+++ /dev/null
-/** @file\r
-\r
- Copyright (c) 2015, Daryl McDaniel. All rights reserved.<BR>\r
- This program and the accompanying materials are licensed and made available under\r
- the terms and conditions of the BSD License that accompanies this distribution.\r
- The full text of the license may be found at\r
- http://opensource.org/licenses/bsd-license.\r
-\r
- THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r
- WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
-**/\r
-\r
-#include "Python.h"\r
-#ifdef MS_WINDOWS\r
-#include <windows.h>\r
-#else\r
-#include <fcntl.h>\r
-#endif\r
-\r
-#ifdef Py_DEBUG\r
-int _Py_HashSecret_Initialized = 0;\r
-#else\r
-static int _Py_HashSecret_Initialized = 0;\r
-#endif\r
-\r
-#ifdef MS_WINDOWS\r
-typedef BOOL (WINAPI *CRYPTACQUIRECONTEXTA)(HCRYPTPROV *phProv,\\r
- LPCSTR pszContainer, LPCSTR pszProvider, DWORD dwProvType,\\r
- DWORD dwFlags );\r
-typedef BOOL (WINAPI *CRYPTGENRANDOM)(HCRYPTPROV hProv, DWORD dwLen,\\r
- BYTE *pbBuffer );\r
-\r
-static CRYPTGENRANDOM pCryptGenRandom = NULL;\r
-/* This handle is never explicitly released. Instead, the operating\r
- system will release it when the process terminates. */\r
-static HCRYPTPROV hCryptProv = 0;\r
-\r
-static int\r
-win32_urandom_init(int raise)\r
-{\r
- HINSTANCE hAdvAPI32 = NULL;\r
- CRYPTACQUIRECONTEXTA pCryptAcquireContext = NULL;\r
-\r
- /* Obtain handle to the DLL containing CryptoAPI. This should not fail. */\r
- hAdvAPI32 = GetModuleHandle("advapi32.dll");\r
- if(hAdvAPI32 == NULL)\r
- goto error;\r
-\r
- /* Obtain pointers to the CryptoAPI functions. This will fail on some early\r
- versions of Win95. */\r
- pCryptAcquireContext = (CRYPTACQUIRECONTEXTA)GetProcAddress(\r
- hAdvAPI32, "CryptAcquireContextA");\r
- if (pCryptAcquireContext == NULL)\r
- goto error;\r
-\r
- pCryptGenRandom = (CRYPTGENRANDOM)GetProcAddress(hAdvAPI32,\r
- "CryptGenRandom");\r
- if (pCryptGenRandom == NULL)\r
- goto error;\r
-\r
- /* Acquire context */\r
- if (! pCryptAcquireContext(&hCryptProv, NULL, NULL,\r
- PROV_RSA_FULL, CRYPT_VERIFYCONTEXT))\r
- goto error;\r
-\r
- return 0;\r
-\r
-error:\r
- if (raise)\r
- PyErr_SetFromWindowsErr(0);\r
- else\r
- Py_FatalError("Failed to initialize Windows random API (CryptoGen)");\r
- return -1;\r
-}\r
-\r
-/* Fill buffer with size pseudo-random bytes generated by the Windows CryptoGen\r
- API. Return 0 on success, or -1 on error. */\r
-static int\r
-win32_urandom(unsigned char *buffer, Py_ssize_t size, int raise)\r
-{\r
- Py_ssize_t chunk;\r
-\r
- if (hCryptProv == 0)\r
- {\r
- if (win32_urandom_init(raise) == -1)\r
- return -1;\r
- }\r
-\r
- while (size > 0)\r
- {\r
- chunk = size > INT_MAX ? INT_MAX : size;\r
- if (!pCryptGenRandom(hCryptProv, chunk, buffer))\r
- {\r
- /* CryptGenRandom() failed */\r
