x", prefix, randv);`
`104`	`104`
`105`	`105`	`// open temp output file, and associate with CAutoFile`
Original file line number	Diff line number	Diff line change
`@@ -63,7 +63,7 @@ void CBLSSecretKey::MakeNewKey()`
`63`	`63`	`{`
`64`	`64`	`unsigned char buf[SerSize];`
`65`	`65`	`while (true) {`
`66`		`- GetStrongRandBytes(buf, sizeof(buf));`
	`66`	`+ GetStrongRandBytes({buf, sizeof(buf)});`
`67`	`67`	`try {`
`68`	`68`	`impl = bls::PrivateKey::FromBytes(bls::Bytes(reinterpret_cast<const uint8_t*>(buf), SerSize));`
`69`	`69`	`break;`
Original file line number	Diff line number	Diff line change
`@@ -97,7 +97,7 @@ void CBLSIESMultiRecipientBlobs::InitEncrypt(size_t count)`
`97`	`97`	`{`
`98`	`98`	`ephemeralSecretKey.MakeNewKey();`
`99`	`99`	`ephemeralPubKey = ephemeralSecretKey.GetPublicKey();`
`100`		`- GetStrongRandBytes(ivSeed.begin(), ivSeed.size());`
	`100`	`+ GetStrongRandBytes({ivSeed.begin(), ivSeed.size()});`
`101`	`101`
`102`	`102`	`uint256 iv = ivSeed;`
`103`	`103`	`ivVector.resize(count);`
Original file line number	Diff line number	Diff line change
`@@ -224,7 +224,7 @@ const unsigned int CDBWrapper::OBFUSCATE_KEY_NUM_BYTES = 8;`
`224`	`224`	`std::vector<unsigned char> CDBWrapper::CreateObfuscateKey() const`
`225`	`225`	`{`
`226`	`226`	`std::vector<uint8_t> ret(OBFUSCATE_KEY_NUM_BYTES);`
`227`		`- GetRandBytes(ret.data(), OBFUSCATE_KEY_NUM_BYTES);`
	`227`	`+ GetRandBytes(ret);`
`228`	`228`	`return ret;`
`229`	`229`	`}`
`230`	`230`
Original file line number	Diff line number	Diff line change
`@@ -17,6 +17,7 @@`
`17`	`17`	`#include <logging.h> // for LogPrintf()`
`18`	`18`	`#include <randomenv.h>`
`19`	`19`	`#include <support/allocators/secure.h>`
	`20`	`+#include <span.h>`
`20`	`21`	`#include <sync.h> // for Mutex`
`21`	`22`	`#include <util/time.h> // for GetTimeMicros()`
`22`	`23`
`@@ -582,8 +583,8 @@ static void ProcRand(unsigned char* out, int num, RNGLevel level) noexcept`
`582`	`583`	`}`
`583`	`584`	`}`
`584`	`585`
`585`		`-void GetRandBytes(unsigned char* buf, int num) noexcept { ProcRand(buf, num, RNGLevel::FAST); }`
`586`		`-void GetStrongRandBytes(unsigned char* buf, int num) noexcept { ProcRand(buf, num, RNGLevel::SLOW); }`
	`586`	`+void GetRandBytes(Span<unsigned char> bytes) noexcept { ProcRand(bytes.data(), bytes.size(), RNGLevel::FAST); }`
	`587`	`+void GetStrongRandBytes(Span<unsigned char> bytes) noexcept { ProcRand(bytes.data(), bytes.size(), RNGLevel::SLOW); }`
`587`	`588`	`void RandAddPeriodic() noexcept { ProcRand(nullptr, 0, RNGLevel::PERIODIC); }`
`588`	`589`	`void RandAddEvent(const uint32_t event_info) noexcept { GetRNGState().AddEvent(event_info); }`
`589`	`590`
`@@ -602,7 +603,7 @@ int GetRandInt(int nMax) noexcept`
`602`	`603`	`uint256 GetRandHash() noexcept`
`603`	`604`	`{`
`604`	`605`	`uint256 hash;`
`605`		`- GetRandBytes((unsigned char*)&hash, sizeof(hash));`
	`606`	`+ GetRandBytes(hash);`
`606`	`607`	`return hash;`
`607`	`608`	`}`
`608`	`609`
Original file line number	Diff line number	Diff line change
`@@ -77,7 +77,7 @@ bool GenerateAuthCookie(std::string *cookie_out)`
`77`	`77`	`{`
`78`	`78`	`const size_t COOKIE_SIZE = 32;`
`79`	`79`	`unsigned char rand_pwd[COOKIE_SIZE];`
`80`		`- GetRandBytes(rand_pwd, COOKIE_SIZE);`
	`80`	`+ GetRandBytes(rand_pwd);`
`81`	`81`	`std::string cookie = COOKIEAUTH_USER + ":" + HexStr(rand_pwd);`
`82`	`82`
`83`	`83`	`/** the umask determines what permissions are used to create this file -`