lbrycrd/src/test/random_tests.cpp

// Copyright (c) 2017 The Bitcoin Core developers
// Distributed under the MIT software license, see the accompanying
// file COPYING or http://www.opensource.org/licenses/mit-license.php.

#include <random.h>

#include <test/test_bitcoin.h>

#include <boost/test/unit_test.hpp>

#include <random>
#include <algorithm>

BOOST_FIXTURE_TEST_SUITE(random_tests, BasicTestingSetup)

BOOST_AUTO_TEST_CASE(osrandom_tests)
{
    BOOST_CHECK(Random_SanityCheck());
}

BOOST_AUTO_TEST_CASE(fastrandom_tests)
{
    // Check that deterministic FastRandomContexts are deterministic
    FastRandomContext ctx1(true);
    FastRandomContext ctx2(true);

    BOOST_CHECK_EQUAL(ctx1.rand32(), ctx2.rand32());
    BOOST_CHECK_EQUAL(ctx1.rand32(), ctx2.rand32());
    BOOST_CHECK_EQUAL(ctx1.rand64(), ctx2.rand64());
    BOOST_CHECK_EQUAL(ctx1.randbits(3), ctx2.randbits(3));
    BOOST_CHECK(ctx1.randbytes(17) == ctx2.randbytes(17));
    BOOST_CHECK(ctx1.rand256() == ctx2.rand256());
    BOOST_CHECK_EQUAL(ctx1.randbits(7), ctx2.randbits(7));
    BOOST_CHECK(ctx1.randbytes(128) == ctx2.randbytes(128));
    BOOST_CHECK_EQUAL(ctx1.rand32(), ctx2.rand32());
    BOOST_CHECK_EQUAL(ctx1.randbits(3), ctx2.randbits(3));
    BOOST_CHECK(ctx1.rand256() == ctx2.rand256());
    BOOST_CHECK(ctx1.randbytes(50) == ctx2.randbytes(50));

    // Check that a nondeterministic ones are not
    FastRandomContext ctx3;
    FastRandomContext ctx4;
    BOOST_CHECK(ctx3.rand64() != ctx4.rand64()); // extremely unlikely to be equal
    BOOST_CHECK(ctx3.rand256() != ctx4.rand256());
    BOOST_CHECK(ctx3.randbytes(7) != ctx4.randbytes(7));
}

BOOST_AUTO_TEST_CASE(fastrandom_randbits)
{
    FastRandomContext ctx1;
    FastRandomContext ctx2;
    for (int bits = 0; bits < 63; ++bits) {
        for (int j = 0; j < 1000; ++j) {
            uint64_t rangebits = ctx1.randbits(bits);
            BOOST_CHECK_EQUAL(rangebits >> bits, 0);
            uint64_t range = ((uint64_t)1) << bits | rangebits;
            uint64_t rand = ctx2.randrange(range);
            BOOST_CHECK(rand < range);
        }
    }
}

/** Does-it-compile test for compatibility with standard C++11 RNG interface. */
BOOST_AUTO_TEST_CASE(stdrandom_test)
{
    FastRandomContext ctx;
    std::uniform_int_distribution<int> distribution(3, 9);
    for (int i = 0; i < 100; ++i) {
        int x = distribution(ctx);
        BOOST_CHECK(x >= 3);
        BOOST_CHECK(x <= 9);

        std::vector<int> test{1,2,3,4,5,6,7,8,9,10};
        std::shuffle(test.begin(), test.end(), ctx);
        for (int j = 1; j <= 10; ++j) {
            BOOST_CHECK(std::find(test.begin(), test.end(), j) != test.end());
        }
    }

