Blame - Python/random.c - platform/external/python/cpython3

blob: 8f3e6d60219dadb87fdcf0ab6aecd249c636a383 [file] [log] [blame]

Georg Brandl	2daf6ae	2012-02-20 19:54:16 +0100	[diff] [blame]	1	#include "Python.h"
				2	#ifdef MS_WINDOWS
Victor Stinner	59f7fb2	2015-03-18 14:39:33 +0100	[diff] [blame]	3	# include <windows.h>
Georg Brandl	2daf6ae	2012-02-20 19:54:16 +0100	[diff] [blame]	4	#else
Victor Stinner	59f7fb2	2015-03-18 14:39:33 +0100	[diff] [blame]	5	# include <fcntl.h>
				6	# ifdef HAVE_SYS_STAT_H
				7	# include <sys/stat.h>
				8	# endif
Victor Stinner	3abf44e	2015-09-18 15:38:37 +0200	[diff] [blame]	9	# ifdef HAVE_GETRANDOM
				10	# include <sys/random.h>
				11	# elif defined(HAVE_GETRANDOM_SYSCALL)
Victor Stinner	59f7fb2	2015-03-18 14:39:33 +0100	[diff] [blame]	12	# include <sys/syscall.h>
Victor Stinner	59f7fb2	2015-03-18 14:39:33 +0100	[diff] [blame]	13	# endif
Georg Brandl	2daf6ae	2012-02-20 19:54:16 +0100	[diff] [blame]	14	#endif
				15
Benjamin Peterson	69e9727	2012-02-21 11:08:50 -0500	[diff] [blame]	16	#ifdef Py_DEBUG
				17	int _Py_HashSecret_Initialized = 0;
				18	#else
				19	static int _Py_HashSecret_Initialized = 0;
				20	#endif
Georg Brandl	2daf6ae	2012-02-20 19:54:16 +0100	[diff] [blame]	21
				22	#ifdef MS_WINDOWS
Georg Brandl	2daf6ae	2012-02-20 19:54:16 +0100	[diff] [blame]	23	static HCRYPTPROV hCryptProv = 0;
				24
				25	static int
				26	win32_urandom_init(int raise)
				27	{
Georg Brandl	2daf6ae	2012-02-20 19:54:16 +0100	[diff] [blame]	28	/* Acquire context */
Martin v. Löwis	3f50bf6	2013-01-25 14:06:18 +0100	[diff] [blame]	29	if (!CryptAcquireContext(&hCryptProv, NULL, NULL,
				30	PROV_RSA_FULL, CRYPT_VERIFYCONTEXT))
Georg Brandl	2daf6ae	2012-02-20 19:54:16 +0100	[diff] [blame]	31	goto error;
				32
				33	return 0;
				34
				35	error:
				36	if (raise)
				37	PyErr_SetFromWindowsErr(0);
				38	else
				39	Py_FatalError("Failed to initialize Windows random API (CryptoGen)");
				40	return -1;
				41	}
				42
				43	/* Fill buffer with size pseudo-random bytes generated by the Windows CryptoGen
Victor Stinner	4d6a3d6	2014-12-21 01:16:38 +0100	[diff] [blame]	44	API. Return 0 on success, or raise an exception and return -1 on error. */
Georg Brandl	2daf6ae	2012-02-20 19:54:16 +0100	[diff] [blame]	45	static int
				46	win32_urandom(unsigned char *buffer, Py_ssize_t size, int raise)
				47	{
				48	Py_ssize_t chunk;
				49
				50	if (hCryptProv == 0)
				51	{
				52	if (win32_urandom_init(raise) == -1)
				53	return -1;
				54	}
				55
				56	while (size > 0)
				57	{
				58	chunk = size > INT_MAX ? INT_MAX : size;
Victor Stinner	0c08346	2013-11-15 23:26:25 +0100	[diff] [blame]	59	if (!CryptGenRandom(hCryptProv, (DWORD)chunk, buffer))
Georg Brandl	2daf6ae	2012-02-20 19:54:16 +0100	[diff] [blame]	60	{
				61	/* CryptGenRandom() failed */
				62	if (raise)
				63	PyErr_SetFromWindowsErr(0);
				64	else
				65	Py_FatalError("Failed to initialized the randomized hash "
				66	"secret using CryptoGen)");
				67	return -1;
				68	}
				69	buffer += chunk;
				70	size -= chunk;
				71	}
				72	return 0;
				73	}
Georg Brandl	2daf6ae	2012-02-20 19:54:16 +0100	[diff] [blame]	74
Victor Stinner	3abf44e	2015-09-18 15:38:37 +0200	[diff] [blame]	75	#elif defined(HAVE_GETENTROPY) && !defined(sun)
				76	#define PY_GETENTROPY
				77
Victor Stinner	4d6a3d6	2014-12-21 01:16:38 +0100	[diff] [blame]	78	/* Fill buffer with size pseudo-random bytes generated by getentropy().
