Blame - Python/random.c - platform/external/python/cpython3

2012-02-20 19:54:16 +0100

[diff] [blame]

1

#include "Python.h"

2

#ifdef MS_WINDOWS

Victor Stinner

2015-03-18 14:39:33 +0100

[diff] [blame]

3

# include <windows.h>

Martin Panter

d2f8747

2016-07-29 04:00:44 +0000

[diff] [blame]

4

/* All sample MSDN wincrypt programs include the header below. It is at least

5

* required with Min GW. */

6

# include <wincrypt.h>

Georg Brandl

2012-02-20 19:54:16 +0100

[diff] [blame]

7

#else

Victor Stinner

2015-03-18 14:39:33 +0100

[diff] [blame]

8

# include <fcntl.h>

9

# ifdef HAVE_SYS_STAT_H

10

# include <sys/stat.h>

11

# endif

Victor Stinner

dddf484

2016-06-07 11:21:42 +0200

[diff] [blame]

12

# ifdef HAVE_LINUX_RANDOM_H

13

# include <linux/random.h>

14

# endif

Victor Stinner

2015-10-01 09:47:30 +0200

[diff] [blame]

15

# ifdef HAVE_GETRANDOM

16

# include <sys/random.h>

17

# elif defined(HAVE_GETRANDOM_SYSCALL)

Victor Stinner

2015-03-18 14:39:33 +0100

[diff] [blame]

18

# include <sys/syscall.h>

Victor Stinner

2015-03-18 14:39:33 +0100

[diff] [blame]

19

# endif

Georg Brandl

2012-02-20 19:54:16 +0100

[diff] [blame]

20

#endif

21

Benjamin Peterson

2012-02-21 11:08:50 -0500

[diff] [blame]

22

#ifdef Py_DEBUG

23

int _Py_HashSecret_Initialized = 0;

24

#else

25

static int _Py_HashSecret_Initialized = 0;

26

#endif

Georg Brandl

2012-02-20 19:54:16 +0100

[diff] [blame]

27

28

#ifdef MS_WINDOWS

Georg Brandl

2012-02-20 19:54:16 +0100

[diff] [blame]

29

static HCRYPTPROV hCryptProv = 0;

30

31

static int

32

win32_urandom_init(int raise)

33

{

Georg Brandl

2012-02-20 19:54:16 +0100

[diff] [blame]

34

/* Acquire context */

Martin v. Löwis

3f50bf6

2013-01-25 14:06:18 +0100

[diff] [blame]

35

if (!CryptAcquireContext(&hCryptProv, NULL, NULL,

36

PROV_RSA_FULL, CRYPT_VERIFYCONTEXT))

Georg Brandl

2012-02-20 19:54:16 +0100

[diff] [blame]

goto error;

return 0;

error:

Victor Stinner

2016-08-16 15:23:58 +0200

[diff] [blame]

42

if (raise) {

Georg Brandl

2012-02-20 19:54:16 +0100

[diff] [blame]

43

PyErr_SetFromWindowsErr(0);

Victor Stinner

2016-08-16 15:23:58 +0200

[diff] [blame]

44

}

Georg Brandl

2012-02-20 19:54:16 +0100

[diff] [blame]

return -1;

}

/* Fill buffer with size pseudo-random bytes generated by the Windows CryptoGen

Victor Stinner

2014-12-21 01:16:38 +0100

[diff] [blame]

49

API. Return 0 on success, or raise an exception and return -1 on error. */

Georg Brandl

2012-02-20 19:54:16 +0100

[diff] [blame]

50

static int

51

win32_urandom(unsigned char *buffer, Py_ssize_t size, int raise)

{

Py_ssize_t chunk;

if (hCryptProv == 0)

{

Victor Stinner

2016-08-16 15:23:58 +0200

[diff] [blame]

57

if (win32_urandom_init(raise) == -1) {

Georg Brandl

2012-02-20 19:54:16 +0100

[diff] [blame]

58

return -1;

Victor Stinner

2016-08-16 15:23:58 +0200

[diff] [blame]

