2021-12-04 12:23:56 +01:00
|
|
|
|
#include "config.h"
|
2016-01-21 21:11:47 +01:00
|
|
|
|
#include <assert.h>
|
2017-03-02 13:21:49 +01:00
|
|
|
|
#include <ccan/crypto/sha256/sha256.h>
|
2016-06-28 23:19:20 +02:00
|
|
|
|
#include <ccan/crypto/siphash24/siphash24.h>
|
2016-01-21 21:11:47 +01:00
|
|
|
|
#include <ccan/isaac/isaac64.h>
|
|
|
|
|
#include <ccan/likely/likely.h>
|
2023-08-11 05:04:47 +02:00
|
|
|
|
#include <ccan/tal/tal.h>
|
2021-12-04 12:23:56 +01:00
|
|
|
|
#include <common/pseudorand.h>
|
2016-06-28 23:19:20 +02:00
|
|
|
|
#include <sodium/randombytes.h>
|
|
|
|
|
#include <string.h>
|
2016-01-21 21:11:47 +01:00
|
|
|
|
|
|
|
|
|
static struct isaac64_ctx isaac64;
|
2016-06-28 23:19:20 +02:00
|
|
|
|
static struct siphash_seed siphashseed;
|
2016-01-21 21:11:47 +01:00
|
|
|
|
static bool pseudorand_initted = false;
|
|
|
|
|
|
2016-06-28 23:19:20 +02:00
|
|
|
|
static void init_if_needed(void)
|
2016-01-21 21:11:47 +01:00
|
|
|
|
{
|
|
|
|
|
if (unlikely(!pseudorand_initted)) {
|
|
|
|
|
unsigned char seedbuf[16];
|
2017-03-02 13:21:49 +01:00
|
|
|
|
struct sha256 sha;
|
2016-01-21 21:11:47 +01:00
|
|
|
|
|
2016-06-28 23:19:20 +02:00
|
|
|
|
randombytes_buf(seedbuf, sizeof(seedbuf));
|
|
|
|
|
memcpy(&siphashseed, seedbuf, sizeof(siphashseed));
|
2017-03-02 13:21:49 +01:00
|
|
|
|
|
|
|
|
|
/* In case isaac is reversible, don't leak seed. */
|
|
|
|
|
sha256(&sha, seedbuf, sizeof(seedbuf));
|
|
|
|
|
isaac64_init(&isaac64, sha.u.u8, sizeof(sha.u.u8));
|
2016-01-21 21:11:47 +01:00
|
|
|
|
pseudorand_initted = true;
|
|
|
|
|
}
|
2016-06-28 23:19:20 +02:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
uint64_t pseudorand(uint64_t max)
|
|
|
|
|
{
|
|
|
|
|
init_if_needed();
|
|
|
|
|
|
2016-01-21 21:11:47 +01:00
|
|
|
|
assert(max);
|
|
|
|
|
return isaac64_next_uint(&isaac64, max);
|
|
|
|
|
}
|
2016-06-28 23:19:20 +02:00
|
|
|
|
|
2019-02-01 03:36:18 +01:00
|
|
|
|
uint64_t pseudorand_u64(void)
|
|
|
|
|
{
|
|
|
|
|
init_if_needed();
|
|
|
|
|
|
|
|
|
|
return isaac64_next_uint64(&isaac64);
|
|
|
|
|
}
|
|
|
|
|
|
2019-04-16 09:15:21 +02:00
|
|
|
|
double pseudorand_double(void)
|
|
|
|
|
{
|
|
|
|
|
init_if_needed();
|
|
|
|
|
|
|
|
|
|
return isaac64_next_double(&isaac64);
|
|
|
|
|
}
|
|
|
|
|
|
2016-06-28 23:19:20 +02:00
|
|
|
|
const struct siphash_seed *siphash_seed(void)
|
|
|
|
|
{
|
|
|
|
|
init_if_needed();
|
|
|
|
|
|
|
|
|
|
return &siphashseed;
|
|
|
|
|
}
|
2023-08-11 05:04:47 +02:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
void tal_arr_randomize_(void *arr, size_t elemsize)
|
|
|
|
|
{
|
|
|
|
|
/* Easier arith. */
|
|
|
|
|
char *carr = arr;
|
|
|
|
|
size_t n = tal_bytelen(arr) / elemsize;
|
|
|
|
|
|
|
|
|
|
assert(tal_bytelen(arr) % elemsize == 0);
|
|
|
|
|
|
|
|
|
|
/* From Wikipedia's Fischer-Yates shuffle article:
|
|
|
|
|
*
|
|
|
|
|
* for i from 0 to n−2 do
|
|
|
|
|
* j ← random integer such that i ≤ j < n
|
|
|
|
|
* exchange a[i] and a[j]
|
|
|
|
|
*/
|
|
|
|
|
if (n < 2)
|
|
|
|
|
return;
|
|
|
|
|
|
|
|
|
|
for (size_t i = 0; i < n - 1; i++) {
|
|
|
|
|
size_t j = i + pseudorand(n - i);
|
|
|
|
|
char tmp[elemsize];
|
|
|
|
|
|
|
|
|
|
memcpy(tmp, carr + i * elemsize, elemsize);
|
|
|
|
|
memcpy(carr + i * elemsize, carr + j * elemsize, elemsize);
|
|
|
|
|
memcpy(carr + j * elemsize, tmp, elemsize);
|
|
|
|
|
}
|
|
|
|
|
}
|