mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-28 13:08:06 +00:00
Code Issues Releases Wiki Activity
28,238 Commits 660 Branches 820 Tags
Commit Graph

19 Commits

Author SHA1 Message Date
Evan Hunt
6ad7acd787 convert random_test 2018-11-14 20:17:04 -08:00
Ondřej Surý
cb6a185c69 Replace custom isc_u?intNN_t types with C99 u?intNN_t types 2018-08-08 09:37:28 +02:00
Ondřej Surý
99ba29bc52 Change isc_random() to be just PRNG, and add isc_nonce_buf() that uses CSPRNG 
This commit reverts the previous change to use system provided
entropy, as (SYS_)getrandom is very slow on Linux because it is
a syscall.

The change introduced in this commit adds a new call isc_nonce_buf
that uses CSPRNG from cryptographic library provider to generate
secure data that can be and must be used for generating nonces.
Example usage would be DNS cookies.

The isc_random() API has been changed to use fast PRNG that is not
cryptographically secure, but runs entirely in user space.  Two
contestants have been considered xoroshiro family of the functions
by Villa&Blackman and PCG by O'Neill.  After a consideration the
xoshiro128starstar function has been used as uint32_t random number
provider because it is very fast and has good enough properties
for our usage pattern.

The other change introduced in the commit is the more extensive usage
of isc_random_uniform in places where the usage pattern was
isc_random() % n to prevent modulo bias.  For usage patterns where
only 16 or 8 bits are needed (DNS Message ID), the isc_random()
functions has been renamed to isc_random32(), and isc_random16() and
isc_random8() functions have been introduced by &-ing the
isc_random32() output with 0xffff and 0xff.  Please note that the
functions that uses stripped down bit count doesn't pass our
NIST SP 800-22 based random test.
 2018-05-29 22:58:21 +02:00
Ondřej Surý
3a4f820d62 Replace all random functions with isc_random, isc_random_buf and isc_random_uniform API. 
The three functions has been modeled after the arc4random family of
functions, and they will always return random bytes.

The isc_random family of functions internally use these CSPRNG (if available):

1. getrandom() libc call (might be available on Linux and Solaris)
2. SYS_getrandom syscall (might be available on Linux, detected at runtime)
3. arc4random(), arc4random_buf() and arc4random_uniform() (available on BSDs and Mac OS X)
4. crypto library function:
4a. RAND_bytes in case OpenSSL
4b. pkcs_C_GenerateRandom() in case PKCS#11 library
 2018-05-16 09:54:35 +02:00
Ondřej Surý
8d3220643c Also test the higher part of the confidence interval 2018-05-03 08:30:31 -04:00
Evan Hunt
9b753aa154 shorten ht_test and random_test 2018-03-09 14:12:50 -08:00
Mark Andrews
b71a1386ed remove deadcode 2018-02-24 17:50:41 -08:00
Ondřej Surý
843d389661 Update license headers to not include years in copyright in all applicable files 2018-02-23 10:12:02 +01:00
Tinderbox User
5fdca0da2f update copyright notice / whitespace 2018-02-01 23:46:26 +00:00
Michał Kępień
a3c2b8831e [master] Silence compiler warnings about comparisons between signed and unsigned integers [RT #46980] 2018-02-01 21:28:47 +01:00
Mark Andrews
9d5a0abe81 4841. [bug] Address -fsanitize=undefined warnings. [RT #46786] 2017-12-06 21:00:14 +11:00
Tinderbox User
e6801bf89e update copyright notice / whitespace 2017-11-06 23:45:48 +00:00
Mukund Sivaraman
7e1df5182c [master] isc_rng_randombytes() 
4807.	[cleanup]	isc_rng_randombytes() returns a specified number of
			bytes from the PRNG; this is now used instead of
			calling isc_rng_random() multiple times. [RT #46230]
 2017-11-06 10:44:37 -08:00
Mark Andrews
0c27b3fe77 4401. [misc] Change LICENSE to MPL 2.0. 2016-06-27 14:56:38 +10:00
Francis Dupont
3759f10fc5 added print.h includes, updated copyrights 2015-05-23 14:21:51 +02:00
Tinderbox User
452a29e62c update copyright notice / whitespace 2015-04-28 23:45:24 +00:00
Mark Andrews
b292230ab8 4110. [bug] Address memory leaks / null pointer dereferences 
on out of memory. [RT #39310]
 2015-04-29 03:16:50 +10:00
Mark Andrews
d8f2dd46cb 4025. [port] bsdi: failed to build. [RT #38047] 2014-12-19 12:06:35 +11:00
Mukund Sivaraman
84dc4b3e7e [35942] Update random number generator to ChaCha based (and add tests) 
Squashed commit of the following:

commit 219a904fea95c74016229b6f4436d4f09de1bfd0
Author: Evan Hunt <each@isc.org>
Date:   Mon Jun 2 12:20:54 2014 -0700

    [rt35942] style

commit 90bc77185e9798af4595989abb8698efef8c70d7
Author: Mukund Sivaraman <muks@isc.org>
Date:   Mon Jun 2 18:01:30 2014 +0530

    Return p-value=0 when prerequisite (monobit) fails

commit 5594669728f1181a447616f60b835e4a043d1b21
Author: Mukund Sivaraman <muks@isc.org>
Date:   Mon Jun 2 17:44:25 2014 +0530

    Print proportion of test sequences passing too

commit 9e94b67a4114651224a8285f7c4a7fb03907f376
Author: Mukund Sivaraman <muks@isc.org>
Date:   Mon Jun 2 17:34:03 2014 +0530