- if (raise)\r
- PyErr_SetFromWindowsErr(0);\r
- else\r
- Py_FatalError("Failed to initialized the randomized hash "\r
- "secret using CryptoGen)");\r
- return -1;\r
- }\r
- buffer += chunk;\r
- size -= chunk;\r
- }\r
- return 0;\r
-}\r
-\r
-#elif HAVE_GETENTROPY\r
-/* Fill buffer with size pseudo-random bytes generated by getentropy().\r
- Return 0 on success, or raise an exception and return -1 on error.\r
- If fatal is nonzero, call Py_FatalError() instead of raising an exception\r
- on error. */\r
-static int\r
-py_getentropy(unsigned char *buffer, Py_ssize_t size, int fatal)\r
-{\r
- while (size > 0) {\r
- Py_ssize_t len = size < 256 ? size : 256;\r
- int res;\r
-\r
- if (!fatal) {\r
- Py_BEGIN_ALLOW_THREADS\r
- res = getentropy(buffer, len);\r
- Py_END_ALLOW_THREADS\r
-\r
- if (res < 0) {\r
- PyErr_SetFromErrno(PyExc_OSError);\r
- return -1;\r
- }\r
- }\r
- else {\r
- res = getentropy(buffer, len);\r
- if (res < 0)\r
- Py_FatalError("getentropy() failed");\r
- }\r
-\r
- buffer += len;\r
- size -= len;\r
- }\r
- return 0;\r
-}\r
-#endif\r
-\r
-#ifdef __VMS\r
-/* Use openssl random routine */\r
-#include <openssl/rand.h>\r
-static int\r
-vms_urandom(unsigned char *buffer, Py_ssize_t size, int raise)\r
-{\r
- if (RAND_pseudo_bytes(buffer, size) < 0) {\r
- if (raise) {\r
- PyErr_Format(PyExc_ValueError,\r
- "RAND_pseudo_bytes");\r
- } else {\r
- Py_FatalError("Failed to initialize the randomized hash "\r
- "secret using RAND_pseudo_bytes");\r
- }\r
- return -1;\r
- }\r
- return 0;\r
-}\r
-#endif /* __VMS */\r
-\r
-\r
-#if !defined(MS_WINDOWS) && !defined(__VMS)\r
-\r
-static struct {\r
- int fd;\r
-#ifdef HAVE_STRUCT_STAT_ST_DEV\r
- dev_t st_dev;\r
-#endif\r
-#ifdef HAVE_STRUCT_STAT_ST_INO\r
- ino_t st_ino;\r
-#endif\r
-} urandom_cache = { -1 };\r
-\r
-/* Read size bytes from /dev/urandom into buffer.\r
- Call Py_FatalError() on error. */\r
-static void\r
-dev_urandom_noraise(unsigned char *buffer, Py_ssize_t size)\r
-{\r
- int fd;\r
- Py_ssize_t n;\r
-\r
- assert (0 < size);\r
-\r
- fd = open("/dev/urandom", O_RDONLY, 0);\r
- if (fd < 0)\r
- Py_FatalError("Failed to open /dev/urandom");\r
-\r
- while (0 < size)\r
- {\r
- do {\r
- n = read(fd, buffer, (size_t)size);\r
- } while (n < 0 && errno == EINTR);\r
- if (n <= 0)\r
- {\r
- /* stop on error or if read(size) returned 0 */\r
- Py_FatalError("Failed to read bytes from /dev/urandom");\r
- break;\r
- }\r
- buffer += n;\r
- size -= (Py_ssize_t)n;\r
- }\r
- close(fd);\r
-}\r
-\r
-/* Read size bytes from /dev/urandom into buffer.\r
- Return 0 on success, raise an exception and return -1 on error. */\r
-static int\r
-dev_urandom_python(char *buffer, Py_ssize_t size)\r
-{\r
- int fd;\r
- Py_ssize_t n;\r
- struct stat st;\r
- int attr;\r
-\r
- if (size <= 0)\r
- return 0;\r
-\r
