Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / python / cpython3 / c137f7c065990cd438de3083ca4ade29000d57e2 / . / Python / random.c
blob: 1ad4c3df7f8793cc71804aa08fbe98bb2077a7dd [file] [log] [blame]
Georg Brandl2daf6ae2012-02-20 19:54:16 +0100[diff] [blame]1#include "Python.h"
2#ifdef MS_WINDOWS
3#include <windows.h>
4#else
5#include <fcntl.h>
6#endif
7
Benjamin Peterson69e97272012-02-21 11:08:50 -0500[diff] [blame]8#ifdef Py_DEBUG
9int _Py_HashSecret_Initialized = 0;
10#else
11static int _Py_HashSecret_Initialized = 0;
12#endif
Georg Brandl2daf6ae2012-02-20 19:54:16 +0100[diff] [blame]13
14#ifdef MS_WINDOWS
Georg Brandl2daf6ae2012-02-20 19:54:16 +0100[diff] [blame]15/* This handle is never explicitly released. Instead, the operating
16 system will release it when the process terminates. */
17static HCRYPTPROV hCryptProv = 0;
18
19static int
20win32_urandom_init(int raise)
21{
Georg Brandl2daf6ae2012-02-20 19:54:16 +0100[diff] [blame]22 /* Acquire context */
Martin v. Löwis3f50bf62013-01-25 14:06:18 +0100[diff] [blame]23 if (!CryptAcquireContext(&hCryptProv, NULL, NULL,
24 PROV_RSA_FULL, CRYPT_VERIFYCONTEXT))
Georg Brandl2daf6ae2012-02-20 19:54:16 +0100[diff] [blame]25 goto error;
26
27 return 0;
28
29error:
30 if (raise)
31 PyErr_SetFromWindowsErr(0);
32 else
33 Py_FatalError("Failed to initialize Windows random API (CryptoGen)");
34 return -1;
35}
36
37/* Fill buffer with size pseudo-random bytes generated by the Windows CryptoGen
38 API. Return 0 on success, or -1 on error. */
39static int
40win32_urandom(unsigned char *buffer, Py_ssize_t size, int raise)
41{
42 Py_ssize_t chunk;
43
44 if (hCryptProv == 0)
45 {
46 if (win32_urandom_init(raise) == -1)
47 return -1;
48 }
49
50 while (size > 0)
51 {
52 chunk = size > INT_MAX ? INT_MAX : size;
Martin v. Löwis3f50bf62013-01-25 14:06:18 +0100[diff] [blame]53 if (!CryptGenRandom(hCryptProv, chunk, buffer))
Georg Brandl2daf6ae2012-02-20 19:54:16 +0100[diff] [blame]54 {
55 /* CryptGenRandom() failed */
56 if (raise)
57 PyErr_SetFromWindowsErr(0);
58 else
59 Py_FatalError("Failed to initialized the randomized hash "
60 "secret using CryptoGen)");
61 return -1;
62 }
63 buffer += chunk;
64 size -= chunk;
65 }
66 return 0;
67}
68#endif /* MS_WINDOWS */
69
70
71#ifdef __VMS
72/* Use openssl random routine */
73#include <openssl/rand.h>
74static int
75vms_urandom(unsigned char *buffer, Py_ssize_t size, int raise)
76{
77 if (RAND_pseudo_bytes(buffer, size) < 0) {
78 if (raise) {
79 PyErr_Format(PyExc_ValueError,
80 "RAND_pseudo_bytes");
81 } else {
82 Py_FatalError("Failed to initialize the randomized hash "
83 "secret using RAND_pseudo_bytes");
84 }
85 return -1;
86 }
87 return 0;
88}
89#endif /* __VMS */
90
91
92#if !defined(MS_WINDOWS) && !defined(__VMS)
93
94/* Read size bytes from /dev/urandom into buffer.
95 Call Py_FatalError() on error. */
96static void
97dev_urandom_noraise(char *buffer, Py_ssize_t size)
98{
99 int fd;
100 Py_ssize_t n;
101
102 assert (0 < size);
103
104 fd = open("/dev/urandom", O_RDONLY);
105 if (fd < 0)
106 Py_FatalError("Failed to open /dev/urandom");
107
108 while (0 < size)
109 {
110 do {
111 n = read(fd, buffer, (size_t)size);
112 } while (n < 0 && errno == EINTR);
113 if (n <= 0)
114 {
115 /* stop on error or if read(size) returned 0 */
116 Py_FatalError("Failed to read bytes from /dev/urandom");
117 break;
118 }
119 buffer += n;
120 size -= (Py_ssize_t)n;
121 }
122 close(fd);
123}
124
125/* Read size bytes from /dev/urandom into buffer.
