| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
| |
Remove code for older versions and streamline #ifdefs.
Task-number: QTBUG-51673
Change-Id: If456567691538b1a1f452111814c5f9eba401c43
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
This brings us to almost parity with the C++11 Random Engine API
requirements (see chapter 26.5.1.4 [rand.req.eng]). We don't implement
the templated Sseq requirements because it would require moving the
implementation details to the public API. And we don't implement the
<iostreams> code because we don't want to.
Change-Id: Icaa86fc7b54d4b368c0efffd14f05ff813ebd759
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since we don't document how many bytes one needs (it's 2496), it's
difficult for the caller to provide just enough data in the seed
sequence. Moreover, since std::mt19937 doesn't make it easy to provide
the ideal size either, we can't actually write code that operates
optimally given a quint32 range either -- we only provide it via
std::seed_seq, which is inefficient.
However, we can do it internally by passing QRandomGenerator to the
std::mersenne_twister_engine constructor, as it's designed to work.
Change-Id: Icaa86fc7b54d4b368c0efffd14f0613c10998321
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
|
| |
|
|
|
|
|
|
|
| |
Now only QRandomGenerator::system() will access the system-wide RNG,
which we document to be cryptographically-safe and possibly backed by a
true HWRNG. Everything else just wraps a Mersenne Twister.
Change-Id: I0a103569c81b4711a649fffd14ec8cd3469425df
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
| |
Since we're adding a deterministic generator that inherently does not
use syscalls, and people should really use that one by default, there is
no point in optimizing the secure generator wrt syscalls. Besides,
keeping the random data in memory for longer than needed is likely
inadviseable.
Change-Id: Ib17dde1a1dbb49a7bba8fffd14ed0871117fe930
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Right now,this does really nothing. This commit is just to allow us to
transition the other modules (besides qtbase) to use the syntax that
will become the API.
I've marked three places to use the system CSPRNG:
1) the QHash seed
2) QUuid
3) QAuthenticator
I didn't think the HTTP multipart boundary needed to be
cryptographically safe, so I changed that one to the global generator.
Change-Id: Ib17dde1a1dbb49a7bba8fffd14ecf1938bd8ff61
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The previous version was good, just not optimal. Because the input was
an unsigned 64-bit number, compilers needed to generate extra code to
deal with HW instructions that only convert 64-bit signed input. And
that was useless because a double uniformly distributed from 0 to 1 can
only have 53 bits of randomness.
The previous implementation did exactly what the Microsoft libstdc++ and
libc++ implementations do. In my opinion, those implementations have an
imperfect distribution, which is corrected in this commit. In those, all
random input bigger than 0x20000000000000 has a different frequency
compared to input below that mark. For example, both 0x20000000000000
and 0x20000000000001 produce the same result (4.8828125e-4).
What's more, for the libc++ and MSVC implementations, input between
0xfffffffffffff001 and 0xffffffffffffffff results in 1.0 (probability 1
in 2⁵³), even though the Standard is very clear that the result should
be strictly less than 1. GCC 7's libstdc++ doesn't have this issue,
whereas the versions before would enter an infinite loop.
Change-Id: Ib17dde1a1dbb49a7bba8fffd14eced3c375dd2ec
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
|
| |
|
|
|
|
|
|
|
| |
Error out if it's missing or broken (Mersenne Twister not present).
This ensures that we never have a low-quality random generator in Qt.
Change-Id: I0a103569c81b4711a649fffd14ec80649df7087e
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
"generate" is better than "get", and we already have "generate(it, it)"
which uses std::generate(). This changes:
- get32() → generate()
- get64() → generate64() and QRandomGenerator64::generate()
- getReal() → generateDouble()
Change-Id: I6e1fe42ae4b742a7b811fffd14e5d7bd69abcdb3
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
| |
Found while working on suppressing the warning about the return value
(which is either 0 or -1) was being ignored.
Task-number: QTBUG-61968
Change-Id: I02d22222fff64d4dbda4fffd14d148b1724547ca
Reviewed-by: Florian Bruhin <qt-project.org@the-compiler.org>
Reviewed-by: Oswald Buddenhagen <oswald.buddenhagen@qt.io>
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The getentropy function, first found in OpenBSD, is present in glibc
since version 2.25 and Bionic since Android 6.0 and NDK r11. It uses the
Linux 3.17 getrandom system call. Unlike glibc's getrandom() wrapper,
the glibc implementation of getentropy() function is not a POSIX thread
cancellation point, so we prefer to use that even though we have to
break the reading into 256-byte blocks.
The big advantage is that these functions work even in the absence of a
/dev/urandom device node, in addition to a few cycles shaved off by not
having to open a file descriptor and close it at exit. What's more, the
glibc implementation blocks until entropy is available on early boot, so
we don't have to worry about a failure mode. The Bionic implementation
will fall back by itself to /dev/urandom and, failing that, gathering
entropy from elsewhere in the system in a way it cannot fail either.
uClibc has a wrapper to getrandom(2) but no getentropy(3). MUSL has
neither.
Change-Id: Ia53158e207a94bf49489fffd14c8cee1b968a619
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
GCC didn't support it until version 5 or 6, so add configure tests for
both <random> and <sys/auxv.h>. Normally I'd say "upgrade", but this is
too low-level and important a feature.
There's a good chance that all our supported compilers have <random>
anyway. As for <sys/auxv.h>, it's present on Glibc, Bionic and MUSL, but
I don't see it in uClibc (AT_RANDOM is a Linux-specific feature).
Change-Id: Ia3e896da908f42939148fffd14c5b2af491f7a77
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
|
|
|
This class provides a reasonably-secure random number generator that
does not need seeding. That is quite unlike qrand(), which requires a
seed and is low-quality (definitely not secure).
This class is also like std::random_device, but better. It provides an
operator() like std::random_device, but unlike that, it also provides a
way to fill a buffer with random data, not just one 32-bit quantity.
It's also stateless.
Finally, it also implements std::seed_seq-like generate(). It obeys the
standard requirement of the range (32-bit) but not that of the algorithm
(if you wanted that, you'd use std::seed_seq itself). Instead,
generate() fills with pure random data.
Change-Id: Icd0e0d4b27cb4e5eb892fffd14b4e3ba9ea04da8
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
|
