Creating a new RNG and replacing rand().

[ Merge of http://go/wvgerrit/84607 ]
[ Merge of http://go/wvgerrit/84608 ]

The primary goal is to replace the use of `rand()` with the random
number generators provided with the C++11 standard.

This simplified generator wraps some of the technical aspects of the
<random> library and provides an interface for uniformly distributed
integers.

As part of the `rand()` purge in the CDM, all uses of the C random int
function in `core()` have been removed.  Places that previously used
`rand()` now use `CdmRandom` facilities.

Test: Linux unittest and Android unittest
Bug: 130680365
Change-Id: Ica383870536ed462dbb80e630c2d66845e38b937

libwvdrmengine/cdm/util/include/cdm_random.h

@@ -0,0 +1,109 @@
+// Copyright 2019 Google LLC. All Rights Reserved. This file and proprietary
+// source code may only be used and distributed under the Widevine Master
+// License Agreement.
+#ifndef WVCDM_CORE_CDM_RANDOM_H_
+#define WVCDM_CORE_CDM_RANDOM_H_
+
+#include <mutex>
+#include <random>
+#include <string>
+
+namespace wvcdm {
+
+// CdmRandomGenerator is a thread safe, pseudo-random number generator.
+// It's purpose is to simplified interface for C++11's <random> library.
+// Some of the methods use a "device specific" random seed, if the
+// compiler/device does not support device specific randomizers, then the
+// actual value supplied may not be random.
+class CdmRandomGenerator {
+ public:
+  // The maximum number of bytes that can be generated at once for
+  // `RandomData()`.
+  static constexpr size_t kMaxRandomDataLength = 8192;  // 8 kB
+
+  // Initializes the pseudo-random generator with a value from a device
+  // specific random number generator.
+  CdmRandomGenerator();
+
+  // Initializes the pseudo-random generator with the specified seed value.
+  explicit CdmRandomGenerator(unsigned int seed) : generator_(seed) {}
+
+  // All of these methods are thread-safe.
+
+  // Seeds the pseudo-random generator with a value from a device specific
+  // random number generator.
+  void Seed();
+
+  // Seeds the pseudo-random generator with the specified seed value.
+  // This is somewhat similar to `srand()` from the C standard library;
+  // except that the sequence generated from successive calls to `Rand()`
+  // will not necessarily be the same as they would be from the
+  // standard library `rand()`.  This is due to the underlying pseudo-random
+  // generator that is used.
+  void Seed(unsigned int seed);
+
+  // Returns a pseudo-random integer.
+  // This is similar to `rand()` from the C standard library.  The integer
+  // returned is in the range of [0, RAND_MAX].
+  int Rand();
+
+  // Allows for RNG to be callable, this is to make it similar to the
+  // C++11 generator interfaces.
+  int operator()() { return Rand(); }
+
+  // Returns a pseudo-random integer within the provided inclusive range.
+  uint64_t RandomInRange(uint64_t lower, uint64_t upper);
+  uint64_t RandomInRange(uint64_t upper) { return RandomInRange(0, upper); }
+
+  // Returns a byte string containing randomized bytes of the specified
+  // length.
+  // If |length| is greater than |CdmRandomGenerator::kMaxRandomDataLength|,
+  // then an error is logged and an empty string is returned.
+  std::string RandomData(size_t length);
+
+  // Random true/false using Bernoulli distribution of equal probability.
+  bool RandomBool();
+
+ private:
+  // Mutex is used to lock the object, and allowing it to be used
+  // concurrently in different threads.
+  std::mutex generator_lock_;
+
+  // The `default_random_engine` depends on the compiler used and
+  // potentially its version.  This is important to know if you need to
+  // create reproducible tests between platforms.
+  std::default_random_engine generator_;
+};
+
+// Provides a static interface to a process-wide instance of
+// CdmRandomGenerator.
+class CdmRandom {
+ public:
+  static int Rand() { return GetInstance()->Rand(); }
+  static uint64_t RandomInRange(uint64_t lower, uint64_t upper) {
+    return GetInstance()->RandomInRange(lower, upper);
+  }
+  static uint64_t RandomInRange(uint64_t upper) {
+    return GetInstance()->RandomInRange(upper);
+  }
+
+  static std::string RandomData(size_t length) {
+    return GetInstance()->RandomData(length);
+  }
+
+  static bool RandomBool() { return GetInstance()->RandomBool(); }
+
+ private:
+  // These are intended to be used by tests if needed.
+  static void Seed(unsigned int seed) { GetInstance()->Seed(seed); }
+  static void Seed() { GetInstance()->Seed(); }
+
+  // Returns the process-wide instance of CdmRandomGenerator.
+  // It the global instance has not yet been created, then a new instance
+  // is created using a device-specific random seed.
+  static CdmRandomGenerator* GetInstance();
+};
+
+}  // namespace wvcdm
+
+#endif  // WVCDM_CORE_CDM_RANDOM_H_