59

}

Georg Brandl

2012-02-20 19:54:16 +0100

[diff] [blame]

}

while (size > 0)

{

chunk = size > INT_MAX ? INT_MAX : size;

Victor Stinner

0c08346

2013-11-15 23:26:25 +0100

[diff] [blame]

65

if (!CryptGenRandom(hCryptProv, (DWORD)chunk, buffer))

Georg Brandl

2012-02-20 19:54:16 +0100

[diff] [blame]

66

{

67

/* CryptGenRandom() failed */

Victor Stinner

2016-08-16 15:23:58 +0200

[diff] [blame]

68

if (raise) {

Georg Brandl

2012-02-20 19:54:16 +0100

[diff] [blame]

69

PyErr_SetFromWindowsErr(0);

Victor Stinner

2016-08-16 15:23:58 +0200

[diff] [blame]

70

}

Georg Brandl

2012-02-20 19:54:16 +0100

[diff] [blame]

return -1;

}

buffer += chunk;

size -= chunk;

}

return 0;

}

Georg Brandl

2012-02-20 19:54:16 +0100

[diff] [blame]

78

Martin Panter

39b1025

2016-06-10 08:07:11 +0000

[diff] [blame]

79

/* Issue #25003: Don't use getentropy() on Solaris (available since

Victor Stinner

2016-09-06 16:33:52 -0700

[diff] [blame^]

80

* Solaris 11.3), it is blocking whereas os.urandom() should not block. */

Victor Stinner

2015-10-01 09:47:30 +0200

[diff] [blame]

81

#elif defined(HAVE_GETENTROPY) && !defined(sun)

82

#define PY_GETENTROPY 1

83

Victor Stinner

2014-12-21 01:16:38 +0100

[diff] [blame]

84

/* Fill buffer with size pseudo-random bytes generated by getentropy().

85

Return 0 on success, or raise an exception and return -1 on error.

Georg Brandl

2012-02-20 19:54:16 +0100

[diff] [blame]

86

Victor Stinner

2016-08-16 15:23:58 +0200

[diff] [blame]

87

If raise is zero, don't raise an exception on error. */

Victor Stinner

2014-12-21 01:16:38 +0100

[diff] [blame]

88

static int

Victor Stinner

2016-08-16 15:23:58 +0200

[diff] [blame]

89

py_getentropy(char *buffer, Py_ssize_t size, int raise)

Victor Stinner

2014-12-21 01:16:38 +0100

[diff] [blame]

90

{

91

while (size > 0) {

92

Py_ssize_t len = Py_MIN(size, 256);

Victor Stinner

2015-03-30 11:18:30 +0200

[diff] [blame]

93

int res;

94

Victor Stinner

2016-08-16 15:23:58 +0200

[diff] [blame]

95

if (raise) {

Victor Stinner

2015-03-30 11:18:30 +0200

[diff] [blame]

96

Py_BEGIN_ALLOW_THREADS

97

res = getentropy(buffer, len);

98

Py_END_ALLOW_THREADS

Victor Stinner

2014-12-21 01:16:38 +0100

[diff] [blame]

99

}

Victor Stinner

2015-03-30 11:18:30 +0200

[diff] [blame]

100

else {

101

res = getentropy(buffer, len);

Victor Stinner

2016-08-16 15:23:58 +0200

[diff] [blame]

}

if (res < 0) {

if (raise) {

PyErr_SetFromErrno(PyExc_OSError);

107

}

108

return -1;

Victor Stinner

2015-03-30 11:18:30 +0200

[diff] [blame]

109

}

110

Victor Stinner

2014-12-21 01:16:38 +0100

[diff] [blame]

buffer += len;

size -= len;

}

return 0;

}

Victor Stinner

2015-10-01 09:47:30 +0200

[diff] [blame]

117

#else

Victor Stinner

2015-03-18 14:39:33 +0100

[diff] [blame]

118

Victor Stinner

2015-10-01 09:47:30 +0200

[diff] [blame]

