Blame - Python/random.c - platform/external/python/cpython3

2012-02-20 19:54:16 +0100

[diff] [blame]

1

#include "Python.h"

2

#ifdef MS_WINDOWS

Victor Stinner

2015-03-18 14:39:33 +0100

[diff] [blame]

3

# include <windows.h>

Georg Brandl

2012-02-20 19:54:16 +0100

[diff] [blame]

4

#else

Victor Stinner

2015-03-18 14:39:33 +0100

[diff] [blame]

5

# include <fcntl.h>

6

# ifdef HAVE_SYS_STAT_H

7

# include <sys/stat.h>

8

# endif

Victor Stinner

2016-06-07 11:21:42 +0200

[diff] [blame]

9

# ifdef HAVE_LINUX_RANDOM_H

10

# include <linux/random.h>

11

# endif

Ned Deily

7ae4112

2016-11-12 16:35:48 -0500

[diff] [blame^]

12

# if defined(HAVE_GETRANDOM) || defined(HAVE_GETENTROPY)

Victor Stinner

2015-10-01 09:47:30 +0200

[diff] [blame]

13

# include <sys/random.h>

Ned Deily

7ae4112

2016-11-12 16:35:48 -0500

[diff] [blame^]

14

# endif

15

# if !defined(HAVE_GETRANDOM) && defined(HAVE_GETRANDOM_SYSCALL)

Victor Stinner

2015-03-18 14:39:33 +0100

[diff] [blame]

16

# include <sys/syscall.h>

Victor Stinner

2015-03-18 14:39:33 +0100

[diff] [blame]

17

# endif

Georg Brandl

2012-02-20 19:54:16 +0100

[diff] [blame]

18

#endif

19

Benjamin Peterson

2012-02-21 11:08:50 -0500

[diff] [blame]

20

#ifdef Py_DEBUG

21

int _Py_HashSecret_Initialized = 0;

22

#else

23

static int _Py_HashSecret_Initialized = 0;

24

#endif

Georg Brandl

2012-02-20 19:54:16 +0100

[diff] [blame]

25

26

#ifdef MS_WINDOWS

Georg Brandl

2012-02-20 19:54:16 +0100

[diff] [blame]

27

static HCRYPTPROV hCryptProv = 0;

28

29

static int

30

win32_urandom_init(int raise)

31

{

Georg Brandl

2012-02-20 19:54:16 +0100

[diff] [blame]

32

/* Acquire context */

Martin v. Löwis

3f50bf6

2013-01-25 14:06:18 +0100

[diff] [blame]

33

if (!CryptAcquireContext(&hCryptProv, NULL, NULL,

34

PROV_RSA_FULL, CRYPT_VERIFYCONTEXT))

Georg Brandl

2012-02-20 19:54:16 +0100

[diff] [blame]

goto error;

return 0;

error:

if (raise)

PyErr_SetFromWindowsErr(0);

42

else

43

Py_FatalError("Failed to initialize Windows random API (CryptoGen)");

return -1;

}

/* Fill buffer with size pseudo-random bytes generated by the Windows CryptoGen

Victor Stinner

2014-12-21 01:16:38 +0100

[diff] [blame]

48

API. Return 0 on success, or raise an exception and return -1 on error. */

Georg Brandl

2012-02-20 19:54:16 +0100

[diff] [blame]

49

static int

50

win32_urandom(unsigned char *buffer, Py_ssize_t size, int raise)

{

Py_ssize_t chunk;

if (hCryptProv == 0)

{

if (win32_urandom_init(raise) == -1)

return -1;

}

while (size > 0)

{

chunk = size > INT_MAX ? INT_MAX : size;

Victor Stinner

0c08346

2013-11-15 23:26:25 +0100

[diff] [blame]

63

if (!CryptGenRandom(hCryptProv, (DWORD)chunk, buffer))

Georg Brandl

2012-02-20 19:54:16 +0100

[diff] [blame]

64

{

65

/* CryptGenRandom() failed */

66

if (raise)

67

PyErr_SetFromWindowsErr(0);