libwvdrmengine/cdm/util/src/cdm_random.cpp

@@ -0,0 +1,107 @@
+// Copyright 2019 Google LLC. All Rights Reserved. This file and proprietary
+// source code may only be used and distributed under the Widevine Master
+// License Agreement.
+
+#include "cdm_random.h"
+
+#include <stdlib.h>
+
+#include <algorithm>
+
+#include "log.h"
+
+// This type alias is for convenience.
+using CdmRandomLock = std::unique_lock<std::mutex>;
+
+namespace wvcdm {
+
+namespace {
+// More information about C++11's random number generators can be found
+// from the introductory paper https://isocpp.org/files/papers/n3551.pdf
+
+// Attemps to get random data in a device specific manner.  If the device
+// does not support true random data, then a pseudo-random sequence might
+// be used instead.  The exact behaviour depends on the compiler and
+// platform combination.
+unsigned int GetDeviceRandomSeed() {
+  static std::random_device rdev;
+  static std::mutex rdev_mutex;
+  CdmRandomLock rdev_lock(rdev_mutex);
+  return rdev();
+}
+
+}  // namespace
+
+// CdmRandomGenerator.
+
+CdmRandomGenerator::CdmRandomGenerator() : generator_(GetDeviceRandomSeed()) {}
+
+void CdmRandomGenerator::Seed() {
+  CdmRandomLock lock(generator_lock_);
+  generator_.seed(GetDeviceRandomSeed());
+}
+
+void CdmRandomGenerator::Seed(unsigned int s) {
+  CdmRandomLock lock(generator_lock_);
+  generator_.seed(s);
+}
+
+int CdmRandomGenerator::Rand() {
+  CdmRandomLock lock(generator_lock_);
+  std::uniform_int_distribution<int> dist(0, RAND_MAX);
+  return dist(generator_);
+}
+
+uint64_t CdmRandomGenerator::RandomInRange(uint64_t lower, uint64_t upper) {
+  if (lower == upper) {
+    return lower;
+  }
+  CdmRandomLock lock(generator_lock_);
+  if (lower > upper) {
+    LOGW(
+        "Lower bound is larger than upper bound, swapping bounds: "
+        "lower = %llu, upper = %llu",
+        // Casting to insure this will work on 32-bit systems.
+        static_cast<unsigned long long>(lower),
+        static_cast<unsigned long long>(upper));
+    std::swap(lower, upper);
+  }
+  std::uniform_int_distribution<uint64_t> dist(lower, upper);
+  return dist(generator_);
+}
+
+std::string CdmRandomGenerator::RandomData(size_t length) {
+  if (length > kMaxRandomDataLength) {
+    LOGE("Maximum random data length exceeded: length = %zu, max_length = %zu",
+         length, kMaxRandomDataLength);
+    return std::string();
+  }
+  CdmRandomLock lock(generator_lock_);
+  std::uniform_int_distribution<uint8_t> dist;  // Range of [0, 255].
+  std::string random_data(length, '\0');
+  std::generate(random_data.begin(), random_data.end(),
+                [&]() { return dist(generator_); });
+  return random_data;
+}
+
+bool CdmRandomGenerator::RandomBool() {
+  CdmRandomLock lock(generator_lock_);
+  std::bernoulli_distribution dist;  // 50/50.
+  return dist(generator_);
+}
+
+// CdmRandom.
+
+// static
+CdmRandomGenerator* CdmRandom::GetInstance() {
+  static std::mutex g_instance_lock;
+  static CdmRandomGenerator* g_instance = nullptr;
+  CdmRandomLock lock(g_instance_lock);
+  if (g_instance == nullptr) {
+    LOGV("Initalizing CDM random number generator");
+    g_instance = new CdmRandomGenerator(GetDeviceRandomSeed());
+  }
+  return g_instance;
+}
+
+}  // namespace wvcdm