119

#if defined(HAVE_GETRANDOM) || defined(HAVE_GETRANDOM_SYSCALL)

120

#define PY_GETRANDOM 1

121

Victor Stinner

2016-08-16 18:46:38 +0200

[diff] [blame]

122

/* Call getrandom()

123

- Return 1 on success

Victor Stinner

2016-09-06 16:33:52 -0700

[diff] [blame^]

124

- Return 0 if getrandom() syscall is not available (fails with ENOSYS)

125

or if getrandom(GRND_NONBLOCK) fails with EAGAIN (blocking=0 and system

126

urandom not initialized yet) and raise=0.

Victor Stinner

2016-08-16 18:46:38 +0200

[diff] [blame]

127

- Raise an exception (if raise is non-zero) and return -1 on error:

128

getrandom() failed with EINTR and the Python signal handler raised an

129

exception, or getrandom() failed with a different error. */

Victor Stinner

2015-03-18 14:39:33 +0100

[diff] [blame]

130

static int

Victor Stinner

2016-09-06 16:33:52 -0700

[diff] [blame^]

131

py_getrandom(void *buffer, Py_ssize_t size, int blocking, int raise)

Victor Stinner

2015-03-18 14:39:33 +0100

[diff] [blame]

132

{

Victor Stinner

2016-09-06 16:33:52 -0700

[diff] [blame^]

133

/* Is getrandom() supported by the running kernel? Set to 0 if getrandom()

134

fails with ENOSYS. Need Linux kernel 3.17 or newer, or Solaris 11.3

135

or newer */

Victor Stinner

2015-03-18 14:39:33 +0100

[diff] [blame]

136

static int getrandom_works = 1;

Victor Stinner

2016-09-06 16:33:52 -0700

[diff] [blame^]

137

int flags;

Victor Stinner

2016-06-08 10:16:50 +0200

[diff] [blame]

138

char *dest;

Victor Stinner

ec721f3

2016-06-16 23:53:47 +0200

[diff] [blame]

139

long n;

Victor Stinner

2015-03-18 14:39:33 +0100

[diff] [blame]

140

Victor Stinner

2016-08-16 18:46:38 +0200

[diff] [blame]

141

if (!getrandom_works) {

Victor Stinner

2015-03-18 14:39:33 +0100

[diff] [blame]

142

return 0;

Victor Stinner

2016-08-16 18:46:38 +0200

[diff] [blame]

143

}

Victor Stinner

2015-03-18 14:39:33 +0100

[diff] [blame]

144

Victor Stinner

2016-09-06 16:33:52 -0700

[diff] [blame^]

145

flags = blocking ? 0 : GRND_NONBLOCK;

Victor Stinner

2016-06-08 10:16:50 +0200

[diff] [blame]

146

dest = buffer;

Victor Stinner

2015-03-18 14:39:33 +0100

[diff] [blame]

147

while (0 < size) {

Victor Stinner

9d24271

2016-04-12 22:28:49 +0200

[diff] [blame]

148

#ifdef sun

149

/* Issue #26735: On Solaris, getrandom() is limited to returning up

150

to 1024 bytes */

151

n = Py_MIN(size, 1024);

152

#else

Victor Stinner

ec721f3

2016-06-16 23:53:47 +0200

[diff] [blame]

153

n = Py_MIN(size, LONG_MAX);

Victor Stinner

9d24271

2016-04-12 22:28:49 +0200

[diff] [blame]

154

#endif

Victor Stinner

2015-03-30 11:16:40 +0200

[diff] [blame]

155

Victor Stinner

9d24271

2016-04-12 22:28:49 +0200

[diff] [blame]

156

errno = 0;

Victor Stinner

2015-10-01 09:47:30 +0200

[diff] [blame]

157

#ifdef HAVE_GETRANDOM

158

if (raise) {

159

Py_BEGIN_ALLOW_THREADS

Victor Stinner

2016-06-08 10:16:50 +0200

[diff] [blame]

160

n = getrandom(dest, n, flags);

