Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / python / cpython3 / 9cf5c9d85e3b904a76acac3cbcdc0d45c4e486b5 / . / Python / random.c
blob: 7019a3503e8f95e5440189e63fd5740a54003f8d [file] [log] [blame]
Georg Brandl2daf6ae2012-02-20 19:54:16 +0100[diff] [blame]1#include "Python.h"
2#ifdef MS_WINDOWS
3#include <windows.h>
4#else
5#include <fcntl.h>
6#endif
7
Benjamin Peterson69e97272012-02-21 11:08:50 -0500[diff] [blame]8#ifdef Py_DEBUG
9int _Py_HashSecret_Initialized = 0;
10#else
11static int _Py_HashSecret_Initialized = 0;
12#endif
Georg Brandl2daf6ae2012-02-20 19:54:16 +0100[diff] [blame]13
14#ifdef MS_WINDOWS
15typedef BOOL (WINAPI *CRYPTACQUIRECONTEXTA)(HCRYPTPROV *phProv,\
16 LPCSTR pszContainer, LPCSTR pszProvider, DWORD dwProvType,\
17 DWORD dwFlags );
18typedef BOOL (WINAPI *CRYPTGENRANDOM)(HCRYPTPROV hProv, DWORD dwLen,\
19 BYTE *pbBuffer );
20
21static CRYPTGENRANDOM pCryptGenRandom = NULL;
22/* This handle is never explicitly released. Instead, the operating
23 system will release it when the process terminates. */
24static HCRYPTPROV hCryptProv = 0;
25
26static int
27win32_urandom_init(int raise)
28{
29 HINSTANCE hAdvAPI32 = NULL;
30 CRYPTACQUIRECONTEXTA pCryptAcquireContext = NULL;
31
32 /* Obtain handle to the DLL containing CryptoAPI. This should not fail. */
33 hAdvAPI32 = GetModuleHandle("advapi32.dll");
34 if(hAdvAPI32 == NULL)
35 goto error;
36
37 /* Obtain pointers to the CryptoAPI functions. This will fail on some early
38 versions of Win95. */
39 pCryptAcquireContext = (CRYPTACQUIRECONTEXTA)GetProcAddress(
40 hAdvAPI32, "CryptAcquireContextA");
41 if (pCryptAcquireContext == NULL)
42 goto error;
43
44 pCryptGenRandom = (CRYPTGENRANDOM)GetProcAddress(hAdvAPI32,
45 "CryptGenRandom");
46 if (pCryptGenRandom == NULL)
47 goto error;
48
49 /* Acquire context */
50 if (! pCryptAcquireContext(&hCryptProv, NULL, NULL,
51 PROV_RSA_FULL, CRYPT_VERIFYCONTEXT))
52 goto error;
53
54 return 0;
55
56error:
57 if (raise)
58 PyErr_SetFromWindowsErr(0);
59 else
60 Py_FatalError("Failed to initialize Windows random API (CryptoGen)");
61 return -1;
62}
63
64/* Fill buffer with size pseudo-random bytes generated by the Windows CryptoGen
65 API. Return 0 on success, or -1 on error. */
66static int
67win32_urandom(unsigned char *buffer, Py_ssize_t size, int raise)
68{
69 Py_ssize_t chunk;
70
71 if (hCryptProv == 0)
72 {
73 if (win32_urandom_init(raise) == -1)
74 return -1;
75 }
76
77 while (size > 0)
78 {
79 chunk = size > INT_MAX ? INT_MAX : size;
80 if (!pCryptGenRandom(hCryptProv, chunk, buffer))
81 {
82 /* CryptGenRandom() failed */
83 if (raise)
84 PyErr_SetFromWindowsErr(0);
85 else
86 Py_FatalError("Failed to initialized the randomized hash "
87 "secret using CryptoGen)");
88 return -1;
89 }
90 buffer += chunk;
91 size -= chunk;
92 }
93 return 0;
94}
95#endif /* MS_WINDOWS */
96
97
98#ifdef __VMS
99/* Use openssl random routine */
100#include <openssl/rand.h>
101static int
102vms_urandom(unsigned char *buffer, Py_ssize_t size, int raise)
103{
104 if (RAND_pseudo_bytes(buffer, size) < 0) {
105 if (raise) {
106 PyErr_Format(PyExc_ValueError,
107 "RAND_pseudo_bytes");
108 } else {
109 Py_FatalError("Failed to initialize the randomized hash "
110 "secret using RAND_pseudo_bytes");
111 }
112 return -1;
113 }
114 return 0;
115}
116#endif /* __VMS */
117
118
119#if !defined(MS_WINDOWS) && !defined(__VMS)
120
121/* Read size bytes from /dev/urandom into buffer.
122 Call Py_FatalError() on error. */
123static void
124dev_urandom_noraise(char *buffer, Py_ssize_t size)
125{
126 int fd;
127 Py_ssize_t n;
128
129 assert (0 < size);
130
131 fd = open("/dev/urandom", O_RDONLY);
132 if (fd < 0)
133 Py_FatalError("Failed to open /dev/urandom");
134
135 while (0 < size)
136 {
137 do {
138 n = read(fd, buffer, (size_t)size);
139 } while (n < 0 && errno == EINTR);
140 if (n <= 0)
141 {
142 /* stop on error or if read(size) returned 0 */
143 Py_FatalError("Failed to read bytes from /dev/urandom");
144 break;
145 }
146 buffer += n;
147 size -= (Py_ssize_t)n;
148 }
149 close(fd);
150}
151
152/* Read size bytes from /dev/urandom into buffer.
