[Qt] seed OpenSSL PNRG with Windows event data #4399
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| @@ -19,6 +22,10 @@ bool WinShutdownMonitor::nativeEventFilter(const QByteArray &eventType, void *pM | |||
|
|
|||
| MSG *pMsg = static_cast<MSG *>(pMessage); | |||
|
|
|||
| // Seed OpenSSL PNRG with Windows event data (e.g. mouse movements and other user interactions) | |||
| if (RAND_event(pMsg->message, pMsg->wParam, pMsg->lParam) == 0) | |||
| LogPrint("rand", "RAND_event : Warning, OpenSSL PRNG has NOT been seeded with enough data.\n"); | |||
There was a problem hiding this comment.
There should be rate limiting on this message (for example log it only once using a static bool flag). I think this is likely to return 0, and generating a message on every windows event is bound to bog down the interface.
There was a problem hiding this comment.
That's a good idea, but it's only visible when using rand category or log everything anyway. I also didn't get a single occurance of that log message during testing yet.
There was a problem hiding this comment.
Right, but there is still overhead to calling this function for every event, even if the message is generated then discarded. This is a very low-level function and performance is important here.
What I'm afraid of are situations like that at some point the entropy pool runs out and suddenly the interface becomes lots slower.
There was a problem hiding this comment.
Added, thanks for your code in #4392 ^^.
|
ACK. Will merge this after rebase. |
- see https://bitcointalk.org/index.php?topic=113496.msg1228193#msg1228193 for the initial suggestion for this - also ensure consistent debug.log message format
|
Rebased... |
|
Automatic sanity-testing: PASSED, see http://jenkins.bluematt.me/pull-tester/p4399_674c070e5d28bdf1e4e631abc157f6ea0b0b1698/ for binaries and test log. |
laanwj
added a commit
that referenced
this pull request
Jul 7, 2014
674c070 [Qt] seed OpenSSL PNRG with Windows event data (Philip Kaufmann)
fanquake
added a commit
to fanquake/bitcoin
that referenced
this pull request
Oct 14, 2019
This removes the code introduced in [bitcoin#4399](bitcoin#4399) that attempts to add additional entroy to the OpenSSL PRNG using Windows messages. Note that this is specific to bitcoin-qt running on Windows. ``` RAND_event() collects the entropy from Windows events such as mouse movements and other user interaction. It should be called with the iMsg, wParam and lParam arguments of all messages sent to the window procedure. It will estimate the entropy contained in the event message (if any), and add it to the PRNG. The program can then process the messages as usual. ``` Besides BIP70, this is the last place we are directly using OpenSSL in the GUI code. All other OpenSSL usage is in random.cpp. Note that we are still also doing Windows specific entropy gathering in multiple other places. Such as [RandAddSeedPerfmon](https://github.com/bitcoin/bitcoin/blob/master/src/random.cpp#L268) and [RAND_screen()](https://github.com/bitcoin/bitcoin/blob/master/src/random.cpp#L600). Also note that if RAND_event returns 0 (PRNG has NOT been seeded with enough data), we're just logging a message and continuing on, which seems less than ideal.
fanquake
added a commit
to fanquake/bitcoin
that referenced
this pull request
Oct 15, 2019
This removes the code introduced in [bitcoin#4399](bitcoin#4399) that attempts to add additional entroy to the OpenSSL PRNG using Windows messages. Note that this is specific to bitcoin-qt running on Windows. ``` RAND_event() collects the entropy from Windows events such as mouse movements and other user interaction. It should be called with the iMsg, wParam and lParam arguments of all messages sent to the window procedure. It will estimate the entropy contained in the event message (if any), and add it to the PRNG. The program can then process the messages as usual. ``` Besides BIP70, this is the last place we are directly using OpenSSL in the GUI code. All other OpenSSL usage is in random.cpp. Note that we are still also doing Windows specific entropy gathering in multiple other places. Such as [RandAddSeedPerfmon](https://github.com/bitcoin/bitcoin/blob/master/src/random.cpp#L268) and [RAND_screen()](https://github.com/bitcoin/bitcoin/blob/master/src/random.cpp#L600). Also note that if RAND_event returns 0 (PRNG has NOT been seeded with enough data), we're just logging a message and continuing on, which seems less than ideal.