Victor Stinner

2015-10-01 09:47:30 +0200

[diff] [blame]

161

Py_END_ALLOW_THREADS

162

}

163

else {

Victor Stinner

2016-06-08 10:16:50 +0200

[diff] [blame]

164

n = getrandom(dest, n, flags);

Victor Stinner

2015-10-01 09:47:30 +0200

[diff] [blame]

165

}

166

#else

167

/* On Linux, use the syscall() function because the GNU libc doesn't

Victor Stinner

2016-08-16 18:46:38 +0200

[diff] [blame]

168

expose the Linux getrandom() syscall yet. See:

169

https://sourceware.org/bugzilla/show_bug.cgi?id=17252 */

Victor Stinner

2015-03-30 11:16:40 +0200

[diff] [blame]

170

if (raise) {

171

Py_BEGIN_ALLOW_THREADS

Victor Stinner

2016-06-08 10:16:50 +0200

[diff] [blame]

172

n = syscall(SYS_getrandom, dest, n, flags);

Victor Stinner

2015-03-30 11:16:40 +0200

[diff] [blame]

173

Py_END_ALLOW_THREADS

174

}

175

else {

Victor Stinner

2016-06-08 10:16:50 +0200

[diff] [blame]

176

n = syscall(SYS_getrandom, dest, n, flags);

Victor Stinner

2015-03-30 11:16:40 +0200

[diff] [blame]

177

}

Victor Stinner

2015-10-01 09:47:30 +0200

[diff] [blame]

178

#endif

Victor Stinner

2015-03-30 11:16:40 +0200

[diff] [blame]

179

Victor Stinner

2015-03-18 14:39:33 +0100

[diff] [blame]

180

if (n < 0) {

181

if (errno == ENOSYS) {

182

getrandom_works = 0;

183

return 0;

184

}

Victor Stinner

2016-08-16 18:46:38 +0200

[diff] [blame]

185

Victor Stinner

2016-09-06 16:33:52 -0700

[diff] [blame^]

186

/* getrandom(GRND_NONBLOCK) fails with EAGAIN if the system urandom

187

is not initialiazed yet. For _PyRandom_Init(), we ignore their

188

error and fall back on reading /dev/urandom which never blocks,

189

even if the system urandom is not initialized yet. */

190

if (errno == EAGAIN && !raise && !blocking) {

Victor Stinner

dddf484

2016-06-07 11:21:42 +0200

[diff] [blame]

191

return 0;

192

}

Victor Stinner

2015-03-18 14:39:33 +0100

[diff] [blame]

193

194

if (errno == EINTR) {

Victor Stinner

cecdd96

2016-08-16 15:19:09 +0200

[diff] [blame]

195

if (raise) {

196

if (PyErr_CheckSignals()) {

197

return -1;

198

}

Victor Stinner

2015-03-18 14:39:33 +0100

[diff] [blame]

199

}

Victor Stinner

cecdd96

2016-08-16 15:19:09 +0200

[diff] [blame]

200

201

/* retry getrandom() if it was interrupted by a signal */

Victor Stinner

2015-03-18 14:39:33 +0100

[diff] [blame]

continue;

}

Victor Stinner

2016-08-16 15:23:58 +0200

[diff] [blame]

205

if (raise) {

Victor Stinner

2015-03-18 14:39:33 +0100

[diff] [blame]

206

PyErr_SetFromErrno(PyExc_OSError);

Victor Stinner

2016-08-16 15:23:58 +0200

[diff] [blame]

207

}

Victor Stinner

2015-03-18 14:39:33 +0100

[diff] [blame]

return -1;

}

Victor Stinner

2016-06-08 10:16:50 +0200

[diff] [blame]

211

dest += n;

Victor Stinner

2015-03-18 14:39:33 +0100

[diff] [blame]

size -= n;

}

return 1;

}

#endif

Antoine Pitrou

2014-04-26 14:33:03 +0200

[diff] [blame]

static struct {

int fd;

dev_t st_dev;

ino_t st_ino;

} urandom_cache = { -1 };

Georg Brandl

2012-02-20 19:54:16 +0100

[diff] [blame]

223

Victor Stinner

2015-03-18 14:39:33 +0100

[diff] [blame]

224

Victor Stinner

2016-09-06 16:33:52 -0700

[diff] [blame^]

225

/* Read 'size' random bytes from py_getrandom(). Fall back on reading from

Victor Stinner

2016-08-16 18:46:38 +0200

[diff] [blame]

226

/dev/urandom if getrandom() is not available.