153 Return 0 on success, raise an exception and return -1 on error. */
154static int
155dev_urandom_python(char *buffer, Py_ssize_t size)
156{
157 int fd;
158 Py_ssize_t n;
159
160 if (size <= 0)
161 return 0;
162
163 Py_BEGIN_ALLOW_THREADS
164 fd = open("/dev/urandom", O_RDONLY);
165 Py_END_ALLOW_THREADS
166 if (fd < 0)
167 {
168 PyErr_SetFromErrnoWithFilename(PyExc_OSError, "/dev/urandom");
169 return -1;
170 }
171
172 Py_BEGIN_ALLOW_THREADS
173 do {
174 do {
175 n = read(fd, buffer, (size_t)size);
176 } while (n < 0 && errno == EINTR);
177 if (n <= 0)
178 break;
179 buffer += n;
180 size -= (Py_ssize_t)n;
181 } while (0 < size);
182 Py_END_ALLOW_THREADS
183
184 if (n <= 0)
185 {
186 /* stop on error or if read(size) returned 0 */
187 if (n < 0)
188 PyErr_SetFromErrno(PyExc_OSError);
189 else
190 PyErr_Format(PyExc_RuntimeError,
191 "Failed to read %zi bytes from /dev/urandom",
192 size);
193 close(fd);
194 return -1;
195 }
196 close(fd);
197 return 0;
198}
199#endif /* !defined(MS_WINDOWS) && !defined(__VMS) */
200
201/* Fill buffer with pseudo-random bytes generated by a linear congruent
202 generator (LCG):
203
204 x(n+1) = (x(n) * 214013 + 2531011) % 2^32
205
206 Use bits 23..16 of x(n) to generate a byte. */
207static void
208lcg_urandom(unsigned int x0, unsigned char *buffer, size_t size)
209{
210 size_t index;
211 unsigned int x;
212
213 x = x0;
214 for (index=0; index < size; index++) {
215 x *= 214013;
216 x += 2531011;
217 /* modulo 2 ^ (8 * sizeof(int)) */
218 buffer[index] = (x >> 16) & 0xff;
219 }
220}
221
222/* Fill buffer with size pseudo-random bytes, not suitable for cryptographic
223 use, from the operating random number generator (RNG).
224
225 Return 0 on success, raise an exception and return -1 on error. */
226int
227_PyOS_URandom(void *buffer, Py_ssize_t size)
228{
229 if (size < 0) {
230 PyErr_Format(PyExc_ValueError,
231 "negative argument not allowed");
232 return -1;
233 }
234 if (size == 0)
235 return 0;
236
237#ifdef MS_WINDOWS
238 return win32_urandom((unsigned char *)buffer, size, 1);
239#else
240# ifdef __VMS
241 return vms_urandom((unsigned char *)buffer, size, 1);
242# else
243 return dev_urandom_python((char*)buffer, size);
244# endif
245#endif
246}
247
248void
249_PyRandom_Init(void)
250{
251 char *env;
252 void *secret = &_Py_HashSecret;
Benjamin Peterson69e97272012-02-21 11:08:50 -0500[diff] [blame]253 Py_ssize_t secret_size = sizeof(_Py_HashSecret_t);
Georg Brandl2daf6ae2012-02-20 19:54:16 +0100[diff] [blame]254
Benjamin Peterson69e97272012-02-21 11:08:50 -0500[diff] [blame]255 if (_Py_HashSecret_Initialized)
Georg Brandl2daf6ae2012-02-20 19:54:16 +0100[diff] [blame]256 return;
Benjamin Peterson69e97272012-02-21 11:08:50 -0500[diff] [blame]257 _Py_HashSecret_Initialized = 1;
Georg Brandl2daf6ae2012-02-20 19:54:16 +0100[diff] [blame]258
259 /*
Georg Brandl2daf6ae2012-02-20 19:54:16 +0100[diff] [blame]260 Hash randomization is enabled. Generate a per-process secret,
261 using PYTHONHASHSEED if provided.
262 */
263
264 env = Py_GETENV("PYTHONHASHSEED");
Georg Brandl12897d72012-02-20 23:49:29 +0100[diff] [blame]265 if (env && *env != '\0' && strcmp(env, "random") != 0) {
Georg Brandl2daf6ae2012-02-20 19:54:16 +0100[diff] [blame]266 char *endptr = env;
267 unsigned long seed;
268 seed = strtoul(env, &endptr, 10);
269 if (*endptr != '\0'
270 || seed > 4294967295UL
271 || (errno == ERANGE && seed == ULONG_MAX))
272 {
273 Py_FatalError("PYTHONHASHSEED must be \"random\" or an integer "
274 "in range [0; 4294967295]");
275 }
276 if (seed == 0) {
277 /* disable the randomized hash */
278 memset(secret, 0, secret_size);
279 }
280 else {
281 lcg_urandom(seed, (unsigned char*)secret, secret_size);
282 }
283 }
284 else {
285#ifdef MS_WINDOWS
286 (void)win32_urandom((unsigned char *)secret, secret_size, 0);
287#else /* #ifdef MS_WINDOWS */
288# ifdef __VMS
289 vms_urandom((unsigned char *)secret, secret_size, 0);
290# else
291 dev_urandom_noraise((char*)secret, secret_size);
292# endif
293#endif
294 }
295}