68

else

69

Py_FatalError("Failed to initialized the randomized hash "

70

"secret using CryptoGen)");

return -1;

}

buffer += chunk;

size -= chunk;

}

return 0;

}

Georg Brandl

2012-02-20 19:54:16 +0100

[diff] [blame]

78

Martin Panter

39b1025

2016-06-10 08:07:11 +0000

[diff] [blame]

79

/* Issue #25003: Don't use getentropy() on Solaris (available since

80

* Solaris 11.3), it is blocking whereas os.urandom() should not block. */

Victor Stinner

2015-10-01 09:47:30 +0200

[diff] [blame]

81

#elif defined(HAVE_GETENTROPY) && !defined(sun)

82

#define PY_GETENTROPY 1

83

Victor Stinner

2014-12-21 01:16:38 +0100

[diff] [blame]

84

/* Fill buffer with size pseudo-random bytes generated by getentropy().

85

Return 0 on success, or raise an exception and return -1 on error.

Georg Brandl

2012-02-20 19:54:16 +0100

[diff] [blame]

86

Victor Stinner

2014-12-21 01:16:38 +0100

[diff] [blame]

87

If fatal is nonzero, call Py_FatalError() instead of raising an exception

88

on error. */

89

static int

90

py_getentropy(unsigned char *buffer, Py_ssize_t size, int fatal)

91

{

92

while (size > 0) {

93

Py_ssize_t len = Py_MIN(size, 256);

Victor Stinner

9aa1331

2015-03-30 11:18:30 +0200

[diff] [blame]

int res;

if (!fatal) {

Py_BEGIN_ALLOW_THREADS

98

res = getentropy(buffer, len);

99

Py_END_ALLOW_THREADS

100

101

if (res < 0) {

Victor Stinner

2014-12-21 01:16:38 +0100

[diff] [blame]

102

PyErr_SetFromErrno(PyExc_OSError);

103

return -1;

104

}

105

}

Victor Stinner

9aa1331

2015-03-30 11:18:30 +0200

[diff] [blame]

106

else {

107

res = getentropy(buffer, len);

108

if (res < 0)

109

Py_FatalError("getentropy() failed");

110

}

111

Victor Stinner

2014-12-21 01:16:38 +0100

[diff] [blame]

buffer += len;

size -= len;

}

return 0;

}

Victor Stinner

2015-10-01 09:47:30 +0200

[diff] [blame]

118

#else

Victor Stinner

2015-03-18 14:39:33 +0100

[diff] [blame]

119

Victor Stinner

2015-10-01 09:47:30 +0200

[diff] [blame]

120

#if defined(HAVE_GETRANDOM) || defined(HAVE_GETRANDOM_SYSCALL)

121

#define PY_GETRANDOM 1

122

Victor Stinner

2016-09-20 22:26:18 +0200

[diff] [blame]

123

/* Call getrandom()

124

- Return 1 on success

Victor Stinner

2016-09-20 22:46:02 +0200

[diff] [blame]

125

- Return 0 if getrandom() syscall is not available (failed with ENOSYS or

126

EPERM) or if getrandom(GRND_NONBLOCK) failed with EAGAIN (system urandom

Victor Stinner

2016-09-20 22:26:18 +0200

[diff] [blame]

127

not initialized yet) and raise=0.

128

- Raise an exception (if raise is non-zero) and return -1 on error:

129

getrandom() failed with EINTR and the Python signal handler raised an

130

exception, or getrandom() failed with a different error. */

Victor Stinner

2015-03-18 14:39:33 +0100

[diff] [blame]

131

static int

132

py_getrandom(void *buffer, Py_ssize_t size, int raise)

133

{

Victor Stinner

2016-09-20 22:26:18 +0200

[diff] [blame]

134

/* Is getrandom() supported by the running kernel? Set to 0 if getrandom()

Victor Stinner

2016-09-20 22:46:02 +0200

[diff] [blame]

135

failed with ENOSYS or EPERM. Need Linux kernel 3.17 or newer, or Solaris

Victor Stinner

2016-09-20 22:26:18 +0200

[diff] [blame]