				79	Return 0 on success, or raise an exception and return -1 on error.
Georg Brandl	2daf6ae	2012-02-20 19:54:16 +0100	[diff] [blame]	80
Victor Stinner	4d6a3d6	2014-12-21 01:16:38 +0100	[diff] [blame]	81	If fatal is nonzero, call Py_FatalError() instead of raising an exception
				82	on error. */
				83	static int
				84	py_getentropy(unsigned char *buffer, Py_ssize_t size, int fatal)
				85	{
				86	while (size > 0) {
				87	Py_ssize_t len = Py_MIN(size, 256);
Victor Stinner	9aa1331	2015-03-30 11:18:30 +0200	[diff] [blame]	88	int res;
				89
				90	if (!fatal) {
				91	Py_BEGIN_ALLOW_THREADS
				92	res = getentropy(buffer, len);
				93	Py_END_ALLOW_THREADS
				94
				95	if (res < 0) {
Victor Stinner	4d6a3d6	2014-12-21 01:16:38 +0100	[diff] [blame]	96	PyErr_SetFromErrno(PyExc_OSError);
				97	return -1;
				98	}
				99	}
Victor Stinner	9aa1331	2015-03-30 11:18:30 +0200	[diff] [blame]	100	else {
				101	res = getentropy(buffer, len);
				102	if (res < 0)
				103	Py_FatalError("getentropy() failed");
				104	}
				105
Victor Stinner	4d6a3d6	2014-12-21 01:16:38 +0100	[diff] [blame]	106	buffer += len;
				107	size -= len;
				108	}
				109	return 0;
				110	}
				111
Victor Stinner	3abf44e	2015-09-18 15:38:37 +0200	[diff] [blame]	112	#else
Victor Stinner	59f7fb2	2015-03-18 14:39:33 +0100	[diff] [blame]	113
Victor Stinner	3abf44e	2015-09-18 15:38:37 +0200	[diff] [blame]	114	#if defined(HAVE_GETRANDOM) \|\| defined(HAVE_GETRANDOM_SYSCALL)
				115	#define PY_GETRANDOM
				116
Victor Stinner	59f7fb2	2015-03-18 14:39:33 +0100	[diff] [blame]	117	static int
				118	py_getrandom(void *buffer, Py_ssize_t size, int raise)
				119	{
Victor Stinner	3abf44e	2015-09-18 15:38:37 +0200	[diff] [blame]	120	/* Is getrandom() supported by the running kernel?
				121	* Need Linux kernel 3.17 or newer, or Solaris 11.3 or newer */
Victor Stinner	59f7fb2	2015-03-18 14:39:33 +0100	[diff] [blame]	122	static int getrandom_works = 1;
Victor Stinner	3abf44e	2015-09-18 15:38:37 +0200	[diff] [blame]	123	/* Use non-blocking /dev/urandom device. On Linux at boot, the getrandom()
				124	* syscall blocks until /dev/urandom is initialized with enough entropy. */
Victor Stinner	59f7fb2	2015-03-18 14:39:33 +0100	[diff] [blame]	125	const int flags = 0;
				126	int n;
				127
				128	if (!getrandom_works)
				129	return 0;
				130
				131	while (0 < size) {
				132	errno = 0;
Victor Stinner	79b74ae	2015-03-30 11:16:40 +0200	[diff] [blame]	133
Victor Stinner	3abf44e	2015-09-18 15:38:37 +0200	[diff] [blame]	134	#ifdef HAVE_GETRANDOM
				135	if (raise) {
				136	Py_BEGIN_ALLOW_THREADS
				137	n = getrandom(buffer, size, flags);
				138	Py_END_ALLOW_THREADS
				139	}
				140	else {
				141	n = getrandom(buffer, size, flags);
				142	}
				143	#else
				144	/* On Linux, use the syscall() function because the GNU libc doesn't
				145	* expose the Linux getrandom() syscall yet. See:
Victor Stinner	59f7fb2	2015-03-18 14:39:33 +0100	[diff] [blame]	146	* https://sourceware.org/bugzilla/show_bug.cgi?id=17252 */