fanquake
added a commit
to fanquake/bitcoin
that referenced
this pull request
Oct 15, 2019
This removes the code introduced in [bitcoin#4399](bitcoin#4399) that attempts to add additional entroy to the OpenSSL PRNG using Windows messages. Note that this is specific to bitcoin-qt running on Windows. ``` RAND_event() collects the entropy from Windows events such as mouse movements and other user interaction. It should be called with the iMsg, wParam and lParam arguments of all messages sent to the window procedure. It will estimate the entropy contained in the event message (if any), and add it to the PRNG. The program can then process the messages as usual. ``` Besides BIP70, this is the last place we are directly using OpenSSL in the GUI code. All other OpenSSL usage is in random.cpp. Note that we are still also doing Windows specific entropy gathering in multiple other places. Such as [RandAddSeedPerfmon](https://github.com/bitcoin/bitcoin/blob/master/src/random.cpp#L268) and [RAND_screen()](https://github.com/bitcoin/bitcoin/blob/master/src/random.cpp#L600). Also note that if RAND_event returns 0 (PRNG has NOT been seeded with enough data), we're just logging a message and continuing on, which seems less than ideal.
fanquake
added a commit
to fanquake/bitcoin
that referenced
this pull request
Oct 16, 2019
This removes the code introduced in [bitcoin#4399](bitcoin#4399) that attempts to add additional entroy to the OpenSSL PRNG using Windows messages. Note that this is specific to bitcoin-qt running on Windows. ``` RAND_event() collects the entropy from Windows events such as mouse movements and other user interaction. It should be called with the iMsg, wParam and lParam arguments of all messages sent to the window procedure. It will estimate the entropy contained in the event message (if any), and add it to the PRNG. The program can then process the messages as usual. ``` Besides BIP70, this is the last place we are directly using OpenSSL in the GUI code. All other OpenSSL usage is in random.cpp. Note that we are still also doing Windows specific entropy gathering in multiple other places. Such as [RandAddSeedPerfmon](https://github.com/bitcoin/bitcoin/blob/master/src/random.cpp#L268) and [RAND_screen()](https://github.com/bitcoin/bitcoin/blob/master/src/random.cpp#L600). Also note that if RAND_event returns 0 (PRNG has NOT been seeded with enough data), we're just logging a message and continuing on, which seems less than ideal.
fanquake
added a commit
to fanquake/bitcoin
that referenced
this pull request
Oct 16, 2019
This removes the code introduced in [bitcoin#4399](bitcoin#4399) that attempts to add additional entroy to the OpenSSL PRNG using Windows messages. Note that this is specific to bitcoin-qt running on Windows. ``` RAND_event() collects the entropy from Windows events such as mouse movements and other user interaction. It should be called with the iMsg, wParam and lParam arguments of all messages sent to the window procedure. It will estimate the entropy contained in the event message (if any), and add it to the PRNG. The program can then process the messages as usual. ``` Besides BIP70, this is the last place we are directly using OpenSSL in the GUI code. All other OpenSSL usage is in random.cpp. Note that we are still also doing Windows specific entropy gathering in multiple other places. Such as [RandAddSeedPerfmon](https://github.com/bitcoin/bitcoin/blob/master/src/random.cpp#L268) and [RAND_screen()](https://github.com/bitcoin/bitcoin/blob/master/src/random.cpp#L600). Also note that if RAND_event returns 0 (PRNG has NOT been seeded with enough data), we're just logging a message and continuing on, which seems less than ideal.
