Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / python / cpython3 / 2247e5c48c71e76e44218bfab29129ce0462760c / . / Python / random.c
blob: c8e844ee678da131a94ec42fe53f83fe5f4fad17 [file] [log] [blame]
Georg Brandl2daf6ae2012-02-20 19:54:16 +0100[diff] [blame]1#include "Python.h"
2#ifdef MS_WINDOWS
Victor Stinner59f7fb22015-03-18 14:39:33 +0100[diff] [blame]3# include <windows.h>
Georg Brandl2daf6ae2012-02-20 19:54:16 +0100[diff] [blame]4#else
Victor Stinner59f7fb22015-03-18 14:39:33 +0100[diff] [blame]5# include <fcntl.h>
6# ifdef HAVE_SYS_STAT_H
7# include <sys/stat.h>
8# endif
Victor Stinnerdddf4842016-06-07 11:21:42 +0200[diff] [blame]9# ifdef HAVE_LINUX_RANDOM_H
10# include <linux/random.h>
11# endif
Victor Stinnerbae2d622015-10-01 09:47:30 +0200[diff] [blame]12# ifdef HAVE_GETRANDOM
13# include <sys/random.h>
14# elif defined(HAVE_GETRANDOM_SYSCALL)
Victor Stinner59f7fb22015-03-18 14:39:33 +0100[diff] [blame]15# include <sys/syscall.h>
Victor Stinner59f7fb22015-03-18 14:39:33 +0100[diff] [blame]16# endif
Georg Brandl2daf6ae2012-02-20 19:54:16 +0100[diff] [blame]17#endif
18
Benjamin Peterson69e97272012-02-21 11:08:50 -0500[diff] [blame]19#ifdef Py_DEBUG
20int _Py_HashSecret_Initialized = 0;
21#else
22static int _Py_HashSecret_Initialized = 0;
23#endif
Georg Brandl2daf6ae2012-02-20 19:54:16 +0100[diff] [blame]24
25#ifdef MS_WINDOWS
Georg Brandl2daf6ae2012-02-20 19:54:16 +0100[diff] [blame]26static HCRYPTPROV hCryptProv = 0;
27
28static int
29win32_urandom_init(int raise)
30{
Georg Brandl2daf6ae2012-02-20 19:54:16 +0100[diff] [blame]31 /* Acquire context */
Martin v. Löwis3f50bf62013-01-25 14:06:18 +0100[diff] [blame]32 if (!CryptAcquireContext(&hCryptProv, NULL, NULL,
33 PROV_RSA_FULL, CRYPT_VERIFYCONTEXT))
Georg Brandl2daf6ae2012-02-20 19:54:16 +0100[diff] [blame]34 goto error;
35
36 return 0;
37
38error:
39 if (raise)
40 PyErr_SetFromWindowsErr(0);
41 else
42 Py_FatalError("Failed to initialize Windows random API (CryptoGen)");
43 return -1;
44}
45
46/* Fill buffer with size pseudo-random bytes generated by the Windows CryptoGen
Victor Stinner4d6a3d62014-12-21 01:16:38 +0100[diff] [blame]47 API. Return 0 on success, or raise an exception and return -1 on error. */
Georg Brandl2daf6ae2012-02-20 19:54:16 +0100[diff] [blame]48static int
49win32_urandom(unsigned char *buffer, Py_ssize_t size, int raise)
50{
51 Py_ssize_t chunk;
52
53 if (hCryptProv == 0)
54 {
55 if (win32_urandom_init(raise) == -1)
56 return -1;
57 }
58
59 while (size > 0)
60 {
61 chunk = size > INT_MAX ? INT_MAX : size;
Victor Stinner0c083462013-11-15 23:26:25 +0100[diff] [blame]62 if (!CryptGenRandom(hCryptProv, (DWORD)chunk, buffer))
Georg Brandl2daf6ae2012-02-20 19:54:16 +0100[diff] [blame]63 {
64 /* CryptGenRandom() failed */
65 if (raise)
66 PyErr_SetFromWindowsErr(0);
67 else
68 Py_FatalError("Failed to initialized the randomized hash "
69 "secret using CryptoGen)");
70 return -1;
71 }
72 buffer += chunk;
73 size -= chunk;
74 }
75 return 0;
76}
Georg Brandl2daf6ae2012-02-20 19:54:16 +0100[diff] [blame]77
Martin Panter39b10252016-06-10 08:07:11 +0000[diff] [blame]78/* Issue #25003: Don't use getentropy() on Solaris (available since
79 * Solaris 11.3), it is blocking whereas os.urandom() should not block. */
Victor Stinnerbae2d622015-10-01 09:47:30 +0200[diff] [blame]80#elif defined(HAVE_GETENTROPY) && !defined(sun)
81#define PY_GETENTROPY 1
82
Victor Stinner4d6a3d62014-12-21 01:16:38 +0100[diff] [blame]83/* Fill buffer with size pseudo-random bytes generated by getentropy().