- if (urandom_cache.fd >= 0) {\r
- /* Does the fd point to the same thing as before? (issue #21207) */\r
- if (fstat(urandom_cache.fd, &st)\r
-#ifdef HAVE_STRUCT_STAT_ST_DEV\r
- || st.st_dev != urandom_cache.st_dev\r
-#endif\r
-#ifdef HAVE_STRUCT_STAT_ST_INO\r
- || st.st_ino != urandom_cache.st_ino\r
-#endif\r
- )\r
- {\r
- /* Something changed: forget the cached fd (but don't close it,\r
- since it probably points to something important for some\r
- third-party code). */\r
- urandom_cache.fd = -1;\r
- }\r
- }\r
- if (urandom_cache.fd >= 0)\r
- fd = urandom_cache.fd;\r
- else {\r
- Py_BEGIN_ALLOW_THREADS\r
- fd = open("/dev/urandom", O_RDONLY, 0);\r
- Py_END_ALLOW_THREADS\r
- if (fd < 0)\r
- {\r
- if (errno == ENOENT || errno == ENXIO ||\r
- errno == ENODEV || errno == EACCES)\r
- PyErr_SetString(PyExc_NotImplementedError,\r
- "/dev/urandom (or equivalent) not found");\r
- else\r
- PyErr_SetFromErrno(PyExc_OSError);\r
- return -1;\r
- }\r
-\r
- /* try to make the file descriptor non-inheritable, ignore errors */\r
- attr = fcntl(fd, F_GETFD);\r
- if (attr >= 0) {\r
- attr |= FD_CLOEXEC;\r
- (void)fcntl(fd, F_SETFD, attr);\r
- }\r
-\r
- if (urandom_cache.fd >= 0) {\r
- /* urandom_fd was initialized by another thread while we were\r
- not holding the GIL, keep it. */\r
- close(fd);\r
- fd = urandom_cache.fd;\r
- }\r
- else {\r
- if (fstat(fd, &st)) {\r
- PyErr_SetFromErrno(PyExc_OSError);\r
- close(fd);\r
- return -1;\r
- }\r
- else {\r
- urandom_cache.fd = fd;\r
-#ifdef HAVE_STRUCT_STAT_ST_DEV\r
- urandom_cache.st_dev = st.st_dev;\r
-#endif\r
-#ifdef HAVE_STRUCT_STAT_ST_INO\r
- urandom_cache.st_ino = st.st_ino;\r
-#endif\r
- }\r
- }\r
- }\r
-\r
- Py_BEGIN_ALLOW_THREADS\r
- do {\r
- do {\r
- n = read(fd, buffer, (size_t)size);\r
- } while (n < 0 && errno == EINTR);\r
- if (n <= 0)\r
- break;\r
- buffer += n;\r
- size -= (Py_ssize_t)n;\r
- } while (0 < size);\r
- Py_END_ALLOW_THREADS\r
-\r
- if (n <= 0)\r
- {\r
- /* stop on error or if read(size) returned 0 */\r
- if (n < 0)\r
- PyErr_SetFromErrno(PyExc_OSError);\r
- else\r
- PyErr_Format(PyExc_RuntimeError,\r
- "Failed to read %zi bytes from /dev/urandom",\r
- size);\r
- return -1;\r
- }\r
- return 0;\r
-}\r
-\r
-static void\r
-dev_urandom_close(void)\r
-{\r
- if (urandom_cache.fd >= 0) {\r
- close(urandom_cache.fd);\r
- urandom_cache.fd = -1;\r
- }\r
-}\r
-\r
-\r
-#endif /* !defined(MS_WINDOWS) && !defined(__VMS) */\r
-\r
-/* Fill buffer with pseudo-random bytes generated by a linear congruent\r
- generator (LCG):\r
-\r
- x(n+1) = (x(n) * 214013 + 2531011) % 2^32\r
-\r
- Use bits 23..16 of x(n) to generate a byte. */\r
-static void\r
-lcg_urandom(unsigned int x0, unsigned char *buffer, size_t size)\r
-{\r
- size_t index;\r
- unsigned int x;\r
-\r
- x = x0;\r
- for (index=0; index < size; index++) {\r