}

BOOST_AUTO_TEST_SUITE_END()
util: Specific GetOSRandom for Linux/FreeBSD/OpenBSD These are available in sandboxes without access to files or devices. Also [they are safer and more straightforward](https://en.wikipedia.org/wiki/Entropy-supplying_system_calls) to use than `/dev/urandom` as reading from a file has quite a few edge cases: - Linux: `getrandom(buf, buflen, 0)`. [getrandom(2)](http://man7.org/linux/man-pages/man2/getrandom.2.html) was introduced in version 3.17 of the Linux kernel. - OpenBSD: `getentropy(buf, buflen)`. The [getentropy(2)](http://man.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man2/getentropy.2) function appeared in OpenBSD 5.6. - FreeBSD and NetBSD: `sysctl(KERN_ARND)`. Not sure when this was added but it has existed for quite a while. Alternatives: - Linux has sysctl `CTL_KERN` / `KERN_RANDOM` / `RANDOM_UUID` which gives 16 bytes of randomness. This may be available on older kernels, however [sysctl is deprecated on Linux](https://lwn.net/Articles/605392/) and even removed in some distros so we shouldn't use it. Add tests for `GetOSRand()`: - Test that no error happens (otherwise `RandFailure()` which aborts) - Test that all 32 bytes are overwritten (initialize with zeros, try multiple times) Discussion: - When to use these? Currently they are always used when available. Another option would be to use them only when `/dev/urandom` is not available. But this would mean these code paths receive less testing, and I'm not sure there is any reason to prefer `/dev/urandom`. Closes: #9676 2017-02-21 17:36:37 +01:00			`// Copyright (c) 2017 The Bitcoin Core developers`
			`// Distributed under the MIT software license, see the accompanying`
			`// file COPYING or http://www.opensource.org/licenses/mit-license.php.`

scripted-diff: Replace #include "" with #include <> (ryanofsky) -BEGIN VERIFY SCRIPT- for f in \ src/.cpp \ src/.h \ src/bench/.cpp \ src/bench/.h \ src/compat/.cpp \ src/compat/.h \ src/consensus/.cpp \ src/consensus/.h \ src/crypto/.cpp \ src/crypto/.h \ src/crypto/ctaes/.h \ src/policy/.cpp \ src/policy/.h \ src/primitives/.cpp \ src/primitives/.h \ src/qt/.cpp \ src/qt/.h \ src/qt/test/.cpp \ src/qt/test/.h \ src/rpc/.cpp \ src/rpc/.h \ src/script/.cpp \ src/script/.h \ src/support/.cpp \ src/support/.h \ src/support/allocators/.h \ src/test/.cpp \ src/test/.h \ src/wallet/.cpp \ src/wallet/.h \ src/wallet/test/.cpp \ src/wallet/test/.h \ src/zmq/.cpp \ src/zmq/.h do base=${f%/}/ relbase=${base#src/} sed -i "s:#include \"\(.\)\"\(.*\):if test -e \$base'\\1'; then echo \"#include <\"\$relbase\"\\1>\\2\"; else echo \"#include <\\1>\\2\"; fi:e" $f done -END VERIFY SCRIPT- 2017-11-10 01:57:53 +01:00			`#include <random.h>`
util: Specific GetOSRandom for Linux/FreeBSD/OpenBSD These are available in sandboxes without access to files or devices. Also [they are safer and more straightforward](https://en.wikipedia.org/wiki/Entropy-supplying_system_calls) to use than `/dev/urandom` as reading from a file has quite a few edge cases: - Linux: `getrandom(buf, buflen, 0)`. [getrandom(2)](http://man7.org/linux/man-pages/man2/getrandom.2.html) was introduced in version 3.17 of the Linux kernel. - OpenBSD: `getentropy(buf, buflen)`. The [getentropy(2)](http://man.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man2/getentropy.2) function appeared in OpenBSD 5.6. - FreeBSD and NetBSD: `sysctl(KERN_ARND)`. Not sure when this was added but it has existed for quite a while. Alternatives: - Linux has sysctl `CTL_KERN` / `KERN_RANDOM` / `RANDOM_UUID` which gives 16 bytes of randomness. This may be available on older kernels, however [sysctl is deprecated on Linux](https://lwn.net/Articles/605392/) and even removed in some distros so we shouldn't use it. Add tests for `GetOSRand()`: - Test that no error happens (otherwise `RandFailure()` which aborts) - Test that all 32 bytes are overwritten (initialize with zeros, try multiple times) Discussion: - When to use these? Currently they are always used when available. Another option would be to use them only when `/dev/urandom` is not available. But this would mean these code paths receive less testing, and I'm not sure there is any reason to prefer `/dev/urandom`. Closes: #9676 2017-02-21 17:36:37 +01:00
scripted-diff: Replace #include "" with #include <> (ryanofsky) -BEGIN VERIFY SCRIPT- for f in \ src/.cpp \ src/.h \ src/bench/.cpp \ src/bench/.h \ src/compat/.cpp \ src/compat/.h \ src/consensus/.cpp \ src/consensus/.h \ src/crypto/.cpp \ src/crypto/.h \ src/crypto/ctaes/.h \ src/policy/.cpp \ src/policy/.h \ src/primitives/.cpp \ src/primitives/.h \ src/qt/.cpp \ src/qt/.h \ src/qt/test/.cpp \ src/qt/test/.h \ src/rpc/.cpp \ src/rpc/.h \ src/script/.cpp \ src/script/.h \ src/support/.cpp \ src/support/.h \ src/support/allocators/.h \ src/test/.cpp \ src/test/.h \ src/wallet/.cpp \ src/wallet/.h \ src/wallet/test/.cpp \ src/wallet/test/.h \ src/zmq/.cpp \ src/zmq/.h do base=${f%/}/ relbase=${base#src/} sed -i "s:#include \"\(.\)\"\(.*\):if test -e \$base'\\1'; then echo \"#include <\"\$relbase\"\\1>\\2\"; else echo \"#include <\\1>\\2\"; fi:e" $f done -END VERIFY SCRIPT- 2017-11-10 01:57:53 +01:00			`#include <test/test_bitcoin.h>`
util: Specific GetOSRandom for Linux/FreeBSD/OpenBSD These are available in sandboxes without access to files or devices. Also [they are safer and more straightforward](https://en.wikipedia.org/wiki/Entropy-supplying_system_calls) to use than `/dev/urandom` as reading from a file has quite a few edge cases: - Linux: `getrandom(buf, buflen, 0)`. [getrandom(2)](http://man7.org/linux/man-pages/man2/getrandom.2.html) was introduced in version 3.17 of the Linux kernel. - OpenBSD: `getentropy(buf, buflen)`. The [getentropy(2)](http://man.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man2/getentropy.2) function appeared in OpenBSD 5.6. - FreeBSD and NetBSD: `sysctl(KERN_ARND)`. Not sure when this was added but it has existed for quite a while. Alternatives: - Linux has sysctl `CTL_KERN` / `KERN_RANDOM` / `RANDOM_UUID` which gives 16 bytes of randomness. This may be available on older kernels, however [sysctl is deprecated on Linux](https://lwn.net/Articles/605392/) and even removed in some distros so we shouldn't use it. Add tests for `GetOSRand()`: - Test that no error happens (otherwise `RandFailure()` which aborts) - Test that all 32 bytes are overwritten (initialize with zeros, try multiple times) Discussion: - When to use these? Currently they are always used when available. Another option would be to use them only when `/dev/urandom` is not available. But this would mean these code paths receive less testing, and I'm not sure there is any reason to prefer `/dev/urandom`. Closes: #9676 2017-02-21 17:36:37 +01:00
			`#include <boost/test/unit_test.hpp>`