84 Return 0 on success, or raise an exception and return -1 on error.
Georg Brandl2daf6ae2012-02-20 19:54:16 +0100[diff] [blame]85
Victor Stinner4d6a3d62014-12-21 01:16:38 +0100[diff] [blame]86 If fatal is nonzero, call Py_FatalError() instead of raising an exception
87 on error. */
88static int
89py_getentropy(unsigned char *buffer, Py_ssize_t size, int fatal)
90{
91 while (size > 0) {
92 Py_ssize_t len = Py_MIN(size, 256);
Victor Stinner9aa13312015-03-30 11:18:30 +0200[diff] [blame]93 int res;
94
95 if (!fatal) {
96 Py_BEGIN_ALLOW_THREADS
97 res = getentropy(buffer, len);
98 Py_END_ALLOW_THREADS
99
100 if (res < 0) {
Victor Stinner4d6a3d62014-12-21 01:16:38 +0100[diff] [blame]101 PyErr_SetFromErrno(PyExc_OSError);
102 return -1;
103 }
104 }
Victor Stinner9aa13312015-03-30 11:18:30 +0200[diff] [blame]105 else {
106 res = getentropy(buffer, len);
107 if (res < 0)
108 Py_FatalError("getentropy() failed");
109 }
110
Victor Stinner4d6a3d62014-12-21 01:16:38 +0100[diff] [blame]111 buffer += len;
112 size -= len;
113 }
114 return 0;
115}
116
Victor Stinnerbae2d622015-10-01 09:47:30 +0200[diff] [blame]117#else
Victor Stinner59f7fb22015-03-18 14:39:33 +0100[diff] [blame]118
Victor Stinnerbae2d622015-10-01 09:47:30 +0200[diff] [blame]119#if defined(HAVE_GETRANDOM) || defined(HAVE_GETRANDOM_SYSCALL)
120#define PY_GETRANDOM 1
121
Victor Stinner59f7fb22015-03-18 14:39:33 +0100[diff] [blame]122static int
123py_getrandom(void *buffer, Py_ssize_t size, int raise)
124{
Victor Stinnerbae2d622015-10-01 09:47:30 +0200[diff] [blame]125 /* Is getrandom() supported by the running kernel?