fanquake
added a commit
to fanquake/bitcoin
that referenced
this pull request
Oct 17, 2019
This removes the code introduced in [bitcoin#4399](bitcoin#4399) that attempts to add additional entroy to the OpenSSL PRNG using Windows messages. Note that this is specific to bitcoin-qt running on Windows. ``` RAND_event() collects the entropy from Windows events such as mouse movements and other user interaction. It should be called with the iMsg, wParam and lParam arguments of all messages sent to the window procedure. It will estimate the entropy contained in the event message (if any), and add it to the PRNG. The program can then process the messages as usual. ``` Besides BIP70, this is the last place we are directly using OpenSSL in the GUI code. All other OpenSSL usage is in random.cpp. Note that we are still also doing Windows specific entropy gathering in multiple other places. Such as [RandAddSeedPerfmon](https://github.com/bitcoin/bitcoin/blob/master/src/random.cpp#L268) and [RAND_screen()](https://github.com/bitcoin/bitcoin/blob/master/src/random.cpp#L600). Also note that if RAND_event returns 0 (PRNG has NOT been seeded with enough data), we're just logging a message and continuing on, which seems less than ideal.
fanquake
added a commit
to fanquake/bitcoin
that referenced
this pull request
Oct 18, 2019
This removes the code introduced in [bitcoin#4399](bitcoin#4399) that attempts to add additional entroy to the OpenSSL PRNG using Windows messages. Note that this is specific to bitcoin-qt running on Windows. ``` RAND_event() collects the entropy from Windows events such as mouse movements and other user interaction. It should be called with the iMsg, wParam and lParam arguments of all messages sent to the window procedure. It will estimate the entropy contained in the event message (if any), and add it to the PRNG. The program can then process the messages as usual. ``` Besides BIP70, this is the last place we are directly using OpenSSL in the GUI code. All other OpenSSL usage is in random.cpp. Note that we are still also doing Windows specific entropy gathering in multiple other places. Such as [RandAddSeedPerfmon](https://github.com/bitcoin/bitcoin/blob/master/src/random.cpp#L268) and [RAND_screen()](https://github.com/bitcoin/bitcoin/blob/master/src/random.cpp#L600). Also note that if RAND_event returns 0 (PRNG has NOT been seeded with enough data), we're just logging a message and continuing on, which seems less than ideal.
fanquake
added a commit
that referenced
this pull request
Oct 18, 2019
cc3b528 gui: remove OpenSSL PRNG seeding (Windows, Qt only) (fanquake) Pull request description: This removes the code introduced in [#4399](#4399) that attempts to add additional entroy to the OpenSSL PRNG using `RAND_event()`. This is specific to bitcoin-qt running on Windows. ``` RAND_event() collects the entropy from Windows events such as mouse movements and other user interaction. It should be called with the iMsg, wParam and lParam arguments of all messages sent to the window procedure. It will estimate the entropy contained in the event message (if any), and add it to the PRNG. The program can then process the messages as usual. ``` Besides BIP70, this is the last place we are directly using OpenSSL in the GUI code. All other OpenSSL usage is in [random.cpp](https://github.com/bitcoin/bitcoin/blob/master/src/random.cpp). Note that we are still also still doing other Windows specific gathering using [RandAddSeedPerfmon](https://github.com/bitcoin/bitcoin/blob/master/src/random.cpp#L268) and [RAND_screen()](https://github.com/bitcoin/bitcoin/blob/master/src/random.cpp#L600) on top of the other generation we do. Also note that if RAND_event returns `0` here (PRNG has **NOT** been seeded with enough data), we're just logging a single message and continuing, which also seems less than ideal. ACKs for top commit: laanwj: ACK cc3b528 MarcoFalke: unsigned ACK cc3b528 theuni: ACK cc3b528. Tree-SHA512: 0bb18779cf37f6670e3e5ac6a6a38e5f95199491b2684f9e56391c76f030fe1621d6df064239c2a398f228129fdf3f2220fc8cd15b2b92ecf2ea6d98a79b2175
sidhujag
pushed a commit
to syscoin/syscoin
that referenced
this pull request
Oct 21, 2019
