| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Right now,this does really nothing. This commit is just to allow us to
transition the other modules (besides qtbase) to use the syntax that
will become the API.
I've marked three places to use the system CSPRNG:
1) the QHash seed
2) QUuid
3) QAuthenticator
I didn't think the HTTP multipart boundary needed to be
cryptographically safe, so I changed that one to the global generator.
Change-Id: Ib17dde1a1dbb49a7bba8fffd14ecf1938bd8ff61
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The previous version was good, just not optimal. Because the input was
an unsigned 64-bit number, compilers needed to generate extra code to
deal with HW instructions that only convert 64-bit signed input. And
that was useless because a double uniformly distributed from 0 to 1 can
only have 53 bits of randomness.
The previous implementation did exactly what the Microsoft libstdc++ and
libc++ implementations do. In my opinion, those implementations have an
imperfect distribution, which is corrected in this commit. In those, all
random input bigger than 0x20000000000000 has a different frequency
compared to input below that mark. For example, both 0x20000000000000
and 0x20000000000001 produce the same result (4.8828125e-4).
What's more, for the libc++ and MSVC implementations, input between
0xfffffffffffff001 and 0xffffffffffffffff results in 1.0 (probability 1
in 2⁵³), even though the Standard is very clear that the result should
be strictly less than 1. GCC 7's libstdc++ doesn't have this issue,
whereas the versions before would enter an infinite loop.
Change-Id: Ib17dde1a1dbb49a7bba8fffd14eced3c375dd2ec
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
| |
"generate" is better than "get", and we already have "generate(it, it)"
which uses std::generate(). This changes:
- get32() → generate()
- get64() → generate64() and QRandomGenerator64::generate()
- getReal() → generateDouble()
Change-Id: I6e1fe42ae4b742a7b811fffd14e5d7bd69abcdb3
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
|
|
This class provides a reasonably-secure random number generator that
does not need seeding. That is quite unlike qrand(), which requires a
seed and is low-quality (definitely not secure).
This class is also like std::random_device, but better. It provides an
operator() like std::random_device, but unlike that, it also provides a
way to fill a buffer with random data, not just one 32-bit quantity.
It's also stateless.
Finally, it also implements std::seed_seq-like generate(). It obeys the
standard requirement of the range (32-bit) but not that of the algorithm
(if you wanted that, you'd use std::seed_seq itself). Instead,
generate() fills with pure random data.
Change-Id: Icd0e0d4b27cb4e5eb892fffd14b4e3ba9ea04da8
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
|