126 * Need Linux kernel 3.17 or newer, or Solaris 11.3 or newer */
Victor Stinner59f7fb22015-03-18 14:39:33 +0100[diff] [blame]127 static int getrandom_works = 1;
Victor Stinnerdddf4842016-06-07 11:21:42 +0200[diff] [blame]128
129 /* getrandom() on Linux will block if called before the kernel has
130 * initialized the urandom entropy pool. This will cause Python
131 * to hang on startup if called very early in the boot process -
132 * see https://bugs.python.org/issue26839. To avoid this, use the
133 * GRND_NONBLOCK flag. */
134 const int flags = GRND_NONBLOCK;
Victor Stinnercfb19612016-06-08 10:16:50 +0200[diff] [blame]135
136 char *dest;
Victor Stinnerec721f32016-06-16 23:53:47 +0200[diff] [blame]137 long n;
Victor Stinner59f7fb22015-03-18 14:39:33 +0100[diff] [blame]138
139 if (!getrandom_works)
140 return 0;
141
Victor Stinnercfb19612016-06-08 10:16:50 +0200[diff] [blame]142 dest = buffer;
Victor Stinner59f7fb22015-03-18 14:39:33 +0100[diff] [blame]143 while (0 < size) {
Victor Stinner9d242712016-04-12 22:28:49 +0200[diff] [blame]144#ifdef sun
145 /* Issue #26735: On Solaris, getrandom() is limited to returning up
146 to 1024 bytes */
147 n = Py_MIN(size, 1024);
148#else
Victor Stinnerec721f32016-06-16 23:53:47 +0200[diff] [blame]149 n = Py_MIN(size, LONG_MAX);
Victor Stinner9d242712016-04-12 22:28:49 +0200[diff] [blame]150#endif
Victor Stinner79b74ae2015-03-30 11:16:40 +0200[diff] [blame]151
Victor Stinner9d242712016-04-12 22:28:49 +0200[diff] [blame]152 errno = 0;
Victor Stinnerbae2d622015-10-01 09:47:30 +0200[diff] [blame]153#ifdef HAVE_GETRANDOM
154 if (raise) {
155 Py_BEGIN_ALLOW_THREADS
Victor Stinnercfb19612016-06-08 10:16:50 +0200[diff] [blame]156 n = getrandom(dest, n, flags);
Victor Stinnerbae2d622015-10-01 09:47:30 +0200[diff] [blame]157 Py_END_ALLOW_THREADS
158 }
159 else {
Victor Stinnercfb19612016-06-08 10:16:50 +0200[diff] [blame]160 n = getrandom(dest, n, flags);
Victor Stinnerbae2d622015-10-01 09:47:30 +0200[diff] [blame]161 }
162#else
163 /* On Linux, use the syscall() function because the GNU libc doesn't
164 * expose the Linux getrandom() syscall yet. See:
Victor Stinner59f7fb22015-03-18 14:39:33 +0100[diff] [blame]165 * https://sourceware.org/bugzilla/show_bug.cgi?id=17252 */
Victor Stinner79b74ae2015-03-30 11:16:40 +0200[diff] [blame]166 if (raise) {
167 Py_BEGIN_ALLOW_THREADS
Victor Stinnercfb19612016-06-08 10:16:50 +0200[diff] [blame]168 n = syscall(SYS_getrandom, dest, n, flags);
Victor Stinner79b74ae2015-03-30 11:16:40 +0200[diff] [blame]169 Py_END_ALLOW_THREADS
170 }
171 else {
Victor Stinnercfb19612016-06-08 10:16:50 +0200[diff] [blame]172 n = syscall(SYS_getrandom, dest, n, flags);
Victor Stinner79b74ae2015-03-30 11:16:40 +0200[diff] [blame]173 }
Victor Stinnerbae2d622015-10-01 09:47:30 +0200[diff] [blame]174#endif
Victor Stinner79b74ae2015-03-30 11:16:40 +0200[diff] [blame]175
Victor Stinner59f7fb22015-03-18 14:39:33 +0100[diff] [blame]176 if (n < 0) {
177 if (errno == ENOSYS) {
178 getrandom_works = 0;
179 return 0;
180 }
Victor Stinnerdddf4842016-06-07 11:21:42 +0200[diff] [blame]181 if (errno == EAGAIN) {
182 /* If we failed with EAGAIN, the entropy pool was
183 * uninitialized. In this case, we return failure to fall
184 * back to reading from /dev/urandom.
