refactor: move RNG seeding to testrand

sipa · sipa · commit 49e6630bca5f · 2020-09-18T14:01:15.000-07:00
diff --git a/src/testrand.h b/src/testrand.h
@@ -38,4 +38,10 @@ static void secp256k1_rand_bytes_test(unsigned char *bytes, size_t len);
 /** Flip a single random bit in a byte array */
 static void secp256k1_rand_flip(unsigned char *b, size_t len);
 
+/** Initialize the test RNG using (hex encoded) array up to 16 bytes, or randomly if hexseed is NULL. */
+static void secp256k1_rand_init(const char* hexseed);
+
+/** Print final test information. */
+static void secp256k1_rand_finish(void);
+
 #endif /* SECP256K1_TESTRAND_H */
diff --git a/src/testrand_impl.h b/src/testrand_impl.h
@@ -8,6 +8,7 @@
 #define SECP256K1_TESTRAND_IMPL_H
 
 #include <stdint.h>
+#include <stdio.h>
 #include <string.h>
 
 #include "testrand.h"
@@ -111,4 +112,47 @@ static void secp256k1_rand_flip(unsigned char *b, size_t len) {
     b[secp256k1_rand_int(len)] ^= (1 << secp256k1_rand_int(8));
 }
 
+static void secp256k1_rand_init(const char* hexseed) {
+    unsigned char seed16[16] = {0};
+    if (hexseed) {
+        int pos = 0;
+        while (pos < 16 && hexseed[0] != 0 && hexseed[1] != 0) {
+            unsigned short sh;
+            if ((sscanf(hexseed, "%2hx", &sh)) == 1) {
+                seed16[pos] = sh;
+            } else {
+                break;
+            }
+            hexseed += 2;
+            pos++;
+        }
+    } else {
+        FILE *frand = fopen("/dev/urandom", "r");
+        if ((frand == NULL) || fread(&seed16, 1, sizeof(seed16), frand) != sizeof(seed16)) {
+            uint64_t t = time(NULL) * (uint64_t)1337;
+            fprintf(stderr, "WARNING: could not read 16 bytes from /dev/urandom; falling back to insecure PRNG\n");
+            seed16[0] ^= t;
+            seed16[1] ^= t >> 8;
+            seed16[2] ^= t >> 16;
+            seed16[3] ^= t >> 24;
+            seed16[4] ^= t >> 32;
+            seed16[5] ^= t >> 40;
+            seed16[6] ^= t >> 48;
+            seed16[7] ^= t >> 56;
+        }
+        if (frand) {
+            fclose(frand);
+        }
+    }
+
+    printf("random seed = %02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x\n", seed16[0], seed16[1], seed16[2], seed16[3], seed16[4], seed16[5], seed16[6], seed16[7], seed16[8], seed16[9], seed16[10], seed16[11], seed16[12], seed16[13], seed16[14], seed16[15]);
+    secp256k1_rand_seed(seed16);
+}
+
+static void secp256k1_rand_finish(void) {
+    unsigned char run32[32];
+    secp256k1_rand256(run32);
+    printf("random run = %02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x\n", run32[0], run32[1], run32[2], run32[3], run32[4], run32[5], run32[6], run32[7], run32[8], run32[9], run32[10], run32[11], run32[12], run32[13], run32[14], run32[15]);
+}
+
 #endif /* SECP256K1_TESTRAND_IMPL_H */
diff --git a/src/tests.c b/src/tests.c
@@ -5530,9 +5530,6 @@ void run_cmov_tests(void) {
 }
 
 int main(int argc, char **argv) {
-    unsigned char seed16[16] = {0};
-    unsigned char run32[32] = {0};
-
     /* Disable buffering for stdout to improve reliability of getting
      * diagnostic information. Happens right at the start of main because
      * setbuf must be used before any other operation on the stream. */
@@ -5545,52 +5542,20 @@ int main(int argc, char **argv) {
     if (argc > 1) {
         count = strtol(argv[1], NULL, 0);
     }
+    printf("test count = %i\n", count);
 
     /* find random seed */
-    if (argc > 2) {
-        int pos = 0;
-        const char* ch = argv[2];
-        while (pos < 16 && ch[0] != 0 && ch[1] != 0) {
-            unsigned short sh;
-            if ((sscanf(ch, "%2hx", &sh)) == 1) {
-                seed16[pos] = sh;
-            } else {
-                break;
-            }
-            ch += 2;
-            pos++;
-        }
-    } else {
-        FILE *frand = fopen("/dev/urandom", "r");
-        if ((frand == NULL) || fread(&seed16, 1, sizeof(seed16), frand) != sizeof(seed16)) {
-            uint64_t t = time(NULL) * (uint64_t)1337;
-            fprintf(stderr, "WARNING: could not read 16 bytes from /dev/urandom; falling back to insecure PRNG\n");
-            seed16[0] ^= t;
-            seed16[1] ^= t >> 8;
-            seed16[2] ^= t >> 16;
-            seed16[3] ^= t >> 24;
-            seed16[4] ^= t >> 32;
-            seed16[5] ^= t >> 40;
-            seed16[6] ^= t >> 48;
-            seed16[7] ^= t >> 56;
-        }
-        if (frand) {
-            fclose(frand);
-        }
-    }
-    secp256k1_rand_seed(seed16);
-
-    printf("test count = %i\n", count);
-    printf("random seed = %02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x\n", seed16[0], seed16[1], seed16[2], seed16[3], seed16[4], seed16[5], seed16[6], seed16[7], seed16[8], seed16[9], seed16[10], seed16[11], seed16[12], seed16[13], seed16[14], seed16[15]);
+    secp256k1_rand_init(argc > 2 ? argv[2] : NULL);
 
     /* initialize */
     run_context_tests(0);
     run_context_tests(1);
     run_scratch_tests();
     ctx = secp256k1_context_create(SECP256K1_CONTEXT_SIGN | SECP256K1_CONTEXT_VERIFY);
     if (secp256k1_rand_bits(1)) {
-        secp256k1_rand256(run32);
-        CHECK(secp256k1_context_randomize(ctx, secp256k1_rand_bits(1) ? run32 : NULL));
+        unsigned char rand32[32];
+        secp256k1_rand256(rand32);
+        CHECK(secp256k1_context_randomize(ctx, secp256k1_rand_bits(1) ? rand32 : NULL));
     }
 
     run_rand_bits();
@@ -5678,8 +5643,7 @@ int main(int argc, char **argv) {
 
     run_cmov_tests();
 
-    secp256k1_rand256(run32);
-    printf("random run = %02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x\n", run32[0], run32[1], run32[2], run32[3], run32[4], run32[5], run32[6], run32[7], run32[8], run32[9], run32[10], run32[11], run32[12], run32[13], run32[14], run32[15]);
+    secp256k1_rand_finish();
 
     /* shutdown */
     secp256k1_context_destroy(ctx);