cc3b528 gui: remove OpenSSL PRNG seeding (Windows, Qt only) (fanquake) Pull request description: This removes the code introduced in [bitcoin#4399](bitcoin#4399) that attempts to add additional entroy to the OpenSSL PRNG using `RAND_event()`. This is specific to bitcoin-qt running on Windows. ``` RAND_event() collects the entropy from Windows events such as mouse movements and other user interaction. It should be called with the iMsg, wParam and lParam arguments of all messages sent to the window procedure. It will estimate the entropy contained in the event message (if any), and add it to the PRNG. The program can then process the messages as usual. ``` Besides BIP70, this is the last place we are directly using OpenSSL in the GUI code. All other OpenSSL usage is in [random.cpp](https://github.com/bitcoin/bitcoin/blob/master/src/random.cpp). Note that we are still also still doing other Windows specific gathering using [RandAddSeedPerfmon](https://github.com/bitcoin/bitcoin/blob/master/src/random.cpp#L268) and [RAND_screen()](https://github.com/bitcoin/bitcoin/blob/master/src/random.cpp#L600) on top of the other generation we do. Also note that if RAND_event returns `0` here (PRNG has **NOT** been seeded with enough data), we're just logging a single message and continuing, which also seems less than ideal. ACKs for top commit: laanwj: ACK cc3b528 MarcoFalke: unsigned ACK cc3b528 theuni: ACK cc3b528. Tree-SHA512: 0bb18779cf37f6670e3e5ac6a6a38e5f95199491b2684f9e56391c76f030fe1621d6df064239c2a398f228129fdf3f2220fc8cd15b2b92ecf2ea6d98a79b2175
deadalnix
pushed a commit
to Bitcoin-ABC/bitcoin-abc
that referenced
this pull request
May 20, 2020
Summary: ``` This removes the code introduced in [#4399](bitcoin/bitcoin#4399) that attempts to add additional entroy to the OpenSSL PRNG using Windows messages. Note that this is specific to bitcoin-qt running on Windows. RAND_event() collects the entropy from Windows events such as mouse movements and other user interaction. It should be called with the iMsg, wParam and lParam arguments of all messages sent to the window procedure. It will estimate the entropy contained in the event message (if any), and add it to the PRNG. The program can then process the messages as usual. Besides BIP70, this is the last place we are directly using OpenSSL in the GUI code. All other OpenSSL usage is in random.cpp. Note that we are still also doing Windows specific entropy gathering in multiple other places. Such as [RandAddSeedPerfmon](https://github.com/bitcoin/bitcoin/blob/master/src/random.cpp#L268) and [RAND_screen()](https://github.com/bitcoin/bitcoin/blob/master/src/random.cpp#L600). Also note that if RAND_event returns 0 (PRNG has NOT been seeded with enough data), we're just logging a message and continuing on, which seems less than ideal. ``` Backport of core [[bitcoin/bitcoin#17151 | PR17151]]. Test Plan: Run the build-win64 CI build plan. Reviewers: #bitcoin_abc, deadalnix Reviewed By: #bitcoin_abc, deadalnix Differential Revision: https://reviews.bitcoinabc.org/D6156
ftrader
pushed a commit
to bitcoin-cash-node/bitcoin-cash-node
that referenced
this pull request
Aug 17, 2020
Summary: ``` This removes the code introduced in [#4399](bitcoin/bitcoin#4399) that attempts to add additional entroy to the OpenSSL PRNG using Windows messages. Note that this is specific to bitcoin-qt running on Windows. RAND_event() collects the entropy from Windows events such as mouse movements and other user interaction. It should be called with the iMsg, wParam and lParam arguments of all messages sent to the window procedure. It will estimate the entropy contained in the event message (if any), and add it to the PRNG. The program can then process the messages as usual. Besides BIP70, this is the last place we are directly using OpenSSL in the GUI code. All other OpenSSL usage is in random.cpp. Note that we are still also doing Windows specific entropy gathering in multiple other places. Such as [RandAddSeedPerfmon](https://github.com/bitcoin/bitcoin/blob/master/src/random.cpp#L268) and [RAND_screen()](https://github.com/bitcoin/bitcoin/blob/master/src/random.cpp#L600). Also note that if RAND_event returns 0 (PRNG has NOT been seeded with enough data), we're just logging a message and continuing on, which seems less than ideal. ``` Backport of core [[bitcoin/bitcoin#17151 | PR17151]]. Test Plan: Run the build-win64 CI build plan. Reviewers: #bitcoin_abc, deadalnix Reviewed By: #bitcoin_abc, deadalnix Differential Revision: https://reviews.bitcoinabc.org/D6156