Make FastRandomContext support standard C++11 RNG interface This makes it possible to plug it into the various standard C++11 random distribution algorithms and other functions like std::shuffle. 2018-03-21 03:10:39 +01:00			`#include <random>`
			`#include <algorithm>`

util: Specific GetOSRandom for Linux/FreeBSD/OpenBSD These are available in sandboxes without access to files or devices. Also [they are safer and more straightforward](https://en.wikipedia.org/wiki/Entropy-supplying_system_calls) to use than `/dev/urandom` as reading from a file has quite a few edge cases: - Linux: `getrandom(buf, buflen, 0)`. [getrandom(2)](http://man7.org/linux/man-pages/man2/getrandom.2.html) was introduced in version 3.17 of the Linux kernel. - OpenBSD: `getentropy(buf, buflen)`. The [getentropy(2)](http://man.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man2/getentropy.2) function appeared in OpenBSD 5.6. - FreeBSD and NetBSD: `sysctl(KERN_ARND)`. Not sure when this was added but it has existed for quite a while. Alternatives: - Linux has sysctl `CTL_KERN` / `KERN_RANDOM` / `RANDOM_UUID` which gives 16 bytes of randomness. This may be available on older kernels, however [sysctl is deprecated on Linux](https://lwn.net/Articles/605392/) and even removed in some distros so we shouldn't use it. Add tests for `GetOSRand()`: - Test that no error happens (otherwise `RandFailure()` which aborts) - Test that all 32 bytes are overwritten (initialize with zeros, try multiple times) Discussion: - When to use these? Currently they are always used when available. Another option would be to use them only when `/dev/urandom` is not available. But this would mean these code paths receive less testing, and I'm not sure there is any reason to prefer `/dev/urandom`. Closes: #9676 2017-02-21 17:36:37 +01:00			`BOOST_FIXTURE_TEST_SUITE(random_tests, BasicTestingSetup)`