136

11.3 or newer */

Victor Stinner

2015-03-18 14:39:33 +0100

[diff] [blame]

137

static int getrandom_works = 1;

Victor Stinner

2016-06-07 11:21:42 +0200

[diff] [blame]

138

139

/* getrandom() on Linux will block if called before the kernel has

140

* initialized the urandom entropy pool. This will cause Python

141

* to hang on startup if called very early in the boot process -

142

* see https://bugs.python.org/issue26839. To avoid this, use the

143

* GRND_NONBLOCK flag. */

144

const int flags = GRND_NONBLOCK;

Victor Stinner

ec721f3

2016-06-16 23:53:47 +0200

[diff] [blame]

145

long n;

Victor Stinner

2015-03-18 14:39:33 +0100

[diff] [blame]

146

Victor Stinner

2016-09-20 22:26:18 +0200

[diff] [blame]

147

if (!getrandom_works) {

Victor Stinner

2015-03-18 14:39:33 +0100

[diff] [blame]

148

return 0;

Victor Stinner

2016-09-20 22:26:18 +0200

[diff] [blame]

149

}

Victor Stinner

2015-03-18 14:39:33 +0100

[diff] [blame]

150

151

while (0 < size) {

Victor Stinner

2016-04-12 22:28:49 +0200

[diff] [blame]

152

#ifdef sun

153

/* Issue #26735: On Solaris, getrandom() is limited to returning up

154

to 1024 bytes */

155

n = Py_MIN(size, 1024);

156

#else

Victor Stinner

ec721f3

2016-06-16 23:53:47 +0200

[diff] [blame]

157

n = Py_MIN(size, LONG_MAX);

Victor Stinner

2016-04-12 22:28:49 +0200

[diff] [blame]

158

#endif

Victor Stinner

2015-03-30 11:16:40 +0200

[diff] [blame]

159

Victor Stinner

2016-04-12 22:28:49 +0200

[diff] [blame]

160

errno = 0;

Victor Stinner

2015-10-01 09:47:30 +0200

[diff] [blame]

161

#ifdef HAVE_GETRANDOM

162

if (raise) {

163

Py_BEGIN_ALLOW_THREADS

Victor Stinner

2016-04-12 22:28:49 +0200

[diff] [blame]

164

n = getrandom(buffer, n, flags);

Victor Stinner

2015-10-01 09:47:30 +0200

[diff] [blame]

165

Py_END_ALLOW_THREADS

166

}

167

else {

Victor Stinner

2016-04-12 22:28:49 +0200

[diff] [blame]

168

n = getrandom(buffer, n, flags);

Victor Stinner

2015-10-01 09:47:30 +0200

[diff] [blame]

169

}

170

#else

171

/* On Linux, use the syscall() function because the GNU libc doesn't

172

* expose the Linux getrandom() syscall yet. See:

Victor Stinner

2015-03-18 14:39:33 +0100

[diff] [blame]

173

* https://sourceware.org/bugzilla/show_bug.cgi?id=17252 */

Victor Stinner

2015-03-30 11:16:40 +0200

[diff] [blame]

174

if (raise) {

175

Py_BEGIN_ALLOW_THREADS

Victor Stinner

2016-04-12 22:28:49 +0200

[diff] [blame]

176

n = syscall(SYS_getrandom, buffer, n, flags);

Victor Stinner

2015-03-30 11:16:40 +0200

[diff] [blame]

177

Py_END_ALLOW_THREADS

178

}

179

else {

Victor Stinner

2016-04-12 22:28:49 +0200

[diff] [blame]

180

n = syscall(SYS_getrandom, buffer, n, flags);

Victor Stinner

2015-03-30 11:16:40 +0200

[diff] [blame]

181

}

Victor Stinner

2015-10-01 09:47:30 +0200

[diff] [blame]

182

#endif

Victor Stinner

2015-03-30 11:16:40 +0200

[diff] [blame]

