use getentropy when available (backport of 75ede5bec8db) (closes #23115)

This commit is contained in:
Benjamin Peterson
2014-12-26 11:09:00 -06:00
parent a71cfc5cf3
commit 27c269a1fe
6 changed files with 51 additions and 7 deletions

View File

@@ -92,8 +92,33 @@ win32_urandom(unsigned char *buffer, Py_ssize_t size, int raise)
}
return 0;
}
#endif /* MS_WINDOWS */
#elif HAVE_GETENTROPY
/* Fill buffer with size pseudo-random bytes generated by getentropy().
Return 0 on success, or raise an exception and return -1 on error.
If fatal is nonzero, call Py_FatalError() instead of raising an exception
on error. */
static int
py_getentropy(unsigned char *buffer, Py_ssize_t size, int fatal)
{
while (size > 0) {
Py_ssize_t len = Py_MIN(size, 256);
int res = getentropy(buffer, len);
if (res < 0) {
if (fatal) {
Py_FatalError("getentropy() failed");
}
else {
PyErr_SetFromErrno(PyExc_OSError);
return -1;
}
}
buffer += len;
size -= len;
}
return 0;
}
#endif
#ifdef __VMS
/* Use openssl random routine */
@@ -291,6 +316,8 @@ _PyOS_URandom(void *buffer, Py_ssize_t size)
#ifdef MS_WINDOWS
return win32_urandom((unsigned char *)buffer, size, 1);
#elif HAVE_GETENTROPY
return py_getentropy(buffer, size, 0);
#else
# ifdef __VMS
return vms_urandom((unsigned char *)buffer, size, 1);
@@ -350,12 +377,12 @@ _PyRandom_Init(void)
else {
#ifdef MS_WINDOWS
(void)win32_urandom((unsigned char *)secret, secret_size, 0);
#else /* #ifdef MS_WINDOWS */
# ifdef __VMS
#elif __VMS
vms_urandom((unsigned char *)secret, secret_size, 0);
# else
dev_urandom_noraise((unsigned char*)secret, secret_size);
# endif
#elif HAVE_GETENTROPY
(void)py_getentropy(secret, secret_size, 1);
#else
dev_urandom_noraise(secret, secret_size);
#endif
}
}
@@ -368,6 +395,8 @@ _PyRandom_Fini(void)
CryptReleaseContext(hCryptProv, 0);
hCryptProv = 0;
}
#elif HAVE_GETENTROPY
/* nothing to clean */
#else
dev_urandom_close();
#endif