- x *= 214013;\r
- x += 2531011;\r
- /* modulo 2 ^ (8 * sizeof(int)) */\r
- buffer[index] = (x >> 16) & 0xff;\r
- }\r
-}\r
-\r
-/* Fill buffer with size pseudo-random bytes from the operating system random\r
- number generator (RNG). It is suitable for most cryptographic purposes\r
- except long living private keys for asymmetric encryption.\r
-\r
- Return 0 on success, raise an exception and return -1 on error. */\r
-int\r
-_PyOS_URandom(void *buffer, Py_ssize_t size)\r
-{\r
- if (size < 0) {\r
- PyErr_Format(PyExc_ValueError,\r
- "negative argument not allowed");\r
- return -1;\r
- }\r
- if (size == 0)\r
- return 0;\r
-\r
-#ifdef MS_WINDOWS\r
- return win32_urandom((unsigned char *)buffer, size, 1);\r
-#elif HAVE_GETENTROPY\r
- return py_getentropy(buffer, size, 0);\r
-#else\r
-# ifdef __VMS\r
- return vms_urandom((unsigned char *)buffer, size, 1);\r
-# else\r
- return dev_urandom_python((char*)buffer, size);\r
-# endif\r
-#endif\r
-}\r
-\r
-void\r
-_PyRandom_Init(void)\r
-{\r
- char *env;\r
- void *secret = &_Py_HashSecret;\r
- Py_ssize_t secret_size = sizeof(_Py_HashSecret_t);\r
-\r
- if (_Py_HashSecret_Initialized)\r
- return;\r
- _Py_HashSecret_Initialized = 1;\r
-\r
- /*\r
- By default, hash randomization is disabled, and only\r
- enabled if PYTHONHASHSEED is set to non-empty or if\r
- "-R" is provided at the command line:\r
- */\r
- if (!Py_HashRandomizationFlag) {\r
- /* Disable the randomized hash: */\r
- memset(secret, 0, secret_size);\r
- return;\r
- }\r
-\r
- /*\r
- Hash randomization is enabled. Generate a per-process secret,\r
- using PYTHONHASHSEED if provided.\r
- */\r
-\r
- env = Py_GETENV("PYTHONHASHSEED");\r
- if (env && *env != '\0' && strcmp(env, "random") != 0) {\r
- char *endptr = env;\r
- unsigned long seed;\r
- seed = strtoul(env, &endptr, 10);\r
- if (*endptr != '\0'\r
- || seed > 4294967295UL\r
- || (errno == ERANGE && seed == ULONG_MAX))\r
- {\r
- Py_FatalError("PYTHONHASHSEED must be \"random\" or an integer "\r
- "in range [0; 4294967295]");\r
- }\r
- if (seed == 0) {\r
- /* disable the randomized hash */\r
- memset(secret, 0, secret_size);\r
- }\r
- else {\r
- lcg_urandom(seed, (unsigned char*)secret, secret_size);\r
- }\r
- }\r
- else {\r
-#ifdef MS_WINDOWS\r
- (void)win32_urandom((unsigned char *)secret, secret_size, 0);\r
-#elif __VMS\r
- vms_urandom((unsigned char *)secret, secret_size, 0);\r
-#elif HAVE_GETENTROPY\r
- (void)py_getentropy(secret, secret_size, 1);\r
-#else\r
- dev_urandom_noraise(secret, secret_size);\r
-#endif\r
- }\r
-}\r
-\r
-void\r
-_PyRandom_Fini(void)\r
-{\r
-#ifdef MS_WINDOWS\r
- if (hCryptProv) {\r
- CryptReleaseContext(hCryptProv, 0);\r
- hCryptProv = 0;\r
- }\r
-#elif HAVE_GETENTROPY\r
- /* nothing to clean */\r
-#else\r
- dev_urandom_close();\r
-#endif\r
-}\r