Tor  0.4.7.0-alpha-dev
weakrng.c
Go to the documentation of this file.
1 /* Copyright (c) 2003, Roger Dingledine
2  * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
3  * Copyright (c) 2007-2021, The Tor Project, Inc. */
4 /* See LICENSE for licensing information */
5 
6 /**
7  * \file weakrng.c
8  *
9  * \brief A weak but fast PRNG based on a linear congruential generator.
10  *
11  * We don't want to use the platform random(), since some of them are even
12  * worse than this.
13  **/
14 
15 #include "lib/intmath/weakrng.h"
16 #include "lib/err/torerr.h"
17 
18 #include <stdlib.h>
19 
20 /** Initialize the insecure RNG <b>rng</b> from a seed value <b>seed</b>. */
21 void
22 tor_init_weak_random(tor_weak_rng_t *rng, unsigned seed)
23 {
24  rng->state = (uint32_t)(seed & 0x7fffffff);
25 }
26 
27 /** Return a randomly chosen value in the range 0..TOR_WEAK_RANDOM_MAX based
28  * on the RNG state of <b>rng</b>. This entropy will not be cryptographically
29  * strong; do not rely on it for anything an adversary should not be able to
30  * predict. */
31 int32_t
32 tor_weak_random(tor_weak_rng_t *rng)
33 {
34  /* Here's a linear congruential generator. OpenBSD and glibc use these
35  * parameters; they aren't too bad, and should have maximal period over the
36  * range 0..INT32_MAX. We don't want to use the platform rand() or random(),
37  * since some platforms have bad weak RNGs that only return values in the
38  * range 0..INT16_MAX, which just isn't enough. */
39  rng->state = (rng->state * 1103515245 + 12345) & 0x7fffffff;
40  return (int32_t) rng->state;
41 }
42 
43 /** Return a random number in the range [0 , <b>top</b>). {That is, the range
44  * of integers i such that 0 <= i < top.} Chooses uniformly. Requires that
45  * top is greater than 0. This randomness is not cryptographically strong; do
46  * not rely on it for anything an adversary should not be able to predict. */
47 int32_t
48 tor_weak_random_range(tor_weak_rng_t *rng, int32_t top)
49 {
50  /* We don't want to just do tor_weak_random() % top, since random() is often
51  * implemented with an LCG whose modulus is a power of 2, and those are
52  * cyclic in their low-order bits. */
53  int divisor, result;
54  raw_assert(top > 0);
55  divisor = TOR_WEAK_RANDOM_MAX / top;
56  do {
57  result = (int32_t)(tor_weak_random(rng) / divisor);
58  } while (result >= top);
59  return result;
60 }
tor_weak_rng_t
Definition: weakrng.h:18
torerr.h
Headers for torerr.c.
tor_weak_random
int32_t tor_weak_random(tor_weak_rng_t *rng)
Definition: weakrng.c:32
tor_init_weak_random
void tor_init_weak_random(tor_weak_rng_t *rng, unsigned seed)
Definition: weakrng.c:22
tor_weak_random_range
int32_t tor_weak_random_range(tor_weak_rng_t *rng, int32_t top)
Definition: weakrng.c:48
weakrng.h
Header for weakrng.c.
Generated by doxygen 1.9.1