183

Victor Stinner

2015-03-18 14:39:33 +0100

[diff] [blame]

184

if (n < 0) {

Victor Stinner

2016-09-20 22:26:18 +0200

[diff] [blame]

185

/* ENOSYS: getrandom() syscall not supported by the kernel (but

Victor Stinner

2016-09-20 22:46:02 +0200

[diff] [blame]

186

* maybe supported by the host which built Python). EPERM:

187

* getrandom() syscall blocked by SECCOMP or something else. */

188

if (errno == ENOSYS || errno == EPERM) {

Victor Stinner

2015-03-18 14:39:33 +0100

[diff] [blame]

189

getrandom_works = 0;

190

return 0;

191

}

Victor Stinner

2016-06-07 11:21:42 +0200

[diff] [blame]

192

if (errno == EAGAIN) {

Victor Stinner

2016-09-20 22:26:18 +0200

[diff] [blame]

193

/* getrandom(GRND_NONBLOCK) fails with EAGAIN if the system

194

urandom is not initialiazed yet. In this case, fall back on

195

reading from /dev/urandom.

196

197

Note: In this case the data read will not be random so

198

should not be used for cryptographic purposes. Retaining

199

the existing semantics for practical purposes. */

Victor Stinner

2016-06-07 11:21:42 +0200

[diff] [blame]

200

getrandom_works = 0;

201

return 0;

202

}

Victor Stinner

2015-03-18 14:39:33 +0100

[diff] [blame]

203

204

if (errno == EINTR) {

Victor Stinner

2015-03-18 14:39:33 +0100

[diff] [blame]

205

if (PyErr_CheckSignals()) {

Victor Stinner

2016-09-20 22:26:18 +0200

[diff] [blame]

206

if (!raise) {

Victor Stinner

2015-03-18 14:39:33 +0100

[diff] [blame]

207

Py_FatalError("getrandom() interrupted by a signal");

Victor Stinner

2016-09-20 22:26:18 +0200

[diff] [blame]

208

}

Victor Stinner

2015-03-18 14:39:33 +0100

[diff] [blame]

209

return -1;

210

}

Victor Stinner

2016-09-20 22:26:18 +0200

[diff] [blame]

211

Victor Stinner

2015-03-18 14:39:33 +0100

[diff] [blame]

212

/* retry getrandom() */

continue;

}

Victor Stinner

2016-09-20 22:26:18 +0200

[diff] [blame]

216

if (raise) {

Victor Stinner

2015-03-18 14:39:33 +0100

[diff] [blame]

217

PyErr_SetFromErrno(PyExc_OSError);

Victor Stinner

2016-09-20 22:26:18 +0200

[diff] [blame]

218

}

219

else {

Victor Stinner

2015-03-18 14:39:33 +0100

[diff] [blame]

220

Py_FatalError("getrandom() failed");

Victor Stinner

2016-09-20 22:26:18 +0200

[diff] [blame]

221

}

Victor Stinner

2015-03-18 14:39:33 +0100

[diff] [blame]

return -1;

}

buffer += n;

size -= n;

}

return 1;

}

#endif

Antoine Pitrou

2014-04-26 14:33:03 +0200

[diff] [blame]

static struct {

int fd;

dev_t st_dev;

ino_t st_ino;

} urandom_cache = { -1 };

Georg Brandl

2012-02-20 19:54:16 +0100

[diff] [blame]

237

Victor Stinner

2015-03-18 14:39:33 +0100

[diff] [blame]

238

Victor Stinner

2016-09-20 22:26:18 +0200

[diff] [blame]

239

/* Read 'size' random bytes from py_getrandom(). Fall back on reading from

240

/dev/urandom if getrandom() is not available.