227

228

Return 0 on success. Raise an exception (if raise is non-zero) and return -1

229

on error. */

Victor Stinner

2016-08-16 15:23:58 +0200

[diff] [blame]

230

static int

Victor Stinner

2016-09-06 16:33:52 -0700

[diff] [blame^]

231

dev_urandom(char *buffer, Py_ssize_t size, int blocking, int raise)

Georg Brandl

2012-02-20 19:54:16 +0100

[diff] [blame]

232

{

233

int fd;

234

Py_ssize_t n;

Victor Stinner

2015-10-01 09:47:30 +0200

[diff] [blame]

235

#ifdef PY_GETRANDOM

Victor Stinner

2015-03-18 14:39:33 +0100

[diff] [blame]

236

int res;

237

#endif

Georg Brandl

2012-02-20 19:54:16 +0100

[diff] [blame]

238

Victor Stinner

2016-08-16 18:46:38 +0200

[diff] [blame]

239

assert(size > 0);

Georg Brandl

2012-02-20 19:54:16 +0100

[diff] [blame]

240

Victor Stinner

2015-10-01 09:47:30 +0200

[diff] [blame]

241

#ifdef PY_GETRANDOM

Victor Stinner

2016-09-06 16:33:52 -0700

[diff] [blame^]

242

res = py_getrandom(buffer, size, blocking, raise);

Victor Stinner

2016-08-16 18:46:38 +0200

[diff] [blame]

243

if (res < 0) {

Victor Stinner

2015-03-18 14:39:33 +0100

[diff] [blame]

244

return -1;

Victor Stinner

2016-08-16 18:46:38 +0200

[diff] [blame]

245

}

246

if (res == 1) {

Victor Stinner

2015-03-18 14:39:33 +0100

[diff] [blame]

247

return 0;

Victor Stinner

2016-08-16 18:46:38 +0200

[diff] [blame]

248

}

Victor Stinner

2015-03-18 14:39:33 +0100

[diff] [blame]

249

/* getrandom() is not supported by the running kernel, fall back

Victor Stinner

2016-08-16 18:46:38 +0200

[diff] [blame]

250

on reading /dev/urandom */

Victor Stinner

2015-03-18 14:39:33 +0100

[diff] [blame]

251

#endif

252

Victor Stinner

2016-08-16 18:46:38 +0200

[diff] [blame]

253

254

if (raise) {

255

struct _Py_stat_struct st;

256

Antoine Pitrou

2014-04-26 14:33:03 +0200

[diff] [blame]

257

if (urandom_cache.fd >= 0) {

Victor Stinner

2016-08-16 18:46:38 +0200

[diff] [blame]

258

/* Does the fd point to the same thing as before? (issue #21207) */

259

if (_Py_fstat_noraise(urandom_cache.fd, &st)

260

|| st.st_dev != urandom_cache.st_dev

261

|| st.st_ino != urandom_cache.st_ino) {

262

/* Something changed: forget the cached fd (but don't close it,

263

since it probably points to something important for some

264

third-party code). */

265

urandom_cache.fd = -1;

266

}

Antoine Pitrou

2013-08-31 00:26:02 +0200

[diff] [blame]

267

}

Victor Stinner

2016-08-16 18:46:38 +0200

[diff] [blame]

268

if (urandom_cache.fd >= 0)

269

fd = urandom_cache.fd;

Antoine Pitrou

2014-04-26 14:33:03 +0200

[diff] [blame]

270

else {

Victor Stinner

2016-08-16 18:46:38 +0200

[diff] [blame]