Victor Stinner	79b74ae	2015-03-30 11:16:40 +0200	[diff] [blame]	147	if (raise) {
				148	Py_BEGIN_ALLOW_THREADS
				149	n = syscall(SYS_getrandom, buffer, size, flags);
				150	Py_END_ALLOW_THREADS
				151	}
				152	else {
				153	n = syscall(SYS_getrandom, buffer, size, flags);
				154	}
Victor Stinner	3abf44e	2015-09-18 15:38:37 +0200	[diff] [blame]	155	#endif
Victor Stinner	79b74ae	2015-03-30 11:16:40 +0200	[diff] [blame]	156
Victor Stinner	59f7fb2	2015-03-18 14:39:33 +0100	[diff] [blame]	157	if (n < 0) {
				158	if (errno == ENOSYS) {
				159	getrandom_works = 0;
				160	return 0;
				161	}
				162
				163	if (errno == EINTR) {
Victor Stinner	59f7fb2	2015-03-18 14:39:33 +0100	[diff] [blame]	164	if (PyErr_CheckSignals()) {
				165	if (!raise)
				166	Py_FatalError("getrandom() interrupted by a signal");
				167	return -1;
				168	}
				169	/* retry getrandom() */
				170	continue;
				171	}
				172
				173	if (raise)
				174	PyErr_SetFromErrno(PyExc_OSError);
				175	else
				176	Py_FatalError("getrandom() failed");
				177	return -1;
				178	}
				179
				180	buffer += n;
				181	size -= n;
				182	}
				183	return 1;
				184	}
				185	#endif
				186
Antoine Pitrou	e472aea	2014-04-26 14:33:03 +0200	[diff] [blame]	187	static struct {
				188	int fd;
				189	dev_t st_dev;
				190	ino_t st_ino;
				191	} urandom_cache = { -1 };
Georg Brandl	2daf6ae	2012-02-20 19:54:16 +0100	[diff] [blame]	192
Victor Stinner	59f7fb2	2015-03-18 14:39:33 +0100	[diff] [blame]	193
Georg Brandl	2daf6ae	2012-02-20 19:54:16 +0100	[diff] [blame]	194	/* Read size bytes from /dev/urandom into buffer.
				195	Call Py_FatalError() on error. */
				196	static void
Christian Heimes	985ecdc	2013-11-20 11:46:18 +0100	[diff] [blame]	197	dev_urandom_noraise(unsigned char *buffer, Py_ssize_t size)
Georg Brandl	2daf6ae	2012-02-20 19:54:16 +0100	[diff] [blame]	198	{
				199	int fd;
				200	Py_ssize_t n;
				201
				202	assert (0 < size);
				203
Victor Stinner	3abf44e	2015-09-18 15:38:37 +0200	[diff] [blame]	204	#ifdef PY_GETRANDOM
Victor Stinner	59f7fb2	2015-03-18 14:39:33 +0100	[diff] [blame]	205	if (py_getrandom(buffer, size, 0) == 1)
				206	return;
				207	/* getrandom() is not supported by the running kernel, fall back
				208	* on reading /dev/urandom */
				209	#endif
				210
Victor Stinner	c7cd12d	2015-03-19 23:24:45 +0100	[diff] [blame]	211	fd = _Py_open_noraise("/dev/urandom", O_RDONLY);
				212	if (fd < 0)
				213	Py_FatalError("Failed to open /dev/urandom");
				214
Georg Brandl	2daf6ae	2012-02-20 19:54:16 +0100	[diff] [blame]	215	while (0 < size)
				216	{
				217	do {
				218	n = read(fd, buffer, (size_t)size);
				219	} while (n < 0 && errno == EINTR);
				220	if (n <= 0)
				221	{
				222	/* stop on error or if read(size) returned 0 */
				223	Py_FatalError("Failed to read bytes from /dev/urandom");
				224	break;
				225	}
				226	buffer += n;
				227	size -= (Py_ssize_t)n;
				228	}
				229	close(fd);
				230	}
				231
				232	/* Read size bytes from /dev/urandom into buffer.
