New osrandom_engine in C (#3229)

* New osrandom_engine in C

Inspired by Python/random.c and the old implementation.

Signed-off-by: Christian Heimes <christian@python.org>

* osrandom_engine

* Fix naming bug caused by search 'n replace mistake
* Make it easier to override osrandom auto-detection
* Add engine ctrl and backend API to get implementation from ENGINE

Signed-off-by: Christian Heimes <christian@python.org>

* Better test coverage, documentation, LICENSE

Signed-off-by: Christian Heimes <christian@python.org>

* Coverage is hard.

Signed-off-by: Christian Heimes <christian@python.org>

* * enable win32 check
* read() returns size_t

Signed-off-by: Christian Heimes <christian@python.org>

* Add macOS to spelling list. Remove dead code from header file.

Signed-off-by: Christian Heimes <christian@python.org>

* remove CCRandomGenerateBytes path and update getentropy to work on macOS

This change allows us to test all the engines in our CI:
* getentropy (tested by macOS sierra)
* getrandom (tested on several linux builders)
* /dev/urandom (tested on FreeBSD, OS X 10.11 and below, & older linux)
* CryptGenRandom (tested on windows builders)

I also fixed bugs preventing compilation in the getentropy code

* getentropy() returns int and is restricted to 256 bytes on macOS, too.

Signed-off-by: Christian Heimes <christian@python.org>

* add versionadded

* Re-add import of os module

* Fixes related to Alex's recent review.

Signed-off-by: Christian Heimes <christian@python.org>

* Add error reporting and fail for EAGAIN

Add error reporting strings for various error cases. This gives us much
nicer and understandable error messages.

SYS_getrandom() EAGAIN is now an error. Cryptography refuses to
initialize its osrandom engine when the Kernel's CPRNG hasn't been
seeded yet.

Signed-off-by: Christian Heimes <christian@python.org>

1 files changed, 19 insertions, 13 deletions

diff --git a/tests/hazmat/backends/test_openssl.py b/tests/hazmat/backends/test_openssl.py
index db3c19b8..47c46065 100644
--- a/tests/hazmat/backends/test_openssl.py
+++ b/tests/hazmat/backends/test_openssl.py
@@ -11,6 +11,8 @@ import subprocess
 import sys
 import textwrap
 
+from pkg_resources import parse_version
+
 import pytest
 
 from cryptography import utils, x509
@@ -173,19 +175,6 @@ class TestOpenSSL(object):
         bn = backend._int_to_bn(0)
         assert backend._bn_to_int(bn) == 0
 
-    def test_actual_osrandom_bytes(self, monkeypatch):
-        skip_if_libre_ssl(backend.openssl_version_text())
-        sample_data = (b"\x01\x02\x03\x04" * 4)
-        length = len(sample_data)
-
-        def notrandom(size):
-            assert size == length
-            return sample_data
-        monkeypatch.setattr(os, "urandom", notrandom)
-        buf = backend._ffi.new("unsigned char[]", length)
-        backend._lib.RAND_bytes(buf, length)
-        assert backend._ffi.buffer(buf)[0:length] == sample_data
-
 
 class TestOpenSSLRandomEngine(object):
     def setup(self):
@@ -282,6 +271,23 @@ class TestOpenSSLRandomEngine(object):
         e = backend._lib.ENGINE_get_default_RAND()
         assert e == backend._ffi.NULL
 
+    def test_osrandom_engine_implementation(self):
+        name = backend.osrandom_engine_implementation()
+        assert name in ['/dev/urandom', 'CryptGenRandom', 'getentropy',
+                        'getrandom']
+        if sys.platform.startswith('linux'):
+            assert name in ['getrandom', '/dev/urandom']
+        if sys.platform == 'darwin':
+            # macOS 10.12+ supports getentropy
+            if parse_version(os.uname()[2]) >= parse_version("16.0"):
+                assert name == 'getentropy'
+            else:
+                assert name == '/dev/urandom'
+        if 'bsd' in sys.platform:
+            assert name in ['getentropy', '/dev/urandom']
+        if sys.platform == 'win32':
+            assert name == 'CryptGenRandom'
+
     def test_activate_osrandom_already_default(self):
         e = backend._lib.ENGINE_get_default_RAND()
         name = backend._lib.ENGINE_get_name(e)