185 *
186 * Note: In this case the data read will not be random so
187 * should not be used for cryptographic purposes. Retaining
188 * the existing semantics for practical purposes. */
189 getrandom_works = 0;
190 return 0;
191 }
Victor Stinner59f7fb22015-03-18 14:39:33 +0100[diff] [blame]192
193 if (errno == EINTR) {
Victor Stinner59f7fb22015-03-18 14:39:33 +0100[diff] [blame]194 if (PyErr_CheckSignals()) {
195 if (!raise)
196 Py_FatalError("getrandom() interrupted by a signal");
197 return -1;
198 }
199 /* retry getrandom() */
200 continue;
201 }
202
203 if (raise)
204 PyErr_SetFromErrno(PyExc_OSError);
205 else
206 Py_FatalError("getrandom() failed");
207 return -1;
208 }
209
Victor Stinnercfb19612016-06-08 10:16:50 +0200[diff] [blame]210 dest += n;
Victor Stinner59f7fb22015-03-18 14:39:33 +0100[diff] [blame]211 size -= n;
212 }
213 return 1;
214}
215#endif
216
Antoine Pitroue472aea2014-04-26 14:33:03 +0200[diff] [blame]217static struct {
218 int fd;
219 dev_t st_dev;
220 ino_t st_ino;
221} urandom_cache = { -1 };
Georg Brandl2daf6ae2012-02-20 19:54:16 +0100[diff] [blame]222
Victor Stinner59f7fb22015-03-18 14:39:33 +0100[diff] [blame]223
Georg Brandl2daf6ae2012-02-20 19:54:16 +0100[diff] [blame]224/* Read size bytes from /dev/urandom into buffer.
225 Call Py_FatalError() on error. */
226static void
Christian Heimes985ecdc2013-11-20 11:46:18 +0100[diff] [blame]227dev_urandom_noraise(unsigned char *buffer, Py_ssize_t size)
Georg Brandl2daf6ae2012-02-20 19:54:16 +0100[diff] [blame]228{
229 int fd;
230 Py_ssize_t n;
231
232 assert (0 < size);
233
Victor Stinnerbae2d622015-10-01 09:47:30 +0200[diff] [blame]234#ifdef PY_GETRANDOM
Victor Stinner59f7fb22015-03-18 14:39:33 +0100[diff] [blame]235 if (py_getrandom(buffer, size, 0) == 1)
236 return;
237 /* getrandom() is not supported by the running kernel, fall back
238 * on reading /dev/urandom */
239#endif
240
Victor Stinnerc7cd12d2015-03-19 23:24:45 +0100[diff] [blame]241 fd = _Py_open_noraise("/dev/urandom", O_RDONLY);
242 if (fd < 0)
243 Py_FatalError("Failed to open /dev/urandom");
244
Georg Brandl2daf6ae2012-02-20 19:54:16 +0100[diff] [blame]245 while (0 < size)
246 {
247 do {
248 n = read(fd, buffer, (size_t)size);
249 } while (n < 0 && errno == EINTR);
250 if (n <= 0)
251 {
252 /* stop on error or if read(size) returned 0 */
253 Py_FatalError("Failed to read bytes from /dev/urandom");
254 break;
255 }
256 buffer += n;
Victor Stinnerc72828b2016-06-14 16:35:49 +0200[diff] [blame]257 size -= n;
Georg Brandl2daf6ae2012-02-20 19:54:16 +0100[diff] [blame]258 }
259 close(fd);
260}
261
262/* Read size bytes from /dev/urandom into buffer.