241

Georg Brandl

2012-02-20 19:54:16 +0100

[diff] [blame]

242

Call Py_FatalError() on error. */

243

static void

Christian Heimes

2013-11-20 11:46:18 +0100

[diff] [blame]

244

dev_urandom_noraise(unsigned char *buffer, Py_ssize_t size)

Georg Brandl

2012-02-20 19:54:16 +0100

[diff] [blame]

{

int fd;

Py_ssize_t n;

assert (0 < size);

Victor Stinner

2015-10-01 09:47:30 +0200

[diff] [blame]

251

#ifdef PY_GETRANDOM

Victor Stinner

2016-09-20 22:26:18 +0200

[diff] [blame]

252

if (py_getrandom(buffer, size, 0) == 1) {

Victor Stinner

2015-03-18 14:39:33 +0100

[diff] [blame]

253

return;

Victor Stinner

2016-09-20 22:26:18 +0200

[diff] [blame]

254

}

Victor Stinner

2016-09-20 22:46:02 +0200

[diff] [blame]

255

/* getrandom() failed with ENOSYS or EPERM,

Victor Stinner

2016-09-20 22:26:18 +0200

[diff] [blame]

256

fall back on reading /dev/urandom */

Victor Stinner

2015-03-18 14:39:33 +0100

[diff] [blame]

257

#endif

258

Victor Stinner

c7cd12d

2015-03-19 23:24:45 +0100

[diff] [blame]

259

fd = _Py_open_noraise("/dev/urandom", O_RDONLY);

Victor Stinner

2016-09-20 22:26:18 +0200

[diff] [blame]

260

if (fd < 0) {

Victor Stinner

c7cd12d

2015-03-19 23:24:45 +0100

[diff] [blame]

261

Py_FatalError("Failed to open /dev/urandom");

Victor Stinner

2016-09-20 22:26:18 +0200

[diff] [blame]

262

}

Victor Stinner

c7cd12d

2015-03-19 23:24:45 +0100

[diff] [blame]

263

Georg Brandl

2012-02-20 19:54:16 +0100

[diff] [blame]

while (0 < size)

{

do {

n = read(fd, buffer, (size_t)size);

268

} while (n < 0 && errno == EINTR);

Victor Stinner

2016-09-20 22:26:18 +0200

[diff] [blame]

269

270

if (n <= 0) {

271

/* read() failed or returned 0 bytes */

Georg Brandl

2012-02-20 19:54:16 +0100

[diff] [blame]

272

Py_FatalError("Failed to read bytes from /dev/urandom");

273

break;

274

}

275

buffer += n;

Victor Stinner

c72828b

2016-06-14 16:35:49 +0200

[diff] [blame]

276

size -= n;

Georg Brandl

2012-02-20 19:54:16 +0100

[diff] [blame]

}

close(fd);

}

Victor Stinner

2016-09-20 22:26:18 +0200

[diff] [blame]

281

/* Read 'size' random bytes from py_getrandom(). Fall back on reading from

282

/dev/urandom if getrandom() is not available.

283

284

Return 0 on success. Raise an exception and return -1 on error. */

Georg Brandl

2012-02-20 19:54:16 +0100

[diff] [blame]

285

static int

286

dev_urandom_python(char *buffer, Py_ssize_t size)

287

{

288

int fd;

289

Py_ssize_t n;

Steve Dower

f2f373f

2015-02-21 08:44:05 -0800

[diff] [blame]

290

struct _Py_stat_struct st;

Victor Stinner

2015-10-01 09:47:30 +0200

[diff] [blame]

291

#ifdef PY_GETRANDOM

Victor Stinner

2015-03-18 14:39:33 +0100

[diff] [blame]

292

int res;

293

#endif

Georg Brandl

2012-02-20 19:54:16 +0100

[diff] [blame]

if (size <= 0)

return 0;

Victor Stinner

2015-10-01 09:47:30 +0200

[diff] [blame]

298

#ifdef PY_GETRANDOM

Victor Stinner

2015-03-18 14:39:33 +0100

[diff] [blame]

299

res = py_getrandom(buffer, size, 1);

Victor Stinner

2016-09-20 22:26:18 +0200

[diff] [blame]

300

if (res < 0) {

Victor Stinner

2015-03-18 14:39:33 +0100

[diff] [blame]

301

return -1;

Victor Stinner

2016-09-20 22:26:18 +0200

[diff] [blame]