silence48
pushed a commit
to FantasyGold/FantasyGold-Core
that referenced
this pull request
Nov 13, 2020
This removes the code introduced in [#4399](bitcoin/bitcoin#4399) that attempts to add additional entroy to the OpenSSL PRNG using Windows messages. Note that this is specific to bitcoin-qt running on Windows. ``` RAND_event() collects the entropy from Windows events such as mouse movements and other user interaction. It should be called with the iMsg, wParam and lParam arguments of all messages sent to the window procedure. It will estimate the entropy contained in the event message (if any), and add it to the PRNG. The program can then process the messages as usual. ``` Besides BIP70, this is the last place we are directly using OpenSSL in the GUI code. All other OpenSSL usage is in random.cpp. Note that we are still also doing Windows specific entropy gathering in multiple other places. Such as [RandAddSeedPerfmon](https://github.com/bitcoin/bitcoin/blob/master/src/random.cpp#L268) and [RAND_screen()](https://github.com/bitcoin/bitcoin/blob/master/src/random.cpp#L600). Also note that if RAND_event returns 0 (PRNG has NOT been seeded with enough data), we're just logging a message and continuing on, which seems less than ideal.
Fuzzbawls
pushed a commit
to Fuzzbawls/PIVX
that referenced
this pull request
Mar 30, 2021
This removes the code introduced in [dashpay#4399](bitcoin#4399) that attempts to add additional entroy to the OpenSSL PRNG using Windows messages. Note that this is specific to bitcoin-qt running on Windows. ``` RAND_event() collects the entropy from Windows events such as mouse movements and other user interaction. It should be called with the iMsg, wParam and lParam arguments of all messages sent to the window procedure. It will estimate the entropy contained in the event message (if any), and add it to the PRNG. The program can then process the messages as usual. ``` Besides BIP70, this is the last place we are directly using OpenSSL in the GUI code. All other OpenSSL usage is in random.cpp. Note that we are still also doing Windows specific entropy gathering in multiple other places. Such as [RandAddSeedPerfmon](https://github.com/bitcoin/bitcoin/blob/master/src/random.cpp#L268) and [RAND_screen()](https://github.com/bitcoin/bitcoin/blob/master/src/random.cpp#L600). Also note that if RAND_event returns 0 (PRNG has NOT been seeded with enough data), we're just logging a message and continuing on, which seems less than ideal.
Fuzzbawls
pushed a commit
to Fuzzbawls/PIVX
that referenced
this pull request
Apr 14, 2021
This removes the code introduced in [dashpay#4399](bitcoin#4399) that attempts to add additional entroy to the OpenSSL PRNG using Windows messages. Note that this is specific to bitcoin-qt running on Windows. ``` RAND_event() collects the entropy from Windows events such as mouse movements and other user interaction. It should be called with the iMsg, wParam and lParam arguments of all messages sent to the window procedure. It will estimate the entropy contained in the event message (if any), and add it to the PRNG. The program can then process the messages as usual. ``` Besides BIP70, this is the last place we are directly using OpenSSL in the GUI code. All other OpenSSL usage is in random.cpp. Note that we are still also doing Windows specific entropy gathering in multiple other places. Such as [RandAddSeedPerfmon](https://github.com/bitcoin/bitcoin/blob/master/src/random.cpp#L268) and [RAND_screen()](https://github.com/bitcoin/bitcoin/blob/master/src/random.cpp#L600). Also note that if RAND_event returns 0 (PRNG has NOT been seeded with enough data), we're just logging a message and continuing on, which seems less than ideal.
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
for the initial suggestion for this