263 Return 0 on success, raise an exception and return -1 on error. */
264static int
265dev_urandom_python(char *buffer, Py_ssize_t size)
266{
267 int fd;
268 Py_ssize_t n;
Steve Dowerf2f373f2015-02-21 08:44:05 -0800[diff] [blame]269 struct _Py_stat_struct st;
Victor Stinnerbae2d622015-10-01 09:47:30 +0200[diff] [blame]270#ifdef PY_GETRANDOM
Victor Stinner59f7fb22015-03-18 14:39:33 +0100[diff] [blame]271 int res;
272#endif
Georg Brandl2daf6ae2012-02-20 19:54:16 +0100[diff] [blame]273
274 if (size <= 0)
275 return 0;
276
Victor Stinnerbae2d622015-10-01 09:47:30 +0200[diff] [blame]277#ifdef PY_GETRANDOM
Victor Stinner59f7fb22015-03-18 14:39:33 +0100[diff] [blame]278 res = py_getrandom(buffer, size, 1);
279 if (res < 0)
280 return -1;
281 if (res == 1)
282 return 0;
283 /* getrandom() is not supported by the running kernel, fall back
284 * on reading /dev/urandom */
285#endif
286
Antoine Pitroue472aea2014-04-26 14:33:03 +0200[diff] [blame]287 if (urandom_cache.fd >= 0) {
288 /* Does the fd point to the same thing as before? (issue #21207) */
Victor Stinnere134a7f2015-03-30 10:09:31 +0200[diff] [blame]289 if (_Py_fstat_noraise(urandom_cache.fd, &st)
Antoine Pitroue472aea2014-04-26 14:33:03 +0200[diff] [blame]290 || st.st_dev != urandom_cache.st_dev
291 || st.st_ino != urandom_cache.st_ino) {
292 /* Something changed: forget the cached fd (but don't close it,
293 since it probably points to something important for some
294 third-party code). */
295 urandom_cache.fd = -1;
296 }
297 }
298 if (urandom_cache.fd >= 0)
299 fd = urandom_cache.fd;
Antoine Pitrou4879a962013-08-31 00:26:02 +0200[diff] [blame]300 else {
Antoine Pitrou4879a962013-08-31 00:26:02 +0200[diff] [blame]301 fd = _Py_open("/dev/urandom", O_RDONLY);
Victor Stinnera555cfc2015-03-18 00:22:14 +0100[diff] [blame]302 if (fd < 0) {
Antoine Pitrou4879a962013-08-31 00:26:02 +0200[diff] [blame]303 if (errno == ENOENT || errno == ENXIO ||
304 errno == ENODEV || errno == EACCES)
305 PyErr_SetString(PyExc_NotImplementedError,
306 "/dev/urandom (or equivalent) not found");
Victor Stinnera555cfc2015-03-18 00:22:14 +0100[diff] [blame]307 /* otherwise, keep the OSError exception raised by _Py_open() */
Antoine Pitrou4879a962013-08-31 00:26:02 +0200[diff] [blame]308 return -1;
309 }
Antoine Pitroue472aea2014-04-26 14:33:03 +0200[diff] [blame]310 if (urandom_cache.fd >= 0) {
Antoine Pitrou4879a962013-08-31 00:26:02 +0200[diff] [blame]311 /* urandom_fd was initialized by another thread while we were
312 not holding the GIL, keep it. */
313 close(fd);
Antoine Pitroue472aea2014-04-26 14:33:03 +0200[diff] [blame]314 fd = urandom_cache.fd;
Antoine Pitrou4879a962013-08-31 00:26:02 +0200[diff] [blame]315 }
Antoine Pitroue472aea2014-04-26 14:33:03 +0200[diff] [blame]316 else {
Steve Dowerf2f373f2015-02-21 08:44:05 -0800[diff] [blame]317 if (_Py_fstat(fd, &st)) {
Antoine Pitroue472aea2014-04-26 14:33:03 +0200[diff] [blame]318 close(fd);
319 return -1;
320 }
321 else {
322 urandom_cache.fd = fd;
323 urandom_cache.st_dev = st.st_dev;
324 urandom_cache.st_ino = st.st_ino;
325 }
326 }
Georg Brandl2daf6ae2012-02-20 19:54:16 +0100[diff] [blame]327 }
328
Georg Brandl2daf6ae2012-02-20 19:54:16 +0100[diff] [blame]329 do {
Victor Stinnerc9382eb2015-03-19 23:36:33 +0100[diff] [blame]330 n = _Py_read(fd, buffer, (size_t)size);
331 if (n == -1)
332 return -1;
333 if (n == 0) {
Georg Brandl2daf6ae2012-02-20 19:54:16 +0100[diff] [blame]334 PyErr_Format(PyExc_RuntimeError,