				233	Return 0 on success, raise an exception and return -1 on error. */
				234	static int
				235	dev_urandom_python(char *buffer, Py_ssize_t size)
				236	{
				237	int fd;
				238	Py_ssize_t n;
Steve Dower	f2f373f	2015-02-21 08:44:05 -0800	[diff] [blame]	239	struct _Py_stat_struct st;
Victor Stinner	3abf44e	2015-09-18 15:38:37 +0200	[diff] [blame]	240	#ifdef PY_GETRANDOM
Victor Stinner	59f7fb2	2015-03-18 14:39:33 +0100	[diff] [blame]	241	int res;
				242	#endif
Georg Brandl	2daf6ae	2012-02-20 19:54:16 +0100	[diff] [blame]	243
				244	if (size <= 0)
				245	return 0;
				246
Victor Stinner	3abf44e	2015-09-18 15:38:37 +0200	[diff] [blame]	247	#ifdef PY_GETRANDOM
Victor Stinner	59f7fb2	2015-03-18 14:39:33 +0100	[diff] [blame]	248	res = py_getrandom(buffer, size, 1);
				249	if (res < 0)
				250	return -1;
				251	if (res == 1)
				252	return 0;
				253	/* getrandom() is not supported by the running kernel, fall back
				254	* on reading /dev/urandom */
				255	#endif
				256
Antoine Pitrou	e472aea	2014-04-26 14:33:03 +0200	[diff] [blame]	257	if (urandom_cache.fd >= 0) {
				258	/* Does the fd point to the same thing as before? (issue #21207) */
Victor Stinner	e134a7f	2015-03-30 10:09:31 +0200	[diff] [blame]	259	if (_Py_fstat_noraise(urandom_cache.fd, &st)
Antoine Pitrou	e472aea	2014-04-26 14:33:03 +0200	[diff] [blame]	260	\|\| st.st_dev != urandom_cache.st_dev
				261	\|\| st.st_ino != urandom_cache.st_ino) {
				262	/* Something changed: forget the cached fd (but don't close it,
				263	since it probably points to something important for some
				264	third-party code). */
				265	urandom_cache.fd = -1;
				266	}
				267	}
				268	if (urandom_cache.fd >= 0)
				269	fd = urandom_cache.fd;
Antoine Pitrou	4879a96	2013-08-31 00:26:02 +0200	[diff] [blame]	270	else {
Antoine Pitrou	4879a96	2013-08-31 00:26:02 +0200	[diff] [blame]	271	fd = _Py_open("/dev/urandom", O_RDONLY);
Victor Stinner	a555cfc	2015-03-18 00:22:14 +0100	[diff] [blame]	272	if (fd < 0) {
Antoine Pitrou	4879a96	2013-08-31 00:26:02 +0200	[diff] [blame]	273	if (errno == ENOENT \|\| errno == ENXIO \|\|
				274	errno == ENODEV \|\| errno == EACCES)
				275	PyErr_SetString(PyExc_NotImplementedError,
				276	"/dev/urandom (or equivalent) not found");
Victor Stinner	a555cfc	2015-03-18 00:22:14 +0100	[diff] [blame]	277	/* otherwise, keep the OSError exception raised by _Py_open() */
Antoine Pitrou	4879a96	2013-08-31 00:26:02 +0200	[diff] [blame]	278	return -1;
				279	}
Antoine Pitrou	e472aea	2014-04-26 14:33:03 +0200	[diff] [blame]	280	if (urandom_cache.fd >= 0) {
Antoine Pitrou	4879a96	2013-08-31 00:26:02 +0200	[diff] [blame]	281	/* urandom_fd was initialized by another thread while we were
				282	not holding the GIL, keep it. */
				283	close(fd);
Antoine Pitrou	e472aea	2014-04-26 14:33:03 +0200	[diff] [blame]	284	fd = urandom_cache.fd;
Antoine Pitrou	4879a96	2013-08-31 00:26:02 +0200	[diff] [blame]	285	}
Antoine Pitrou	e472aea	2014-04-26 14:33:03 +0200	[diff] [blame]	286	else {
Steve Dower	f2f373f	2015-02-21 08:44:05 -0800	[diff] [blame]	287	if (_Py_fstat(fd, &st)) {
Antoine Pitrou	e472aea	2014-04-26 14:33:03 +0200	[diff] [blame]	288	close(fd);
				289	return -1;
				290	}
				291	else {
				292	urandom_cache.fd = fd;
				293	urandom_cache.st_dev = st.st_dev;
				294	urandom_cache.st_ino = st.st_ino;
				295	}
				296	}
Georg Brandl	2daf6ae	2012-02-20 19:54:16 +0100	[diff] [blame]	297	}
				298
Georg Brandl	2daf6ae	2012-02-20 19:54:16 +0100	[diff] [blame]	299	do {
Victor Stinner	c9382eb	2015-03-19 23:36:33 +0100	[diff] [blame]	300	n = _Py_read(fd, buffer, (size_t)size);
				301	if (n == -1)
				302	return -1;
				303	if (n == 0) {
Georg Brandl	2daf6ae	2012-02-20 19:54:16 +0100	[diff] [blame]	304	PyErr_Format(PyExc_RuntimeError,