271

fd = _Py_open("/dev/urandom", O_RDONLY);

272

if (fd < 0) {

273

if (errno == ENOENT || errno == ENXIO ||

274

errno == ENODEV || errno == EACCES)

275

PyErr_SetString(PyExc_NotImplementedError,

276

"/dev/urandom (or equivalent) not found");

277

/* otherwise, keep the OSError exception raised by _Py_open() */

Antoine Pitrou

2014-04-26 14:33:03 +0200

[diff] [blame]

278

return -1;

279

}

Victor Stinner

2016-08-16 18:46:38 +0200

[diff] [blame]

280

if (urandom_cache.fd >= 0) {

281

/* urandom_fd was initialized by another thread while we were

282

not holding the GIL, keep it. */

283

close(fd);

284

fd = urandom_cache.fd;

285

}

Antoine Pitrou

2014-04-26 14:33:03 +0200

[diff] [blame]

286

else {

Victor Stinner

2016-08-16 18:46:38 +0200

[diff] [blame]

287

if (_Py_fstat(fd, &st)) {

close(fd);

return -1;

}

else {

urandom_cache.fd = fd;

293

urandom_cache.st_dev = st.st_dev;

294

urandom_cache.st_ino = st.st_ino;

295

}

Antoine Pitrou

2014-04-26 14:33:03 +0200

[diff] [blame]

296

}

297

}

Georg Brandl

2012-02-20 19:54:16 +0100

[diff] [blame]

298

Victor Stinner

2016-08-16 18:46:38 +0200

[diff] [blame]

299

do {

300

n = _Py_read(fd, buffer, (size_t)size);

if (n == -1)

return -1;

if (n == 0) {

PyErr_Format(PyExc_RuntimeError,

305

"Failed to read %zi bytes from /dev/urandom",

size);

return -1;

}

buffer += n;

size -= n;

} while (0 < size);

}

else {

fd = _Py_open_noraise("/dev/urandom", O_RDONLY);

316

if (fd < 0) {

Victor Stinner

c9382eb

2015-03-19 23:36:33 +0100

[diff] [blame]

return -1;

}

Victor Stinner

2016-08-16 18:46:38 +0200

[diff] [blame]

while (0 < size)

{

do {

n = read(fd, buffer, (size_t)size);

324

} while (n < 0 && errno == EINTR);

Victor Stinner

c9382eb

2015-03-19 23:36:33 +0100

[diff] [blame]

325

Victor Stinner

2016-08-16 18:46:38 +0200

[diff] [blame]

326

if (n <= 0) {

327

/* stop on error or if read(size) returned 0 */

Victor Stinner

3ee933f

2016-08-16 18:27:44 +0200

[diff] [blame]

328

close(fd);

Victor Stinner

2016-08-16 18:46:38 +0200

[diff] [blame]

return -1;

}

buffer += n;

size -= n;

}

close(fd);

}

Georg Brandl

2012-02-20 19:54:16 +0100

[diff] [blame]

337

return 0;

338

}

Antoine Pitrou

2013-08-31 00:26:02 +0200

[diff] [blame]

339

340

static void

341

dev_urandom_close(void)

342

{

Antoine Pitrou

2014-04-26 14:33:03 +0200

[diff] [blame]

343

if (urandom_cache.fd >= 0) {

344

close(urandom_cache.fd);

345

urandom_cache.fd = -1;

Antoine Pitrou

2013-08-31 00:26:02 +0200

[diff] [blame]

}

}

Victor Stinner

2015-10-01 09:47:30 +0200

[diff] [blame]

349

#endif

Georg Brandl

2012-02-20 19:54:16 +0100

[diff] [blame]

350

351

/* Fill buffer with pseudo-random bytes generated by a linear congruent

352

generator (LCG):

353

354

x(n+1) = (x(n) * 214013 + 2531011) % 2^32

355

356

Use bits 23..16 of x(n) to generate a byte. */

357

static void

358

lcg_urandom(unsigned int x0, unsigned char *buffer, size_t size)