			`BOOST_AUTO_TEST_CASE(osrandom_tests)`
			`{`
sanity: Move OS random to sanity check function Move the OS random test to a sanity check function that is called every time bitcoind is initialized. Keep `src/test/random_tests.cpp` for the case that later random tests are added, and keep a rudimentary test that just calls the sanity check. 2017-02-22 08:02:50 +01:00			`BOOST_CHECK(Random_SanityCheck());`
util: Specific GetOSRandom for Linux/FreeBSD/OpenBSD These are available in sandboxes without access to files or devices. Also [they are safer and more straightforward](https://en.wikipedia.org/wiki/Entropy-supplying_system_calls) to use than `/dev/urandom` as reading from a file has quite a few edge cases: - Linux: `getrandom(buf, buflen, 0)`. [getrandom(2)](http://man7.org/linux/man-pages/man2/getrandom.2.html) was introduced in version 3.17 of the Linux kernel. - OpenBSD: `getentropy(buf, buflen)`. The [getentropy(2)](http://man.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man2/getentropy.2) function appeared in OpenBSD 5.6. - FreeBSD and NetBSD: `sysctl(KERN_ARND)`. Not sure when this was added but it has existed for quite a while. Alternatives: - Linux has sysctl `CTL_KERN` / `KERN_RANDOM` / `RANDOM_UUID` which gives 16 bytes of randomness. This may be available on older kernels, however [sysctl is deprecated on Linux](https://lwn.net/Articles/605392/) and even removed in some distros so we shouldn't use it. Add tests for `GetOSRand()`: - Test that no error happens (otherwise `RandFailure()` which aborts) - Test that all 32 bytes are overwritten (initialize with zeros, try multiple times) Discussion: - When to use these? Currently they are always used when available. Another option would be to use them only when `/dev/urandom` is not available. But this would mean these code paths receive less testing, and I'm not sure there is any reason to prefer `/dev/urandom`. Closes: #9676 2017-02-21 17:36:37 +01:00			`}`

Switch FastRandomContext to ChaCha20 2017-02-16 02:45:22 +01:00			`BOOST_AUTO_TEST_CASE(fastrandom_tests)`
			`{`
			`// Check that deterministic FastRandomContexts are deterministic`
			`FastRandomContext ctx1(true);`
			`FastRandomContext ctx2(true);`