Victor Stinner	c9382eb	2015-03-19 23:36:33 +0100	[diff] [blame]	305	"Failed to read %zi bytes from /dev/urandom",
				306	size);
				307	return -1;
				308	}
				309
				310	buffer += n;
				311	size -= n;
				312	} while (0 < size);
				313
Georg Brandl	2daf6ae	2012-02-20 19:54:16 +0100	[diff] [blame]	314	return 0;
				315	}
Antoine Pitrou	4879a96	2013-08-31 00:26:02 +0200	[diff] [blame]	316
				317	static void
				318	dev_urandom_close(void)
				319	{
Antoine Pitrou	e472aea	2014-04-26 14:33:03 +0200	[diff] [blame]	320	if (urandom_cache.fd >= 0) {
				321	close(urandom_cache.fd);
				322	urandom_cache.fd = -1;
Antoine Pitrou	4879a96	2013-08-31 00:26:02 +0200	[diff] [blame]	323	}
				324	}
				325
Victor Stinner	3abf44e	2015-09-18 15:38:37 +0200	[diff] [blame]	326	#endif
Georg Brandl	2daf6ae	2012-02-20 19:54:16 +0100	[diff] [blame]	327
				328	/* Fill buffer with pseudo-random bytes generated by a linear congruent
				329	generator (LCG):
				330
				331	x(n+1) = (x(n) * 214013 + 2531011) % 2^32
				332
				333	Use bits 23..16 of x(n) to generate a byte. */
				334	static void
				335	lcg_urandom(unsigned int x0, unsigned char *buffer, size_t size)
				336	{
				337	size_t index;
				338	unsigned int x;
				339
				340	x = x0;
				341	for (index=0; index < size; index++) {
				342	x *= 214013;
				343	x += 2531011;
				344	/* modulo 2 ^ (8 * sizeof(int)) */
				345	buffer[index] = (x >> 16) & 0xff;
				346	}
				347	}
				348
Georg Brandl	c6a2c9b	2013-10-06 18:43:19 +0200	[diff] [blame]	349	/* Fill buffer with size pseudo-random bytes from the operating system random
Serhiy Storchaka	56a6d85	2014-12-01 18:28:43 +0200	[diff] [blame]	350	number generator (RNG). It is suitable for most cryptographic purposes
Georg Brandl	c6a2c9b	2013-10-06 18:43:19 +0200	[diff] [blame]	351	except long living private keys for asymmetric encryption.
Georg Brandl	2daf6ae	2012-02-20 19:54:16 +0100	[diff] [blame]	352
				353	Return 0 on success, raise an exception and return -1 on error. */
				354	int
				355	_PyOS_URandom(void *buffer, Py_ssize_t size)
				356	{
				357	if (size < 0) {
				358	PyErr_Format(PyExc_ValueError,
				359	"negative argument not allowed");
				360	return -1;
				361	}
				362	if (size == 0)
				363	return 0;
				364
				365	#ifdef MS_WINDOWS
				366	return win32_urandom((unsigned char *)buffer, size, 1);
Victor Stinner	3abf44e	2015-09-18 15:38:37 +0200	[diff] [blame]	367	#elif PY_GETENTROPY
Victor Stinner	4d6a3d6	2014-12-21 01:16:38 +0100	[diff] [blame]	368	return py_getentropy(buffer, size, 0);
Georg Brandl	2daf6ae	2012-02-20 19:54:16 +0100	[diff] [blame]	369	#else
Georg Brandl	2daf6ae	2012-02-20 19:54:16 +0100	[diff] [blame]	370	return dev_urandom_python((char*)buffer, size);
Georg Brandl	2daf6ae	2012-02-20 19:54:16 +0100	[diff] [blame]	371	#endif
				372	}
				373
				374	void
				375	_PyRandom_Init(void)
				376	{
				377	char *env;
Christian Heimes	985ecdc	2013-11-20 11:46:18 +0100	[diff] [blame]	378	unsigned char secret = (unsigned char )&_Py_HashSecret.uc;
Benjamin Peterson	69e9727	2012-02-21 11:08:50 -0500	[diff] [blame]	379	Py_ssize_t secret_size = sizeof(_Py_HashSecret_t);
Christian Heimes	985ecdc	2013-11-20 11:46:18 +0100	[diff] [blame]	380	assert(secret_size == sizeof(_Py_HashSecret.uc));
Georg Brandl	2daf6ae	2012-02-20 19:54:16 +0100	[diff] [blame]	381
Benjamin Peterson	69e9727	2012-02-21 11:08:50 -0500	[diff] [blame]	382	if (_Py_HashSecret_Initialized)
Georg Brandl	2daf6ae	2012-02-20 19:54:16 +0100	[diff] [blame]	383	return;
Benjamin Peterson	69e9727	2012-02-21 11:08:50 -0500	[diff] [blame]	384	_Py_HashSecret_Initialized = 1;
Georg Brandl	2daf6ae	2012-02-20 19:54:16 +0100	[diff] [blame]	385
				386	/*
Georg Brandl	2daf6ae	2012-02-20 19:54:16 +0100	[diff] [blame]	387	Hash randomization is enabled. Generate a per-process secret,
				388	using PYTHONHASHSEED if provided.