{

size_t index;

unsigned int x;

x = x0;

for (index=0; index < size; index++) {

365

x *= 214013;

366

x += 2531011;

367

/* modulo 2 ^ (8 * sizeof(int)) */

368

buffer[index] = (x >> 16) & 0xff;

}

}

Victor Stinner

2016-08-16 15:23:58 +0200

[diff] [blame]

372

/* If raise is zero:

Victor Stinner

2016-08-16 18:46:38 +0200

[diff] [blame]

373

- Don't raise exceptions on error

374

- Don't call PyErr_CheckSignals() on EINTR (retry directly the interrupted

375

syscall)

376

- Don't release the GIL to call syscalls. */

Victor Stinner

2016-08-16 15:23:58 +0200

[diff] [blame]

377

static int

Victor Stinner

2016-09-06 16:33:52 -0700

[diff] [blame^]

378

pyurandom(void *buffer, Py_ssize_t size, int blocking, int raise)

Victor Stinner

2016-08-16 15:23:58 +0200

[diff] [blame]

{

if (size < 0) {

if (raise) {

PyErr_Format(PyExc_ValueError,

383

"negative argument not allowed");

}

return -1;

}

if (size == 0) {

return 0;

}

#ifdef MS_WINDOWS

return win32_urandom((unsigned char *)buffer, size, raise);

394

#elif defined(PY_GETENTROPY)

395

return py_getentropy(buffer, size, raise);

396

#else

Victor Stinner

2016-09-06 16:33:52 -0700

[diff] [blame^]

397

return dev_urandom(buffer, size, blocking, raise);

Victor Stinner

2016-08-16 15:23:58 +0200

[diff] [blame]

#endif

}

Georg Brandl

2013-10-06 18:43:19 +0200

[diff] [blame]

401

/* Fill buffer with size pseudo-random bytes from the operating system random

Serhiy Storchaka

56a6d85

2014-12-01 18:28:43 +0200

[diff] [blame]

402

number generator (RNG). It is suitable for most cryptographic purposes

Georg Brandl

c6a2c9b

2013-10-06 18:43:19 +0200

[diff] [blame]

403

except long living private keys for asymmetric encryption.

Georg Brandl

2012-02-20 19:54:16 +0100

[diff] [blame]

404

Victor Stinner

2016-09-06 16:33:52 -0700

[diff] [blame^]

405

On Linux 3.17 and newer, the getrandom() syscall is used in blocking mode:

406

block until the system urandom entropy pool is initialized (128 bits are

407

collected by the kernel).

408

409

Return 0 on success. Raise an exception and return -1 on error. */

Georg Brandl

2012-02-20 19:54:16 +0100

[diff] [blame]

410

int

411

_PyOS_URandom(void *buffer, Py_ssize_t size)

412

{

Victor Stinner

2016-09-06 16:33:52 -0700

[diff] [blame^]

413

return pyurandom(buffer, size, 1, 1);

414

}

415

416

/* Fill buffer with size pseudo-random bytes from the operating system random

417

number generator (RNG). It is not suitable for cryptographic purpose.

418

419

On Linux 3.17 and newer (when getrandom() syscall is used), if the system

420

urandom is not initialized yet, the function returns "weak" entropy read

421

from /dev/urandom.

422

423

Return 0 on success. Raise an exception and return -1 on error. */

424

int

425

_PyOS_URandomNonblock(void *buffer, Py_ssize_t size)

426

{

427

return pyurandom(buffer, size, 0, 1);

Georg Brandl

2012-02-20 19:54:16 +0100

[diff] [blame]

}

void

_PyRandom_Init(void)

{

char *env;

Christian Heimes

985ecdc

2013-11-20 11:46:18 +0100

[diff] [blame]

434

unsigned char *secret = (unsigned char *)&_Py_HashSecret.uc;

Benjamin Peterson

2012-02-21 11:08:50 -0500

[diff] [blame]

435

Py_ssize_t secret_size = sizeof(_Py_HashSecret_t);

