From 2e717761c364398dd81a3221d724369ebd74db43 Mon Sep 17 00:00:00 2001 From: Christian Heimes Date: Fri, 9 Dec 2016 17:02:26 +0100 Subject: New osrandom_engine in C (#3229) * New osrandom_engine in C Inspired by Python/random.c and the old implementation. Signed-off-by: Christian Heimes * osrandom_engine * Fix naming bug caused by search 'n replace mistake * Make it easier to override osrandom auto-detection * Add engine ctrl and backend API to get implementation from ENGINE Signed-off-by: Christian Heimes * Better test coverage, documentation, LICENSE Signed-off-by: Christian Heimes * Coverage is hard. Signed-off-by: Christian Heimes * * enable win32 check * read() returns size_t Signed-off-by: Christian Heimes * Add macOS to spelling list. Remove dead code from header file. Signed-off-by: Christian Heimes * remove CCRandomGenerateBytes path and update getentropy to work on macOS This change allows us to test all the engines in our CI: * getentropy (tested by macOS sierra) * getrandom (tested on several linux builders) * /dev/urandom (tested on FreeBSD, OS X 10.11 and below, & older linux) * CryptGenRandom (tested on windows builders) I also fixed bugs preventing compilation in the getentropy code * getentropy() returns int and is restricted to 256 bytes on macOS, too. Signed-off-by: Christian Heimes * add versionadded * Re-add import of os module * Fixes related to Alex's recent review. Signed-off-by: Christian Heimes * Add error reporting and fail for EAGAIN Add error reporting strings for various error cases. This gives us much nicer and understandable error messages. SYS_getrandom() EAGAIN is now an error. Cryptography refuses to initialize its osrandom engine when the Kernel's CPRNG hasn't been seeded yet. Signed-off-by: Christian Heimes --- LICENSE | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'LICENSE') diff --git a/LICENSE b/LICENSE index bf6a3de1..e290cd10 100644 --- a/LICENSE +++ b/LICENSE @@ -2,5 +2,6 @@ This software is made available under the terms of *either* of the licenses found in LICENSE.APACHE or LICENSE.BSD. Contributions to cryptography are made under the terms of *both* these licenses. -The code used in the OpenSSL locking callback is derived from the same in -Python itself, and is licensed under the terms of the PSF License Agreement. +The code used in the OpenSSL locking callback and OS random engine is derived +from the same in CPython itself, and is licensed under the terms of the PSF +License Agreement. -- cgit v1.2.3