From 77389ac83db5a04e173fce52170dd8d2003e5560 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Tue, 31 Dec 2013 13:32:50 -0600 Subject: rename urandom engine to osrandom engine --- cryptography/hazmat/backends/openssl/backend.py | 24 +-- .../hazmat/backends/openssl/osrand_engine.py | 176 +++++++++++++++++++++ .../hazmat/backends/openssl/urand_engine.py | 176 --------------------- tests/hazmat/backends/test_openssl.py | 46 +++--- 4 files changed, 211 insertions(+), 211 deletions(-) create mode 100644 cryptography/hazmat/backends/openssl/osrand_engine.py delete mode 100644 cryptography/hazmat/backends/openssl/urand_engine.py diff --git a/cryptography/hazmat/backends/openssl/backend.py b/cryptography/hazmat/backends/openssl/backend.py index 93d15740..5a28b2d4 100644 --- a/cryptography/hazmat/backends/openssl/backend.py +++ b/cryptography/hazmat/backends/openssl/backend.py @@ -93,7 +93,7 @@ class Backend(object): "rand", "rsa", "ssl", - "urand_engine", + "osrand_engine", "x509", "x509name", "x509v3", @@ -107,7 +107,7 @@ class Backend(object): self._cipher_registry = {} self._register_default_ciphers() - self.register_urandom_engine() + self.register_osrandom_engine() @classmethod def _ensure_ffi_initialized(cls): @@ -172,36 +172,36 @@ class Backend(object): cls.lib.OpenSSL_add_all_algorithms() cls.lib.SSL_load_error_strings() - # Add the urandom engine to the engine list - res = cls.lib.Cryptography_add_urandom_engine() + # Add the osrandom engine to the engine list + res = cls.lib.Cryptography_add_osrandom_engine() assert res == 1 - def unregister_urandom_engine(self): + def unregister_osrandom_engine(self): e = self.lib.ENGINE_get_default_RAND() if e != self.ffi.NULL: name = self.lib.ENGINE_get_name(e) assert name != self.ffi.NULL - if name == self.lib.Cryptography_urandom_engine_name: + if name == self.lib.Cryptography_osrandom_engine_name: self.lib.ENGINE_unregister_RAND(e) # this resets the RNG to use the new engine self.lib.RAND_cleanup() res = self.lib.ENGINE_finish(e) assert res == 1 - def register_urandom_engine(self): + def register_osrandom_engine(self): current_rand = self.lib.ENGINE_get_default_RAND() if current_rand != self.ffi.NULL: name = self.lib.ENGINE_get_name(current_rand) assert name != self.ffi.NULL - if name != self.lib.Cryptography_urandom_engine_name: - self._register_urandom_engine() + if name != self.lib.Cryptography_osrandom_engine_name: + self._register_osrandom_engine() res = self.lib.ENGINE_finish(current_rand) assert res == 1 else: - self._register_urandom_engine() + self._register_osrandom_engine() - def _register_urandom_engine(self): - e = self.lib.ENGINE_by_id(self.lib.Cryptography_urandom_engine_id) + def _register_osrandom_engine(self): + e = self.lib.ENGINE_by_id(self.lib.Cryptography_osrandom_engine_id) assert e != self.ffi.NULL res = self.lib.ENGINE_init(e) assert res == 1 diff --git a/cryptography/hazmat/backends/openssl/osrand_engine.py b/cryptography/hazmat/backends/openssl/osrand_engine.py new file mode 100644 index 00000000..b0cdf80f --- /dev/null +++ b/cryptography/hazmat/backends/openssl/osrand_engine.py @@ -0,0 +1,176 @@ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +INCLUDES = """ +#ifdef _WIN32 +#include +#else +#include +#include +#endif +""" + +TYPES = """ +static const char *const Cryptography_osrandom_engine_name; +static const char *const Cryptography_osrandom_engine_id; +""" + +FUNCTIONS = """ +int Cryptography_add_osrandom_engine(void); +""" + +MACROS = """ +""" + +CUSTOMIZATIONS = """ +static const char *Cryptography_osrandom_engine_id= "osrandom"; +static const char *Cryptography_osrandom_engine_name = "osrandom_engine"; + +#ifndef _WIN32 +static int urandom_fd = -1; + +static int osrandom_rand_bytes(unsigned char *buffer, int size) { + ssize_t n; + while (0 < size) { + do { + n = read(urandom_fd, buffer, (size_t)size); + } while (n < 0 && errno == EINTR); + if (n <= 0) { + return 0; + break; + } + buffer += n; + size -= n; + } + return 1; +} + +static int osrandom_rand_status(void) { + if (urandom_fd == -1) { + return 0; + } else { + return 1; + } +} + +static int osrandom_init(ENGINE *e) { + if (urandom_fd > -1) { + return 1; + } + urandom_fd = open("/dev/urandom", O_RDONLY); + if (urandom_fd > -1) { + return 1; + } else { + return 0; + } +} + +static int osrandom_finish(ENGINE *e) { + int n; + do { + n = close(urandom_fd); + } while (n < 0 && errno == EINTR); + if (n < 0) { + return 0; + } else { + urandom_fd = -1; + return 1; + } +} +#endif + +#ifdef _WIN32 +static HCRYPTPROV hCryptProv = 0; + +static int osrandom_init(ENGINE *e) { + if (hCryptProv > 0) { + return 1; + } + if (CryptAcquireContext(&hCryptProv, NULL, NULL, + PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)) { + return 1; + } else { + return 0; + } +} + +static int osrandom_rand_bytes(unsigned char *buffer, int size) { + size_t chunk; + + if (hCryptProv == 0) { + return 0; + } + + while (size > 0) { + chunk = size; + if (!CryptGenRandom(hCryptProv, (DWORD)chunk, buffer)) { + return 0; + } + buffer += chunk; + size -= chunk; + } + return 1; +} + +static int osrandom_finish(ENGINE *e) { + if (CryptReleaseContext(hCryptProv, 0)) { + hCryptProv = 0; + return 1; + } else { + return 0; + } +} + +static int osrandom_rand_status(void) { + if (hCryptProv == 0) { + return 0; + } else { + return 1; + } +} +#endif /* MS_WINDOWS */ + +static RAND_METHOD osrandom_rand = { + NULL, + osrandom_rand_bytes, + NULL, + NULL, + osrandom_rand_bytes, + osrandom_rand_status, +}; + +int Cryptography_add_osrandom_engine(void) { + ENGINE *e = ENGINE_new(); + if (e == NULL) { + return 0; + } + if(!ENGINE_set_id(e, Cryptography_osrandom_engine_id) || + !ENGINE_set_name(e, Cryptography_osrandom_engine_name) || + !ENGINE_set_RAND(e, &osrandom_rand) || + !ENGINE_set_init_function(e, osrandom_init) || + !ENGINE_set_finish_function(e, osrandom_finish)) { + return 0; + } + if (!ENGINE_add(e)) { + ENGINE_free(e); + return 0; + } + if (!ENGINE_free(e)) { + return 0; + } + + return 1; +} +""" + +CONDITIONAL_NAMES = {} diff --git a/cryptography/hazmat/backends/openssl/urand_engine.py b/cryptography/hazmat/backends/openssl/urand_engine.py deleted file mode 100644 index ff5e5613..00000000 --- a/cryptography/hazmat/backends/openssl/urand_engine.py +++ /dev/null @@ -1,176 +0,0 @@ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -INCLUDES = """ -#ifdef _WIN32 -#include -#else -#include -#include -#endif -""" - -TYPES = """ -static const char *const Cryptography_urandom_engine_name; -static const char *const Cryptography_urandom_engine_id; -""" - -FUNCTIONS = """ -int Cryptography_add_urandom_engine(void); -""" - -MACROS = """ -""" - -CUSTOMIZATIONS = """ -static const char *Cryptography_urandom_engine_id= "urandom"; -static const char *Cryptography_urandom_engine_name = "urandom_engine"; - -#ifndef _WIN32 -static int urandom_fd = -1; - -static int urandom_rand_bytes(unsigned char *buffer, int size) { - ssize_t n; - while (0 < size) { - do { - n = read(urandom_fd, buffer, (size_t)size); - } while (n < 0 && errno == EINTR); - if (n <= 0) { - return 0; - break; - } - buffer += n; - size -= n; - } - return 1; -} - -static int urandom_rand_status(void) { - if (urandom_fd == -1) { - return 0; - } else { - return 1; - } -} - -static int urandom_init(ENGINE *e) { - if (urandom_fd > -1) { - return 1; - } - urandom_fd = open("/dev/urandom", O_RDONLY); - if (urandom_fd > -1) { - return 1; - } else { - return 0; - } -} - -static int urandom_finish(ENGINE *e) { - int n; - do { - n = close(urandom_fd); - } while (n < 0 && errno == EINTR); - if (n < 0) { - return 0; - } else { - urandom_fd = -1; - return 1; - } -} -#endif - -#ifdef _WIN32 -static HCRYPTPROV hCryptProv = 0; - -static int urandom_init(ENGINE *e) { - if (hCryptProv > 0) { - return 1; - } - if (CryptAcquireContext(&hCryptProv, NULL, NULL, - PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)) { - return 1; - } else { - return 0; - } -} - -static int urandom_rand_bytes(unsigned char *buffer, int size) { - size_t chunk; - - if (hCryptProv == 0) { - return 0; - } - - while (size > 0) { - chunk = size; - if (!CryptGenRandom(hCryptProv, (DWORD)chunk, buffer)) { - return 0; - } - buffer += chunk; - size -= chunk; - } - return 1; -} - -static int urandom_finish(ENGINE *e) { - if (CryptReleaseContext(hCryptProv, 0)) { - hCryptProv = 0; - return 1; - } else { - return 0; - } -} - -static int urandom_rand_status(void) { - if (hCryptProv == 0) { - return 0; - } else { - return 1; - } -} -#endif /* MS_WINDOWS */ - -static RAND_METHOD urandom_rand = { - NULL, - urandom_rand_bytes, - NULL, - NULL, - urandom_rand_bytes, - urandom_rand_status, -}; - -int Cryptography_add_urandom_engine(void) { - ENGINE *e = ENGINE_new(); - if (e == NULL) { - return 0; - } - if(!ENGINE_set_id(e, Cryptography_urandom_engine_id) || - !ENGINE_set_name(e, Cryptography_urandom_engine_name) || - !ENGINE_set_RAND(e, &urandom_rand) || - !ENGINE_set_init_function(e, urandom_init) || - !ENGINE_set_finish_function(e, urandom_finish)) { - return 0; - } - if (!ENGINE_add(e)) { - ENGINE_free(e); - return 0; - } - if (!ENGINE_free(e)) { - return 0; - } - - return 1; -} -""" - -CONDITIONAL_NAMES = {} diff --git a/tests/hazmat/backends/test_openssl.py b/tests/hazmat/backends/test_openssl.py index 82832b10..3fabfe38 100644 --- a/tests/hazmat/backends/test_openssl.py +++ b/tests/hazmat/backends/test_openssl.py @@ -192,10 +192,10 @@ class TestOpenSSL(object): # This test is not in the next class because to check if it's really # default we don't want to run the setup_method before it - def test_urandom_engine_is_default(self): + def test_osrandom_engine_is_default(self): e = backend.lib.ENGINE_get_default_RAND() name = backend.lib.ENGINE_get_name(e) - assert name == backend.lib.Cryptography_urandom_engine_name + assert name == backend.lib.Cryptography_osrandom_engine_name res = backend.lib.ENGINE_free(e) assert res == 1 @@ -211,78 +211,78 @@ class TestOpenSSLRandomEngine(object): # we need to reset state to being default. backend is a shared global # for all these tests. unregister_dummy_engine() - backend.register_urandom_engine() + backend.register_osrandom_engine() current_default = backend.lib.ENGINE_get_default_RAND() name = backend.lib.ENGINE_get_name(current_default) - assert name == backend.lib.Cryptography_urandom_engine_name + assert name == backend.lib.Cryptography_osrandom_engine_name - def test_register_urandom_already_default(self): + def test_register_osrandom_already_default(self): e = backend.lib.ENGINE_get_default_RAND() name = backend.lib.ENGINE_get_name(e) - assert name == backend.lib.Cryptography_urandom_engine_name + assert name == backend.lib.Cryptography_osrandom_engine_name res = backend.lib.ENGINE_free(e) assert res == 1 - backend.register_urandom_engine() + backend.register_osrandom_engine() e = backend.lib.ENGINE_get_default_RAND() name = backend.lib.ENGINE_get_name(e) - assert name == backend.lib.Cryptography_urandom_engine_name + assert name == backend.lib.Cryptography_osrandom_engine_name res = backend.lib.ENGINE_free(e) assert res == 1 - def test_unregister_urandom_engine_nothing_registered(self): - backend.unregister_urandom_engine() + def test_unregister_osrandom_engine_nothing_registered(self): + backend.unregister_osrandom_engine() e = backend.lib.ENGINE_get_default_RAND() assert e == backend.ffi.NULL - backend.unregister_urandom_engine() + backend.unregister_osrandom_engine() e = backend.lib.ENGINE_get_default_RAND() assert e == backend.ffi.NULL - def test_unregister_urandom_engine(self): + def test_unregister_osrandom_engine(self): e = backend.lib.ENGINE_get_default_RAND() assert e != backend.ffi.NULL name = backend.lib.ENGINE_get_name(e) - assert name == backend.lib.Cryptography_urandom_engine_name + assert name == backend.lib.Cryptography_osrandom_engine_name res = backend.lib.ENGINE_free(e) assert res == 1 - backend.unregister_urandom_engine() + backend.unregister_osrandom_engine() e = backend.lib.ENGINE_get_default_RAND() assert e == backend.ffi.NULL - def test_register_urandom_no_default(self): - backend.unregister_urandom_engine() + def test_register_osrandom_no_default(self): + backend.unregister_osrandom_engine() e = backend.lib.ENGINE_get_default_RAND() assert e == backend.ffi.NULL - backend.register_urandom_engine() + backend.register_osrandom_engine() e = backend.lib.ENGINE_get_default_RAND() name = backend.lib.ENGINE_get_name(e) - assert name == backend.lib.Cryptography_urandom_engine_name + assert name == backend.lib.Cryptography_osrandom_engine_name res = backend.lib.ENGINE_free(e) assert res == 1 - def test_unregister_urandom_other_engine_default(self): + def test_unregister_osrandom_other_engine_default(self): register_dummy_engine() default = backend.lib.ENGINE_get_default_RAND() default_name = backend.lib.ENGINE_get_name(default) assert default_name == dummy_engine.Cryptography_faux_engine_name res = backend.lib.ENGINE_finish(default) assert res == 1 - backend.unregister_urandom_engine() + backend.unregister_osrandom_engine() current_default = backend.lib.ENGINE_get_default_RAND() name = backend.lib.ENGINE_get_name(current_default) assert name == dummy_engine.Cryptography_faux_engine_name res = backend.lib.ENGINE_finish(current_default) assert res == 1 - def test_register_urandom_other_engine_default(self): + def test_register_osrandom_other_engine_default(self): register_dummy_engine() default = backend.lib.ENGINE_get_default_RAND() default_name = backend.lib.ENGINE_get_name(default) assert default_name == dummy_engine.Cryptography_faux_engine_name res = backend.lib.ENGINE_finish(default) assert res == 1 - backend.register_urandom_engine() + backend.register_osrandom_engine() current_default = backend.lib.ENGINE_get_default_RAND() name = backend.lib.ENGINE_get_name(current_default) - assert name == backend.lib.Cryptography_urandom_engine_name + assert name == backend.lib.Cryptography_osrandom_engine_name res = backend.lib.ENGINE_finish(current_default) assert res == 1 -- cgit v1.2.3