302

}

303

if (res == 1) {

Victor Stinner

2015-03-18 14:39:33 +0100

[diff] [blame]

304

return 0;

Victor Stinner

2016-09-20 22:26:18 +0200

[diff] [blame]

305

}

Victor Stinner

2016-09-20 22:46:02 +0200

[diff] [blame]

306

/* getrandom() failed with ENOSYS or EPERM,

Victor Stinner

2016-09-20 22:26:18 +0200

[diff] [blame]

307

fall back on reading /dev/urandom */

Victor Stinner

2015-03-18 14:39:33 +0100

[diff] [blame]

308

#endif

309

Antoine Pitrou

2014-04-26 14:33:03 +0200

[diff] [blame]

310

if (urandom_cache.fd >= 0) {

311

/* Does the fd point to the same thing as before? (issue #21207) */

Victor Stinner

e134a7f

2015-03-30 10:09:31 +0200

[diff] [blame]

312

if (_Py_fstat_noraise(urandom_cache.fd, &st)

Antoine Pitrou

2014-04-26 14:33:03 +0200

[diff] [blame]

313

|| st.st_dev != urandom_cache.st_dev

314

|| st.st_ino != urandom_cache.st_ino) {

315

/* Something changed: forget the cached fd (but don't close it,

316

since it probably points to something important for some

317

third-party code). */

318

urandom_cache.fd = -1;

319

}

320

}

321

if (urandom_cache.fd >= 0)

322

fd = urandom_cache.fd;

Antoine Pitrou

2013-08-31 00:26:02 +0200

[diff] [blame]

323

else {

Antoine Pitrou

2013-08-31 00:26:02 +0200

[diff] [blame]

324

fd = _Py_open("/dev/urandom", O_RDONLY);

Victor Stinner

a555cfc

2015-03-18 00:22:14 +0100

[diff] [blame]

325

if (fd < 0) {

Antoine Pitrou

2013-08-31 00:26:02 +0200

[diff] [blame]

326

if (errno == ENOENT || errno == ENXIO ||

327

errno == ENODEV || errno == EACCES)

328

PyErr_SetString(PyExc_NotImplementedError,

329

"/dev/urandom (or equivalent) not found");

Victor Stinner

a555cfc

2015-03-18 00:22:14 +0100

[diff] [blame]

330

/* otherwise, keep the OSError exception raised by _Py_open() */

Antoine Pitrou

2013-08-31 00:26:02 +0200

[diff] [blame]

331

return -1;

332

}

Antoine Pitrou

2014-04-26 14:33:03 +0200

[diff] [blame]

333

if (urandom_cache.fd >= 0) {

Antoine Pitrou

2013-08-31 00:26:02 +0200

[diff] [blame]

334

/* urandom_fd was initialized by another thread while we were

335

not holding the GIL, keep it. */

336

close(fd);

Antoine Pitrou

2014-04-26 14:33:03 +0200

[diff] [blame]

337

fd = urandom_cache.fd;

Antoine Pitrou

2013-08-31 00:26:02 +0200

[diff] [blame]

338

}

Antoine Pitrou

2014-04-26 14:33:03 +0200

[diff] [blame]

339

else {

Steve Dower

f2f373f

2015-02-21 08:44:05 -0800

[diff] [blame]

340

if (_Py_fstat(fd, &st)) {

Antoine Pitrou

2014-04-26 14:33:03 +0200

[diff] [blame]

close(fd);

return -1;

}

else {

urandom_cache.fd = fd;

346

urandom_cache.st_dev = st.st_dev;

347

urandom_cache.st_ino = st.st_ino;

348

}

349

}

Georg Brandl

2012-02-20 19:54:16 +0100

[diff] [blame]

350

}

351

Georg Brandl

2012-02-20 19:54:16 +0100

[diff] [blame]

352

do {

Victor Stinner

2015-03-19 23:36:33 +0100

[diff] [blame]

353

n = _Py_read(fd, buffer, (size_t)size);

Victor Stinner

2016-09-20 22:26:18 +0200

[diff] [blame]

