1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
|
//
// Copyright 2017 Garrett D'Amore <garrett@damore.org>
//
// This software is supplied under the terms of the MIT License, a
// copy of which should be located in the distribution where this
// file was obtained (LICENSE.txt). A copy of the license may also be
// found online at https://opensource.org/licenses/MIT.
//
#include "core/nng_impl.h"
// This is ISAAC, a (reputedly) cryptographically secure PRNG that is also
// quite efficient. While the particular adjustments to fit in our code
// base are under our copyright, the actual algorithm itself, as well as
// sample implementations, are part of the public domain. See this:
// http://www.burtleburtle.net/bob/c/readable.c
//
// Our changes include making this code thread safe/reentrant, and naming
// and style changes, to fit C99.
typedef struct {
// the rsl is the actual results, and the randcnt is the length
// of the results.
uint32_t randrsl[256];
uint32_t randcnt;
// lock to protect concurrent access
nni_mtx mx;
// more or less internal state
uint32_t mm[256];
uint32_t aa;
uint32_t bb;
uint32_t cc;
} nni_isaac_ctx;
static void
nni_isaac(nni_isaac_ctx *ctx)
{
register uint32_t i, x, y;
ctx->cc++; // cc incremented once per 256 results
ctx->bb += ctx->cc; // then combined with bb
for (i = 0; i < 256; ++i) {
x = ctx->mm[i];
switch (i%4) {
case 0:
ctx->aa ^= (ctx->aa<<13);
break;
case 1:
ctx->aa ^= (ctx->aa>>6);
break;
case 2:
ctx->aa ^= (ctx->aa<<2);
break;
case 3:
ctx->aa ^= (ctx->aa>>16);
break;
}
ctx->aa += ctx->mm[(i+128)%256];
ctx->mm[i] = y = ctx->mm[(x>>2)%256] + ctx->aa + ctx->bb;
ctx->randrsl[i] = ctx->bb = ctx->mm[(y>>10)%256] + x;
// Note that bits 2..9 are chosen from x but 10..17 are chosen
// from y. The only important thing here is that 2..9 and
// 10..17 don't overlap. 2..9 and 10..17 were then chosen
// for speed in the optimized version (rand.c)
// See http://burtleburtle.net/bob/rand/isaac.html
// for further explanations and analysis.
}
}
// if (flag!=0), then use the contents of randrsl[] to initialize mm[].
#define nni_isaac_mix(a, b, c, d, e, f, g, h) \
{ \
a ^= b<<11; d += a; b += c; \
b ^= c>>2; e += b; c += d; \
c ^= d<<8; f += c; d += e; \
d ^= e>>16; g += d; e += f; \
e ^= f<<10; h += e; f += g; \
f ^= g>>4; a += f; g += h; \
g ^= h<<8; b += g; h += a; \
h ^= a>>9; c += h; a += b; \
}
static void
nni_isaac_randinit(nni_isaac_ctx *ctx, int flag)
{
int i;
uint32_t a, b, c, d, e, f, g, h;
ctx->aa = ctx->bb = ctx->cc = 0;
a = b = c = d = e = f = g = h = 0x9e3779b9; // the golden ratio
for (i = 0; i < 4; ++i) { // scramble it
nni_isaac_mix(a, b, c, d, e, f, g, h);
}
for (i = 0; i < 256; i += 8) { // fill in mm[] with messy stuff
if (flag) { // use all the information in the seed
a += ctx->randrsl[i];
b += ctx->randrsl[i+1];
c += ctx->randrsl[i+2];
d += ctx->randrsl[i+3];
e += ctx->randrsl[i+4];
f += ctx->randrsl[i+5];
g += ctx->randrsl[i+6];
h += ctx->randrsl[i+7];
}
nni_isaac_mix(a, b, c, d, e, f, g, h);
ctx->mm[i] = a;
ctx->mm[i+1] = b;
ctx->mm[i+2] = c;
ctx->mm[i+3] = d;
ctx->mm[i+4] = e;
ctx->mm[i+5] = f;
ctx->mm[i+6] = g;
ctx->mm[i+7] = h;
}
if (flag) {
// do a second pass to make all of the seed affect all of mm
for (i = 0; i < 256; i += 8) {
a += ctx->mm[i];
b += ctx->mm[i+1];
c += ctx->mm[i+2];
d += ctx->mm[i+3];
e += ctx->mm[i+4];
f += ctx->mm[i+5];
g += ctx->mm[i+6];
h += ctx->mm[i+7];
nni_isaac_mix(a, b, c, d, e, f, g, h);
ctx->mm[i] = a;
ctx->mm[i+1] = b;
ctx->mm[i+2] = c;
ctx->mm[i+3] = d;
ctx->mm[i+4] = e;
ctx->mm[i+5] = f;
ctx->mm[i+6] = g;
ctx->mm[i+7] = h;
}
}
nni_isaac(ctx); // fill in the first set of results
ctx->randcnt = 256; // prepare to use the first set of results
}
static nni_isaac_ctx nni_random_ctx;
int
nni_random_init(void)
{
// minimally, grab the system clock
nni_isaac_ctx *ctx = &nni_random_ctx;
int rv;
if ((rv = nni_mtx_init(&ctx->mx)) != 0) {
return (rv);
}
nni_plat_seed_prng(ctx->randrsl, sizeof (ctx->randrsl));
nni_isaac_randinit(ctx, 1);
return (0);
}
uint32_t
nni_random(void)
{
uint32_t rv;
nni_isaac_ctx *ctx = &nni_random_ctx;
nni_mtx_lock(&ctx->mx);
if (ctx->randcnt < 1) {
nni_isaac(ctx);
ctx->randcnt = 256;
}
ctx->randcnt--;
rv = ctx->randrsl[ctx->randcnt];
nni_mtx_unlock(&ctx->mx);
return (rv);
}
void
nni_random_fini(void)
{
nni_mtx_fini(&nni_random_ctx.mx);
}
|