Victor Stinnerc9382eb2015-03-19 23:36:33 +0100[diff] [blame]335 "Failed to read %zi bytes from /dev/urandom",
336 size);
337 return -1;
338 }
339
340 buffer += n;
341 size -= n;
342 } while (0 < size);
343
Georg Brandl2daf6ae2012-02-20 19:54:16 +0100[diff] [blame]344 return 0;
345}
Antoine Pitrou4879a962013-08-31 00:26:02 +0200[diff] [blame]346
347static void
348dev_urandom_close(void)
349{
Antoine Pitroue472aea2014-04-26 14:33:03 +0200[diff] [blame]350 if (urandom_cache.fd >= 0) {
351 close(urandom_cache.fd);
352 urandom_cache.fd = -1;
Antoine Pitrou4879a962013-08-31 00:26:02 +0200[diff] [blame]353 }
354}
355
Victor Stinnerbae2d622015-10-01 09:47:30 +0200[diff] [blame]356#endif
Georg Brandl2daf6ae2012-02-20 19:54:16 +0100[diff] [blame]357
358/* Fill buffer with pseudo-random bytes generated by a linear congruent
359 generator (LCG):
360
361 x(n+1) = (x(n) * 214013 + 2531011) % 2^32
362
363 Use bits 23..16 of x(n) to generate a byte. */
364static void
365lcg_urandom(unsigned int x0, unsigned char *buffer, size_t size)
366{
367 size_t index;
368 unsigned int x;
369
370 x = x0;
371 for (index=0; index < size; index++) {
372 x *= 214013;
373 x += 2531011;
374 /* modulo 2 ^ (8 * sizeof(int)) */
375 buffer[index] = (x >> 16) & 0xff;
376 }
377}
378
Georg Brandlc6a2c9b2013-10-06 18:43:19 +0200[diff] [blame]379/* Fill buffer with size pseudo-random bytes from the operating system random
Serhiy Storchaka56a6d852014-12-01 18:28:43 +0200[diff] [blame]380 number generator (RNG). It is suitable for most cryptographic purposes
Georg Brandlc6a2c9b2013-10-06 18:43:19 +0200[diff] [blame]381 except long living private keys for asymmetric encryption.
Georg Brandl2daf6ae2012-02-20 19:54:16 +0100[diff] [blame]382
383 Return 0 on success, raise an exception and return -1 on error. */
384int
385_PyOS_URandom(void *buffer, Py_ssize_t size)
386{
387 if (size < 0) {
388 PyErr_Format(PyExc_ValueError,
389 "negative argument not allowed");
390 return -1;
391 }
392 if (size == 0)
393 return 0;
394
395#ifdef MS_WINDOWS
396 return win32_urandom((unsigned char *)buffer, size, 1);
Victor Stinnerbae2d622015-10-01 09:47:30 +0200[diff] [blame]397#elif defined(PY_GETENTROPY)
Victor Stinner4d6a3d62014-12-21 01:16:38 +0100[diff] [blame]398 return py_getentropy(buffer, size, 0);
Georg Brandl2daf6ae2012-02-20 19:54:16 +0100[diff] [blame]399#else
Georg Brandl2daf6ae2012-02-20 19:54:16 +0100[diff] [blame]400 return dev_urandom_python((char*)buffer, size);
Georg Brandl2daf6ae2012-02-20 19:54:16 +0100[diff] [blame]401#endif
402}
403
404void
405_PyRandom_Init(void)
406{
407 char *env;
Christian Heimes985ecdc2013-11-20 11:46:18 +0100[diff] [blame]408 unsigned char *secret = (unsigned char *)&_Py_HashSecret.uc;
Benjamin Peterson69e97272012-02-21 11:08:50 -0500[diff] [blame]409 Py_ssize_t secret_size = sizeof(_Py_HashSecret_t);
Serhiy Storchakafad85aa2015-11-07 15:42:38 +0200[diff] [blame]410 Py_BUILD_ASSERT(sizeof(_Py_HashSecret_t) == sizeof(_Py_HashSecret.uc));
Georg Brandl2daf6ae2012-02-20 19:54:16 +0100[diff] [blame]411
Benjamin Peterson69e97272012-02-21 11:08:50 -0500[diff] [blame]412 if (_Py_HashSecret_Initialized)
Georg Brandl2daf6ae2012-02-20 19:54:16 +0100[diff] [blame]413 return;
Benjamin Peterson69e97272012-02-21 11:08:50 -0500[diff] [blame]414 _Py_HashSecret_Initialized = 1;
Georg Brandl2daf6ae2012-02-20 19:54:16 +0100[diff] [blame]415
416 /*
Georg Brandl2daf6ae2012-02-20 19:54:16 +0100[diff] [blame]417 Hash randomization is enabled. Generate a per-process secret,
418 using PYTHONHASHSEED if provided.