    Check uniform distribution of p-values

commit acf911b32dd84ac1c30c57d8937cfeb6b3ff972f
Author: Mukund Sivaraman <muks@isc.org>
Date:   Mon Jun 2 17:17:39 2014 +0530

    Check proportion of sequences passing a test

commit 7289eb441fc4ec623364ad882e22b240ba8da308
Author: Mukund Sivaraman <muks@isc.org>
Date:   Mon Jun 2 04:33:37 2014 +0530

    Refactor common setup code into random_test()

    No behavioral change is made.

commit 51feef3e08c233d34a6b8b9d25a72d43110b4eed
Author: Mukund Sivaraman <muks@isc.org>
Date:   Sun Jun 1 17:31:57 2014 +0530

    Fix binary rank computation

commit 0ea3c03dea353f309d13c38e26aa0abbffdcff2b
Author: Mukund Sivaraman <muks@isc.org>
Date:   Tue May 27 06:01:10 2014 +0530

    Add binary matrix rank RNG test

commit eb4e7c53540ac97436d94714d30084907eeff01a
Author: Mukund Sivaraman <muks@isc.org>
Date:   Mon May 26 15:45:31 2014 +0530

    Add function to find rank of a binary matrix

commit 1292a06e0e09ebd37d4ecf5337814951dcacc4a4
Author: Evan Hunt <each@isc.org>
Date:   Thu May 29 16:21:51 2014 -0700

    [rt35942] style; check whether we need libm for exp()

commit c19788e5a89235e937a5aedf2ebea50f33406609
Author: Evan Hunt <each@isc.org>
Date:   Thu May 29 15:31:19 2014 -0700

    [rt35942] incidental spelling error fixed

commit c833326ad0df21e2a8b35958e85ccc0a692e38be
Author: Mukund Sivaraman <muks@isc.org>
Date:   Thu May 29 11:34:37 2014 +0530

    Revert "Add function to find rank of a binary matrix"

    This reverts commit 21b2f230e17f7fc638f81d9a34bcb148b0c4a6fb.

    This test will be added in RT#36125.

commit cf786a533d34fdcd9e1c5650356e56d33e93a29f
Author: Mukund Sivaraman <muks@isc.org>
Date:   Thu May 29 11:33:18 2014 +0530

    Revert "Add binary matrix rank RNG test"

    This reverts commit dd843b9ca84fa9af80ec39631152f82778f0b97c.

    This test will be added in RT#36125.

commit dd843b9ca84fa9af80ec39631152f82778f0b97c
Author: Mukund Sivaraman <muks@isc.org>
Date:   Tue May 27 06:01:10 2014 +0530

    Add binary matrix rank RNG test

commit 21b2f230e17f7fc638f81d9a34bcb148b0c4a6fb
Author: Mukund Sivaraman <muks@isc.org>
Date:   Mon May 26 15:45:31 2014 +0530

    Add function to find rank of a binary matrix

commit 313c30088d6ba933bde3abb920f2a6d16b9b77e1
Author: Mukund Sivaraman <muks@isc.org>
Date:   Mon May 26 13:38:44 2014 +0530

    Add block frequency random test

commit 0d279c60ed3eabe52cf3e1435bf14ec62752536f
Author: Mukund Sivaraman <muks@isc.org>
Date:   Mon May 26 13:04:03 2014 +0530

    Add preconditions from NIST spec

commit 7a6c5f2ce5078814d5cf0fea30596e58171174c1
Author: Mukund Sivaraman <muks@isc.org>
Date:   Mon May 26 12:51:03 2014 +0530

    Add functions to use in RNG tests

commit 8c5cb5594f904f6669cdffaa364f799b4a2c6b58
Author: Mukund Sivaraman <muks@isc.org>
Date:   Thu May 22 00:26:10 2014 +0530

    Add runs RNG test

commit 4882f078cc2596c0911066ffb783e4dd145a63ec
Author: Mukund Sivaraman <muks@isc.org>
Date:   Wed May 21 23:58:20 2014 +0530

    Pre-compute bitcounts LUT

commit 896db3809fba2d9884a4a3a2fa847a73e007ad7f
Author: Mukund Sivaraman <muks@isc.org>
Date:   Wed May 21 23:30:23 2014 +0530

    Fix the bit value being checked (this shouldn't affect the test)

commit b932cbb5dae39eb819db29cf9490fb51d59b7c56
Author: Mukund Sivaraman <muks@isc.org>
Date:   Wed May 21 19:35:12 2014 +0530

    Add monobits RNG test

commit 7bef19fd8b095aa567a975ef5c97d5812162d92e
Author: Mukund Sivaraman <muks@isc.org>
Date:   Wed May 21 16:53:02 2014 +0530

    Add API documentation

commit 54483f7feb64b5646dd1da45b1fd396e7d04b926
Author: Mukund Sivaraman <muks@isc.org>
Date:   Wed May 21 16:39:03 2014 +0530

    Rename isc_rngctx_t to isc_rng_t

commit 7c5031b53555137a82c6b6218cd4dd5e95acf94d
Author: Evan Hunt <each@isc.org>
Date:   Tue May 20 23:29:53 2014 -0700

    [rt35942] use attach/detach with isc_rngctx_t

commit 8aabae5e09888e6af651ed27bd6b4e9f76334d55
Author: Mukund Sivaraman <muks@isc.org>
Date:   Tue May 20 18:32:42 2014 +0530

    Move RNG from dispatch.c to libisc

commit e6d4ad4f389998b91d46e95e258cf420cb21d977
Author: Mukund Sivaraman <muks@isc.org>
Date:   Mon May 12 19:16:27 2014 +0530

    Replace old arc4random with new ChaCha implementation from OpenBSD
 2014-06-04 13:44:10 +05:30