libwvdrmengine/cdm/util/test/cdm_random_unittest.cpp

@@ -0,0 +1,147 @@
+// Copyright 2019 Google LLC. All Rights Reserved. This file and proprietary
+// source code may only be used and distributed under the Widevine Master
+// License Agreement.
+
+#include <stdlib.h>
+
+#include <chrono>
+#include <limits>
+#include <string>
+#include <thread>
+
+#include <gmock/gmock.h>
+#include <gtest/gtest.h>
+
+#include "cdm_random.h"
+
+namespace wvcdm {
+
+namespace {
+// Random data vector lengths.
+constexpr size_t kVectorLength = 1024;
+constexpr size_t kMaxRandomDataLength =
+    CdmRandomGenerator::kMaxRandomDataLength;
+constexpr size_t kAboveMaxRandomDataLength = std::numeric_limits<size_t>::max();
+
+constexpr size_t kRandomTrialCount = 100;
+constexpr size_t kThreadCount = 16;
+constexpr unsigned int kSeeds[] = {0, 1337, 1565904109, 776964657};
+
+class CdmRandomGeneratorTest : public testing::TestWithParam<unsigned int> {};
+}  // namespace
+
+TEST_P(CdmRandomGeneratorTest, AllMethods) {
+  const unsigned int seed = GetParam();
+  CdmRandomGenerator rng;
+  rng.Seed();
+  rng.Seed(seed);
+
+  rng.Rand();
+  rng();
+
+  rng.RandomInRange(1234, 1000000);
+  rng.RandomInRange(1000000);
+
+  rng.RandomData(kVectorLength);
+
+  rng.RandomBool();
+}
+
+TEST_P(CdmRandomGeneratorTest, RandomInRange) {
+  const unsigned int seed = GetParam();
+  CdmRandomGenerator rng(seed);
+
+  for (size_t i = 0; i < kRandomTrialCount; ++i) {
+    const int rand_int = rng.Rand();
+    EXPECT_GE(rand_int, 0);
+    EXPECT_LE(rand_int, RAND_MAX);
+  }
+
+  // Range size of 1.
+  const uint64_t rand_u64_1 = rng.RandomInRange(100, 100);
+  EXPECT_EQ(rand_u64_1, 100ul);
+
+  // Range size of 2.
+  const uint64_t rand_u64_2 = rng.RandomInRange(1234, 1235);
+  EXPECT_GE(rand_u64_2, 1234ul);
+  EXPECT_LE(rand_u64_2, 1235ul);
+
+  // Small range.
+  const uint64_t rand_u64_3 = rng.RandomInRange(10);
+  EXPECT_LE(rand_u64_3, 10ul);
+
+  // Max range, mainly checking that nothing crashes.
+  rng.RandomInRange(0, std::numeric_limits<uint64_t>::max());
+
+  // Invalid range representation.  Should swap the bounds.
+  const uint64_t rand_u64_4 = rng.RandomInRange(1235, 1234);
+  EXPECT_GE(rand_u64_4, 1234ul);
+  EXPECT_LE(rand_u64_4, 1235ul);
+}
+
+TEST_P(CdmRandomGeneratorTest, RandomDataLength) {
+  const unsigned int seed = GetParam();
+  CdmRandomGenerator rng(seed);
+
+  const std::string empty_data = rng.RandomData(0);
+  EXPECT_EQ(empty_data.size(), 0ul);
+
+  const std::string data = rng.RandomData(kVectorLength);
+  EXPECT_EQ(data.size(), kVectorLength);
+
+  const std::string max_data = rng.RandomData(kMaxRandomDataLength);
+  EXPECT_EQ(max_data.size(), kMaxRandomDataLength);
+
+  // Requesting data above the maximum length will result in an error,
+  // returning an empty string.
+  const std::string error_data = rng.RandomData(kAboveMaxRandomDataLength);
+  EXPECT_EQ(error_data.size(), 0ul);
+}
+
+TEST_P(CdmRandomGeneratorTest, Reproducibility) {
+  const unsigned int seed = GetParam();
+  CdmRandomGenerator rng(seed);
+  const std::string random_data_1 = rng.RandomData(kVectorLength);
+  // Reset generator.
+  rng.Seed(seed);
+  const std::string random_data_2 = rng.RandomData(kVectorLength);
+  EXPECT_EQ(random_data_1, random_data_2);
+}
+
+TEST_P(CdmRandomGeneratorTest, ThreadSafety) {
+  const unsigned int seed = GetParam();
+  CdmRandomGenerator rng(seed);
+  bool barrier = true;
+
+  auto thread_job = [&]() {
+    while (barrier) {
+      std::this_thread::sleep_for(std::chrono::microseconds(1));
+    }
+    for (size_t i = 0; i < kRandomTrialCount; ++i) {
+      rng.Rand();
+    }
+  };
+
+  std::vector<std::thread> threads;
+  for (size_t i = 0; i < kThreadCount; ++i) {
+    threads.push_back(std::thread(thread_job));
+  }
+  std::this_thread::sleep_for(std::chrono::microseconds(100));
+  barrier = false;
+  for (auto& thread : threads) {
+    thread.join();
+  }
+}
+
+INSTANTIATE_TEST_CASE_P(VariousSeeds, CdmRandomGeneratorTest,
+                        testing::ValuesIn(kSeeds));
+
+TEST(CdmRandomTest, AllMethods) {
+  CdmRandom::Rand();
+  CdmRandom::RandomInRange(1234, 1000000);
+  CdmRandom::RandomInRange(1000000);
+  CdmRandom::RandomData(kVectorLength);
+  CdmRandom::RandomBool();
+}
+
+}  // namespace wvcdm