419 */
420
421 env = Py_GETENV("PYTHONHASHSEED");
Georg Brandl12897d72012-02-20 23:49:29 +0100[diff] [blame]422 if (env && *env != '\0' && strcmp(env, "random") != 0) {
Georg Brandl2daf6ae2012-02-20 19:54:16 +0100[diff] [blame]423 char *endptr = env;
424 unsigned long seed;
425 seed = strtoul(env, &endptr, 10);
426 if (*endptr != '\0'
427 || seed > 4294967295UL
428 || (errno == ERANGE && seed == ULONG_MAX))
429 {
430 Py_FatalError("PYTHONHASHSEED must be \"random\" or an integer "
431 "in range [0; 4294967295]");
432 }
433 if (seed == 0) {
434 /* disable the randomized hash */
435 memset(secret, 0, secret_size);
436 }
437 else {
Christian Heimes985ecdc2013-11-20 11:46:18 +0100[diff] [blame]438 lcg_urandom(seed, secret, secret_size);
Georg Brandl2daf6ae2012-02-20 19:54:16 +0100[diff] [blame]439 }
440 }
441 else {
442#ifdef MS_WINDOWS
Christian Heimes985ecdc2013-11-20 11:46:18 +0100[diff] [blame]443 (void)win32_urandom(secret, secret_size, 0);
Victor Stinnerbae2d622015-10-01 09:47:30 +0200[diff] [blame]444#elif defined(PY_GETENTROPY)
Victor Stinner4d6a3d62014-12-21 01:16:38 +0100[diff] [blame]445 (void)py_getentropy(secret, secret_size, 1);
Christian Heimesaf01f662013-12-21 16:19:10 +0100[diff] [blame]446#else
Christian Heimes985ecdc2013-11-20 11:46:18 +0100[diff] [blame]447 dev_urandom_noraise(secret, secret_size);
Georg Brandl2daf6ae2012-02-20 19:54:16 +0100[diff] [blame]448#endif
449 }
450}
Antoine Pitrou4879a962013-08-31 00:26:02 +0200[diff] [blame]451
452void
453_PyRandom_Fini(void)
454{
Victor Stinnerd50c3f32014-05-02 22:06:44 +0200[diff] [blame]455#ifdef MS_WINDOWS
456 if (hCryptProv) {
Tim Goldenb8ac3e12014-05-06 13:29:45 +0100[diff] [blame]457 CryptReleaseContext(hCryptProv, 0);
Victor Stinnerd50c3f32014-05-02 22:06:44 +0200[diff] [blame]458 hCryptProv = 0;
459 }
Victor Stinnerbae2d622015-10-01 09:47:30 +0200[diff] [blame]460#elif defined(PY_GETENTROPY)
Victor Stinner4d6a3d62014-12-21 01:16:38 +0100[diff] [blame]461 /* nothing to clean */
Victor Stinnerd50c3f32014-05-02 22:06:44 +0200[diff] [blame]462#else
Antoine Pitrou4879a962013-08-31 00:26:02 +0200[diff] [blame]463 dev_urandom_close();
464#endif
465}