126 Return 0 on success, raise an exception and return -1 on error. */
127static int
128dev_urandom_python(char *buffer, Py_ssize_t size)
129{
130 int fd;
131 Py_ssize_t n;
132
133 if (size <= 0)
134 return 0;
135
136 Py_BEGIN_ALLOW_THREADS
137 fd = open("/dev/urandom", O_RDONLY);
138 Py_END_ALLOW_THREADS
139 if (fd < 0)
140 {
Antoine Pitrou380c55c2012-09-07 23:49:07 +0200[diff] [blame]141 PyErr_SetString(PyExc_NotImplementedError,
142 "/dev/urandom (or equivalent) not found");
Georg Brandl2daf6ae2012-02-20 19:54:16 +0100[diff] [blame]143 return -1;
144 }
145
146 Py_BEGIN_ALLOW_THREADS
147 do {
148 do {
149 n = read(fd, buffer, (size_t)size);
150 } while (n < 0 && errno == EINTR);
151 if (n <= 0)
152 break;
153 buffer += n;
154 size -= (Py_ssize_t)n;
155 } while (0 < size);
156 Py_END_ALLOW_THREADS
157
158 if (n <= 0)
159 {
160 /* stop on error or if read(size) returned 0 */
161 if (n < 0)
162 PyErr_SetFromErrno(PyExc_OSError);
163 else
164 PyErr_Format(PyExc_RuntimeError,
165 "Failed to read %zi bytes from /dev/urandom",
166 size);
167 close(fd);
168 return -1;
169 }
170 close(fd);
171 return 0;
172}
173#endif /* !defined(MS_WINDOWS) && !defined(__VMS) */
174
175/* Fill buffer with pseudo-random bytes generated by a linear congruent
176 generator (LCG):
177
178 x(n+1) = (x(n) * 214013 + 2531011) % 2^32
179
180 Use bits 23..16 of x(n) to generate a byte. */
181static void
182lcg_urandom(unsigned int x0, unsigned char *buffer, size_t size)
183{
184 size_t index;
185 unsigned int x;
186
187 x = x0;
188 for (index=0; index < size; index++) {
189 x *= 214013;
190 x += 2531011;
191 /* modulo 2 ^ (8 * sizeof(int)) */
192 buffer[index] = (x >> 16) & 0xff;
193 }
194}
195
196/* Fill buffer with size pseudo-random bytes, not suitable for cryptographic
197 use, from the operating random number generator (RNG).
198
199 Return 0 on success, raise an exception and return -1 on error. */
200int
201_PyOS_URandom(void *buffer, Py_ssize_t size)
202{
203 if (size < 0) {
204 PyErr_Format(PyExc_ValueError,
205 "negative argument not allowed");
206 return -1;
207 }
208 if (size == 0)
209 return 0;
210
211#ifdef MS_WINDOWS
212 return win32_urandom((unsigned char *)buffer, size, 1);
213#else
214# ifdef __VMS
215 return vms_urandom((unsigned char *)buffer, size, 1);
216# else
217 return dev_urandom_python((char*)buffer, size);
218# endif
219#endif
220}
221
222void
223_PyRandom_Init(void)
224{
225 char *env;
226 void *secret = &_Py_HashSecret;
Benjamin Peterson69e97272012-02-21 11:08:50 -0500[diff] [blame]227 Py_ssize_t secret_size = sizeof(_Py_HashSecret_t);
Georg Brandl2daf6ae2012-02-20 19:54:16 +0100[diff] [blame]228
Benjamin Peterson69e97272012-02-21 11:08:50 -0500[diff] [blame]229 if (_Py_HashSecret_Initialized)
Georg Brandl2daf6ae2012-02-20 19:54:16 +0100[diff] [blame]230 return;
Benjamin Peterson69e97272012-02-21 11:08:50 -0500[diff] [blame]231 _Py_HashSecret_Initialized = 1;
Georg Brandl2daf6ae2012-02-20 19:54:16 +0100[diff] [blame]232
233 /*
Georg Brandl2daf6ae2012-02-20 19:54:16 +0100[diff] [blame]234 Hash randomization is enabled. Generate a per-process secret,
235 using PYTHONHASHSEED if provided.
236 */
237
238 env = Py_GETENV("PYTHONHASHSEED");
Georg Brandl12897d72012-02-20 23:49:29 +0100[diff] [blame]239 if (env && *env != '\0' && strcmp(env, "random") != 0) {
Georg Brandl2daf6ae2012-02-20 19:54:16 +0100[diff] [blame]240 char *endptr = env;
241 unsigned long seed;
242 seed = strtoul(env, &endptr, 10);
243 if (*endptr != '\0'
244 || seed > 4294967295UL
245 || (errno == ERANGE && seed == ULONG_MAX))
246 {
247 Py_FatalError("PYTHONHASHSEED must be \"random\" or an integer "
248 "in range [0; 4294967295]");
249 }
250 if (seed == 0) {
251 /* disable the randomized hash */
252 memset(secret, 0, secret_size);
253 }
254 else {
255 lcg_urandom(seed, (unsigned char*)secret, secret_size);
256 }
257 }
258 else {
259#ifdef MS_WINDOWS
260 (void)win32_urandom((unsigned char *)secret, secret_size, 0);
261#else /* #ifdef MS_WINDOWS */
262# ifdef __VMS
263 vms_urandom((unsigned char *)secret, secret_size, 0);
264# else
265 dev_urandom_noraise((char*)secret, secret_size);
266# endif
267#endif
268 }
269}