			`BOOST_CHECK_EQUAL(ctx1.rand32(), ctx2.rand32());`
			`BOOST_CHECK_EQUAL(ctx1.rand32(), ctx2.rand32());`
			`BOOST_CHECK_EQUAL(ctx1.rand64(), ctx2.rand64());`
			`BOOST_CHECK_EQUAL(ctx1.randbits(3), ctx2.randbits(3));`
Add FastRandomContext::rand256() and ::randbytes() FastRandomContext now provides all functionality that the real Rand* functions provide. 2017-05-02 20:04:31 +02:00			`BOOST_CHECK(ctx1.randbytes(17) == ctx2.randbytes(17));`
			`BOOST_CHECK(ctx1.rand256() == ctx2.rand256());`
Switch FastRandomContext to ChaCha20 2017-02-16 02:45:22 +01:00			`BOOST_CHECK_EQUAL(ctx1.randbits(7), ctx2.randbits(7));`
Add FastRandomContext::rand256() and ::randbytes() FastRandomContext now provides all functionality that the real Rand* functions provide. 2017-05-02 20:04:31 +02:00			`BOOST_CHECK(ctx1.randbytes(128) == ctx2.randbytes(128));`
Switch FastRandomContext to ChaCha20 2017-02-16 02:45:22 +01:00			`BOOST_CHECK_EQUAL(ctx1.rand32(), ctx2.rand32());`
			`BOOST_CHECK_EQUAL(ctx1.randbits(3), ctx2.randbits(3));`
Add FastRandomContext::rand256() and ::randbytes() FastRandomContext now provides all functionality that the real Rand* functions provide. 2017-05-02 20:04:31 +02:00			`BOOST_CHECK(ctx1.rand256() == ctx2.rand256());`
			`BOOST_CHECK(ctx1.randbytes(50) == ctx2.randbytes(50));`
util: Specific GetOSRandom for Linux/FreeBSD/OpenBSD These are available in sandboxes without access to files or devices. Also [they are safer and more straightforward](https://en.wikipedia.org/wiki/Entropy-supplying_system_calls) to use than `/dev/urandom` as reading from a file has quite a few edge cases: - Linux: `getrandom(buf, buflen, 0)`. [getrandom(2)](http://man7.org/linux/man-pages/man2/getrandom.2.html) was introduced in version 3.17 of the Linux kernel. - OpenBSD: `getentropy(buf, buflen)`. The [getentropy(2)](http://man.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man2/getentropy.2) function appeared in OpenBSD 5.6. - FreeBSD and NetBSD: `sysctl(KERN_ARND)`. Not sure when this was added but it has existed for quite a while. Alternatives: - Linux has sysctl `CTL_KERN` / `KERN_RANDOM` / `RANDOM_UUID` which gives 16 bytes of randomness. This may be available on older kernels, however [sysctl is deprecated on Linux](https://lwn.net/Articles/605392/) and even removed in some distros so we shouldn't use it. Add tests for `GetOSRand()`: - Test that no error happens (otherwise `RandFailure()` which aborts) - Test that all 32 bytes are overwritten (initialize with zeros, try multiple times) Discussion: - When to use these? Currently they are always used when available. Another option would be to use them only when `/dev/urandom` is not available. But this would mean these code paths receive less testing, and I'm not sure there is any reason to prefer `/dev/urandom`. Closes: #9676 2017-02-21 17:36:37 +01:00
Switch FastRandomContext to ChaCha20 2017-02-16 02:45:22 +01:00			`// Check that a nondeterministic ones are not`
			`FastRandomContext ctx3;`
			`FastRandomContext ctx4;`
			`BOOST_CHECK(ctx3.rand64() != ctx4.rand64()); // extremely unlikely to be equal`
Add FastRandomContext::rand256() and ::randbytes() FastRandomContext now provides all functionality that the real Rand* functions provide. 2017-05-02 20:04:31 +02:00			`BOOST_CHECK(ctx3.rand256() != ctx4.rand256());`
			`BOOST_CHECK(ctx3.randbytes(7) != ctx4.randbytes(7));`
Switch FastRandomContext to ChaCha20 2017-02-16 02:45:22 +01:00			`}`

Add a FastRandomContext::randrange and use it 2017-02-25 21:16:58 +01:00			`BOOST_AUTO_TEST_CASE(fastrandom_randbits)`
			`{`
			`FastRandomContext ctx1;`
			`FastRandomContext ctx2;`
			`for (int bits = 0; bits < 63; ++bits) {`
			`for (int j = 0; j < 1000; ++j) {`
			`uint64_t rangebits = ctx1.randbits(bits);`
			`BOOST_CHECK_EQUAL(rangebits >> bits, 0);`
			`uint64_t range = ((uint64_t)1) << bits \| rangebits;`
			`uint64_t rand = ctx2.randrange(range);`
			`BOOST_CHECK(rand < range);`
			`}`
			`}`
			`}`

Make FastRandomContext support standard C++11 RNG interface This makes it possible to plug it into the various standard C++11 random distribution algorithms and other functions like std::shuffle. 2018-03-21 03:10:39 +01:00			`/** Does-it-compile test for compatibility with standard C++11 RNG interface. */`
			`BOOST_AUTO_TEST_CASE(stdrandom_test)`
			`{`
			`FastRandomContext ctx;`
			`std::uniform_int_distribution<int> distribution(3, 9);`
			`for (int i = 0; i < 100; ++i) {`
			`int x = distribution(ctx);`
			`BOOST_CHECK(x >= 3);`
			`BOOST_CHECK(x <= 9);`

			`std::vector<int> test{1,2,3,4,5,6,7,8,9,10};`
			`std::shuffle(test.begin(), test.end(), ctx);`
			`for (int j = 1; j <= 10; ++j) {`
			`BOOST_CHECK(std::find(test.begin(), test.end(), j) != test.end());`
			`}`
			`}`

			`}`

Switch FastRandomContext to ChaCha20 2017-02-16 02:45:22 +01:00			`BOOST_AUTO_TEST_SUITE_END()`