Skip to content

Seed insecure_rand during start #8903

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
crowning- wants to merge 1 commit into from
Closed

Seed insecure_rand during start #8903

crowning- wants to merge 1 commit into from

Conversation

@crowning-
Copy link
Contributor

@crowning- crowning- commented Oct 9, 2016

I've noticed that (besides the Bitcoin test-code) insecure_rand() is only properly (=non-deterministic) seeded when a new transaction is created, which might be after it's already used.
Seeding it here should ensure that current and futures usages don't accidentally start with the default seed.

@crowning-
Seed insecure_rand during start
3f6cdac 
I've noticed that (besides the Bitcoin test-code) `insecure_rand()` is only properly (=non-deterministic) seeded when a new transaction is created, which might be _after_ it's already used.
Seeding it here should ensure that current and futures usages don't accidentally start with the default seed.
@JeremyRubin
Copy link
Contributor

JeremyRubin commented Oct 9, 2016

This might be out of scope for what you want to do with this PR, but I think if you're trying to fix initialization to guarantee insecure_rand has good entropy it may also be worth trying to fix the race conditions in insecure_rand (there are a few that I've looked at).

@laanwj
Copy link
Member

laanwj commented Oct 9, 2016
edited
Loading

Not against this change, but I wouldn't suggest doing too much work for insecure_rand:

  • It's called insecure_rand because it shouldn't be used for anything requiring security, it shouldn't matter for its use case if it generates the same sequence every time. If anything does that is a bug.
  • One current goal is to replace replace the OpenSSL PRNG with built-in Fortuna implementation - as Fortuna is so fast it will also be used for insecure_rand, see [WIP] Replace OpenSSL PRNG with built-in Fortuna implementation #5885

@laanwj laanwj mentioned this pull request Oct 13, 2016
Merged
1 task
@laanwj
Copy link
Member

laanwj commented Oct 15, 2016

Closing in favor of #8914

@laanwj laanwj closed this Oct 15, 2016
@crowning- crowning- deleted the patch-1 branch November 9, 2016 13:58
@bitcoin bitcoin locked as resolved and limited conversation to collaborators Sep 8, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@crowning- @JeremyRubin @laanwj