vikarti.anatra/safing-portbase
1
0
Fork 0
mirror of https://github.com/safing/portbase synced 2025-09-02 18:50:14 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Add Number func to random pkg

Browse source
This commit is contained in:
Daniel 2019-05-06 10:36:46 +02:00
parent e97504dfba
commit 207844cb12
4 changed files with 61 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
crypto/random/entropy_test.go
View file

@ -6,7 +6,6 @@ import (
) )
func TestFeeder(t *testing.T) { func TestFeeder(t *testing.T) {
// wait for start / first round to complete // wait for start / first round to complete
time.Sleep(1 * time.Millisecond) time.Sleep(1 * time.Millisecond)

28
crypto/random/get.go
View file

@ -1,8 +1,10 @@
package random package random
import ( import (
"encoding/binary"
"errors" "errors"
"io" "io"
"math"
"time" "time"
"github.com/Safing/portbase/config" "github.com/Safing/portbase/config"
@ -13,10 +15,10 @@ var (
Reader io.Reader Reader io.Reader
rngBytesRead int64 rngBytesRead int64
rngLastFeed = time.Now() rngLastFeed = time.Now()
reseedAfterSeconds config.IntOption reseedAfterSeconds config.IntOption
reseedAfterBytes config.IntOption reseedAfterBytes config.IntOption
) )
// reader provides an io.Reader interface // reader provides an io.Reader interface
@ -53,13 +55,13 @@ func checkEntropy() (err error) {
return errors.New("RNG is not ready yet") return errors.New("RNG is not ready yet")
} }
if rngBytesRead > reseedAfterBytes() || if rngBytesRead > reseedAfterBytes() ||
int64(time.Now().Sub(rngLastFeed).Seconds()) > reseedAfterSeconds() { int64(time.Now().Sub(rngLastFeed).Seconds()) > reseedAfterSeconds() {
select { select {
case r := <-rngFeeder: case r := <-rngFeeder:
rng.Reseed(r) rng.Reseed(r)
rngBytesRead = 0 rngBytesRead = 0
rngLastFeed = time.Now() rngLastFeed = time.Now()
case <-time.After(1*time.Second): case <-time.After(1 * time.Second):
return errors.New("failed to get new entropy") return errors.New("failed to get new entropy")
} }
} }
@ -94,3 +96,21 @@ func Bytes(n int) ([]byte, error) {
return rng.PseudoRandomData(uint(n)), nil return rng.PseudoRandomData(uint(n)), nil
} }
// Number returns a random number from 0 to (incl.) max.
func Number(max uint64) (uint64, error) {
secureLimit := math.MaxUint64 - (math.MaxUint64 % max)
max++
for {
randomBytes, err := Bytes(8)
if err != nil {
return 0, err
}
candidate := binary.LittleEndian.Uint64(randomBytes)
if candidate < secureLimit {
return candidate % max, nil
}
}
}

35
crypto/random/get_test.go Normal file
View file

@ -0,0 +1,35 @@
package random
import (
"testing"
)
func TestNumberRandomness(t *testing.T) {
if testing.Short() {
t.Skip()
}
var subjects uint64 = 10
var testSize uint64 = 10000
results := make([]uint64, int(subjects))
for i := 0; i < int(subjects*testSize); i++ {
n, err := Number(subjects - 1)
if err != nil {
t.Fatal(err)
return
}
results[int(n)]++
}
// catch big mistakes in the number function, eg. massive % bias
lowerMargin := testSize - testSize/50
upperMargin := testSize + testSize/50
for subject, result := range results {
if result < lowerMargin || result > upperMargin {
t.Errorf("subject %d is outside of margins: %d", subject, result)
}
}
t.Fatal(results)
}

4
crypto/random/rng_test.go
View file

@ -19,14 +19,14 @@ func TestRNG(t *testing.T) {
if err != nil { if err != nil {
t.Errorf("failed to create aes cipher: %s", err) t.Errorf("failed to create aes cipher: %s", err)
} }
rng.Reseed(key) rng.Reseed(key)
config.SetConfigOption("random.rng_cipher", "serpent") config.SetConfigOption("random.rng_cipher", "serpent")
_, err = newCipher(key) _, err = newCipher(key)
if err != nil { if err != nil {
t.Errorf("failed to create serpent cipher: %s", err) t.Errorf("failed to create serpent cipher: %s", err)
} }
rng.Reseed(key) rng.Reseed(key)
b := make([]byte, 32) b := make([]byte, 32)
_, err = Read(b) _, err = Read(b)