				389	*/
				390
				391	env = Py_GETENV("PYTHONHASHSEED");
Georg Brandl	12897d7	2012-02-20 23:49:29 +0100	[diff] [blame]	392	if (env && *env != '\0' && strcmp(env, "random") != 0) {
Georg Brandl	2daf6ae	2012-02-20 19:54:16 +0100	[diff] [blame]	393	char *endptr = env;
				394	unsigned long seed;
				395	seed = strtoul(env, &endptr, 10);
				396	if (*endptr != '\0'
				397	\|\| seed > 4294967295UL
				398	\|\| (errno == ERANGE && seed == ULONG_MAX))
				399	{
				400	Py_FatalError("PYTHONHASHSEED must be \"random\" or an integer "
				401	"in range [0; 4294967295]");
				402	}
				403	if (seed == 0) {
				404	/* disable the randomized hash */
				405	memset(secret, 0, secret_size);
				406	}
				407	else {
Christian Heimes	985ecdc	2013-11-20 11:46:18 +0100	[diff] [blame]	408	lcg_urandom(seed, secret, secret_size);
Georg Brandl	2daf6ae	2012-02-20 19:54:16 +0100	[diff] [blame]	409	}
				410	}
				411	else {
				412	#ifdef MS_WINDOWS
Christian Heimes	985ecdc	2013-11-20 11:46:18 +0100	[diff] [blame]	413	(void)win32_urandom(secret, secret_size, 0);
Victor Stinner	3abf44e	2015-09-18 15:38:37 +0200	[diff] [blame]	414	#elif PY_GETENTROPY
Victor Stinner	4d6a3d6	2014-12-21 01:16:38 +0100	[diff] [blame]	415	(void)py_getentropy(secret, secret_size, 1);
Christian Heimes	af01f66	2013-12-21 16:19:10 +0100	[diff] [blame]	416	#else
Christian Heimes	985ecdc	2013-11-20 11:46:18 +0100	[diff] [blame]	417	dev_urandom_noraise(secret, secret_size);
Georg Brandl	2daf6ae	2012-02-20 19:54:16 +0100	[diff] [blame]	418	#endif
				419	}
				420	}
Antoine Pitrou	4879a96	2013-08-31 00:26:02 +0200	[diff] [blame]	421
				422	void
				423	_PyRandom_Fini(void)
				424	{
Victor Stinner	d50c3f3	2014-05-02 22:06:44 +0200	[diff] [blame]	425	#ifdef MS_WINDOWS
				426	if (hCryptProv) {
Tim Golden	b8ac3e1	2014-05-06 13:29:45 +0100	[diff] [blame]	427	CryptReleaseContext(hCryptProv, 0);
Victor Stinner	d50c3f3	2014-05-02 22:06:44 +0200	[diff] [blame]	428	hCryptProv = 0;
				429	}
Victor Stinner	3abf44e	2015-09-18 15:38:37 +0200	[diff] [blame]	430	#elif PY_GETENTROPY
Victor Stinner	4d6a3d6	2014-12-21 01:16:38 +0100	[diff] [blame]	431	/* nothing to clean */
Victor Stinner	d50c3f3	2014-05-02 22:06:44 +0200	[diff] [blame]	432	#else
Antoine Pitrou	4879a96	2013-08-31 00:26:02 +0200	[diff] [blame]	433	dev_urandom_close();
				434	#endif
				435	}