354

if (n == -1) {

Victor Stinner

2015-03-19 23:36:33 +0100

[diff] [blame]

355

return -1;

Victor Stinner

2016-09-20 22:26:18 +0200

[diff] [blame]

356

}

Victor Stinner

2015-03-19 23:36:33 +0100

[diff] [blame]

357

if (n == 0) {

Georg Brandl

2012-02-20 19:54:16 +0100

[diff] [blame]

358

PyErr_Format(PyExc_RuntimeError,

Victor Stinner

2015-03-19 23:36:33 +0100

[diff] [blame]

359

"Failed to read %zi bytes from /dev/urandom",

size);

return -1;

}

buffer += n;

size -= n;

} while (0 < size);

Georg Brandl

2012-02-20 19:54:16 +0100

[diff] [blame]

368

return 0;

369

}

Antoine Pitrou

2013-08-31 00:26:02 +0200

[diff] [blame]

370

371

static void

372

dev_urandom_close(void)

373

{

Antoine Pitrou

2014-04-26 14:33:03 +0200

[diff] [blame]

374

if (urandom_cache.fd >= 0) {

375

close(urandom_cache.fd);

376

urandom_cache.fd = -1;

Antoine Pitrou

2013-08-31 00:26:02 +0200

[diff] [blame]

}

}

Victor Stinner

2015-10-01 09:47:30 +0200

[diff] [blame]

380

#endif

Georg Brandl

2012-02-20 19:54:16 +0100

[diff] [blame]

381

382

/* Fill buffer with pseudo-random bytes generated by a linear congruent

383

generator (LCG):

384

385

x(n+1) = (x(n) * 214013 + 2531011) % 2^32

386

387

Use bits 23..16 of x(n) to generate a byte. */

388

static void

389

lcg_urandom(unsigned int x0, unsigned char *buffer, size_t size)

{

size_t index;

unsigned int x;

x = x0;

for (index=0; index < size; index++) {

396

x *= 214013;

397

x += 2531011;

398

/* modulo 2 ^ (8 * sizeof(int)) */

399

buffer[index] = (x >> 16) & 0xff;

}

}

Georg Brandl

2013-10-06 18:43:19 +0200

[diff] [blame]

403

/* Fill buffer with size pseudo-random bytes from the operating system random

Serhiy Storchaka

56a6d85

2014-12-01 18:28:43 +0200

[diff] [blame]

404

number generator (RNG). It is suitable for most cryptographic purposes

Georg Brandl

c6a2c9b

2013-10-06 18:43:19 +0200

[diff] [blame]

405

except long living private keys for asymmetric encryption.

Georg Brandl

2012-02-20 19:54:16 +0100

[diff] [blame]

406

407

Return 0 on success, raise an exception and return -1 on error. */

408

int

409

_PyOS_URandom(void *buffer, Py_ssize_t size)

410

{

411

if (size < 0) {

412

PyErr_Format(PyExc_ValueError,

413

"negative argument not allowed");

return -1;

}

if (size == 0)

return 0;

#ifdef MS_WINDOWS

return win32_urandom((unsigned char *)buffer, size, 1);

Victor Stinner

2015-10-01 09:47:30 +0200

[diff] [blame]

421

#elif defined(PY_GETENTROPY)

Victor Stinner

2014-12-21 01:16:38 +0100

[diff] [blame]

422

return py_getentropy(buffer, size, 0);

Georg Brandl

2012-02-20 19:54:16 +0100

[diff] [blame]

423

#else

Georg Brandl

2012-02-20 19:54:16 +0100

[diff] [blame]

424

return dev_urandom_python((char*)buffer, size);

Georg Brandl

2012-02-20 19:54:16 +0100

[diff] [blame]

#endif

}

void

_PyRandom_Init(void)

{

char *env;

Christian Heimes

2013-11-20 11:46:18 +0100

[diff] [blame]

432

unsigned char *secret = (unsigned char *)&_Py_HashSecret.uc;