Serhiy Storchaka

fad85aa

2015-11-07 15:42:38 +0200

[diff] [blame]

436

Py_BUILD_ASSERT(sizeof(_Py_HashSecret_t) == sizeof(_Py_HashSecret.uc));

Georg Brandl

2012-02-20 19:54:16 +0100

[diff] [blame]

437

Benjamin Peterson

2012-02-21 11:08:50 -0500

[diff] [blame]

438

if (_Py_HashSecret_Initialized)

Georg Brandl

2012-02-20 19:54:16 +0100

[diff] [blame]

439

return;

Benjamin Peterson

2012-02-21 11:08:50 -0500

[diff] [blame]

440

_Py_HashSecret_Initialized = 1;

Georg Brandl

2012-02-20 19:54:16 +0100

[diff] [blame]

441

442

/*

Georg Brandl

2012-02-20 19:54:16 +0100

[diff] [blame]

443

Hash randomization is enabled. Generate a per-process secret,

444

using PYTHONHASHSEED if provided.

445

*/

446

447

env = Py_GETENV("PYTHONHASHSEED");

Georg Brandl

12897d7

2012-02-20 23:49:29 +0100

[diff] [blame]

448

if (env && *env != '\0' && strcmp(env, "random") != 0) {

Georg Brandl

2012-02-20 19:54:16 +0100

[diff] [blame]

449

char *endptr = env;

450

unsigned long seed;

451

seed = strtoul(env, &endptr, 10);

452

if (*endptr != '\0'

453

|| seed > 4294967295UL

454

|| (errno == ERANGE && seed == ULONG_MAX))

455

{

456

Py_FatalError("PYTHONHASHSEED must be \"random\" or an integer "

457

"in range [0; 4294967295]");

458

}

459

if (seed == 0) {

460

/* disable the randomized hash */

461

memset(secret, 0, secret_size);

462

}

463

else {

Christian Heimes

985ecdc

2013-11-20 11:46:18 +0100

[diff] [blame]

464

lcg_urandom(seed, secret, secret_size);

Georg Brandl

2012-02-20 19:54:16 +0100

[diff] [blame]

465

}

466

}

467

else {

Victor Stinner

2016-08-16 15:23:58 +0200

[diff] [blame]

468

int res;

469

470

/* _PyRandom_Init() is called very early in the Python initialization

Victor Stinner

2016-09-06 16:33:52 -0700

[diff] [blame^]

471

and so exceptions cannot be used (use raise=0).

472

473

_PyRandom_Init() must not block Python initialization: call

474

pyurandom() is non-blocking mode (blocking=0): see the PEP 524. */

475

res = pyurandom(secret, secret_size, 0, 0);

Victor Stinner

2016-08-16 15:23:58 +0200

[diff] [blame]

476

if (res < 0) {

477

Py_FatalError("failed to get random numbers to initialize Python");

478

}

Georg Brandl

2012-02-20 19:54:16 +0100

[diff] [blame]

479

}

480

}

Antoine Pitrou

2013-08-31 00:26:02 +0200

[diff] [blame]

void

_PyRandom_Fini(void)

{

Victor Stinner

d50c3f3

2014-05-02 22:06:44 +0200

[diff] [blame]

485

#ifdef MS_WINDOWS

486

if (hCryptProv) {

Tim Golden

b8ac3e1

2014-05-06 13:29:45 +0100

[diff] [blame]

487

CryptReleaseContext(hCryptProv, 0);

Victor Stinner

d50c3f3

2014-05-02 22:06:44 +0200

[diff] [blame]

488

hCryptProv = 0;

489

}

Victor Stinner

2015-10-01 09:47:30 +0200

[diff] [blame]

490

#elif defined(PY_GETENTROPY)

Victor Stinner

2014-12-21 01:16:38 +0100

[diff] [blame]

491

/* nothing to clean */

Victor Stinner

d50c3f3

2014-05-02 22:06:44 +0200

[diff] [blame]

492

#else

Antoine Pitrou