Benjamin Peterson

2012-02-21 11:08:50 -0500

[diff] [blame]

433

Py_ssize_t secret_size = sizeof(_Py_HashSecret_t);

Christian Heimes

2013-11-20 11:46:18 +0100

[diff] [blame]

434

assert(secret_size == sizeof(_Py_HashSecret.uc));

Georg Brandl

2012-02-20 19:54:16 +0100

[diff] [blame]

435

Benjamin Peterson

2012-02-21 11:08:50 -0500

[diff] [blame]

436

if (_Py_HashSecret_Initialized)

Georg Brandl

2012-02-20 19:54:16 +0100

[diff] [blame]

437

return;

Benjamin Peterson

2012-02-21 11:08:50 -0500

[diff] [blame]

438

_Py_HashSecret_Initialized = 1;

Georg Brandl

2012-02-20 19:54:16 +0100

[diff] [blame]

439

440

/*

Georg Brandl

2012-02-20 19:54:16 +0100

[diff] [blame]

441

Hash randomization is enabled. Generate a per-process secret,

442

using PYTHONHASHSEED if provided.

443

*/

444

445

env = Py_GETENV("PYTHONHASHSEED");

Georg Brandl

12897d7

2012-02-20 23:49:29 +0100

[diff] [blame]

446

if (env && *env != '\0' && strcmp(env, "random") != 0) {

Georg Brandl

2012-02-20 19:54:16 +0100

[diff] [blame]

447

char *endptr = env;

448

unsigned long seed;

449

seed = strtoul(env, &endptr, 10);

450

if (*endptr != '\0'

451

|| seed > 4294967295UL

452

|| (errno == ERANGE && seed == ULONG_MAX))

453

{

454

Py_FatalError("PYTHONHASHSEED must be \"random\" or an integer "

455

"in range [0; 4294967295]");

456

}

457

if (seed == 0) {

458

/* disable the randomized hash */

459

memset(secret, 0, secret_size);

460

}

461

else {

Christian Heimes

2013-11-20 11:46:18 +0100

[diff] [blame]

462

lcg_urandom(seed, secret, secret_size);

Georg Brandl

2012-02-20 19:54:16 +0100

[diff] [blame]

}

}

else {

#ifdef MS_WINDOWS

Christian Heimes

2013-11-20 11:46:18 +0100

[diff] [blame]

467

(void)win32_urandom(secret, secret_size, 0);

Victor Stinner

2015-10-01 09:47:30 +0200

[diff] [blame]

468

#elif defined(PY_GETENTROPY)

Victor Stinner

2014-12-21 01:16:38 +0100

[diff] [blame]

469

(void)py_getentropy(secret, secret_size, 1);

Christian Heimes

af01f66

2013-12-21 16:19:10 +0100

[diff] [blame]

470

#else

Christian Heimes

2013-11-20 11:46:18 +0100

[diff] [blame]

471

dev_urandom_noraise(secret, secret_size);

Georg Brandl

2012-02-20 19:54:16 +0100

[diff] [blame]

472

#endif

473

}

474

}

Antoine Pitrou

2013-08-31 00:26:02 +0200

[diff] [blame]

void

_PyRandom_Fini(void)

{

Victor Stinner

d50c3f3

2014-05-02 22:06:44 +0200

[diff] [blame]

479

#ifdef MS_WINDOWS

480

if (hCryptProv) {

Tim Golden

b8ac3e1

2014-05-06 13:29:45 +0100

[diff] [blame]

481

CryptReleaseContext(hCryptProv, 0);

Victor Stinner

d50c3f3

2014-05-02 22:06:44 +0200

[diff] [blame]

482

hCryptProv = 0;

483

}

Victor Stinner

2015-10-01 09:47:30 +0200

[diff] [blame]

484

#elif defined(PY_GETENTROPY)

Victor Stinner

2014-12-21 01:16:38 +0100

[diff] [blame]

485

/* nothing to clean */

Victor Stinner

d50c3f3

2014-05-02 22:06:44 +0200

[diff] [blame]

486

#else

Antoine Pitrou