From 332936dffb7c8574be7340271f9cfb196f25a016 Mon Sep 17 00:00:00 2001 From: Glyph Date: Fri, 26 Jun 2015 21:59:15 -0700 Subject: deopaque a couple of things --- src/_cffi_src/openssl/engine.py | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) (limited to 'src') diff --git a/src/_cffi_src/openssl/engine.py b/src/_cffi_src/openssl/engine.py index 3ebfa6c1..bc5c1906 100644 --- a/src/_cffi_src/openssl/engine.py +++ b/src/_cffi_src/openssl/engine.py @@ -11,15 +11,24 @@ INCLUDES = """ TYPES = """ static const long Cryptography_HAS_ENGINE_CRYPTODEV; +struct rand_meth_st { + void (*seed)(const void *buf, int num); + int (*bytes)(unsigned char *buf, int num); + void (*cleanup)(void); + void (*add)(const void *buf, int num, double entropy); + int (*pseudorand)(unsigned char *buf, int num); + int (*status)(void); +}; + typedef ... ENGINE; typedef ... RSA_METHOD; typedef ... DSA_METHOD; typedef ... ECDH_METHOD; typedef ... ECDSA_METHOD; typedef ... DH_METHOD; -typedef ... RAND_METHOD; +typedef struct rand_meth_st RAND_METHOD; typedef ... STORE_METHOD; -typedef ... *ENGINE_GEN_INT_FUNC_PTR; +typedef int(*ENGINE_GEN_INT_FUNC_PTR)(ENGINE*); typedef ... *ENGINE_CTRL_FUNC_PTR; typedef ... *ENGINE_LOAD_KEY_PTR; typedef ... *ENGINE_CIPHERS_PTR; -- cgit v1.2.3 From e55898a7e9ec9ab6374b617140e87ef12b3fd2d5 Mon Sep 17 00:00:00 2001 From: Glyph Date: Fri, 26 Jun 2015 22:00:07 -0700 Subject: a place for a couple of new constants to live --- src/cryptography/hazmat/bindings/openssl/binding.py | 2 ++ 1 file changed, 2 insertions(+) (limited to 'src') diff --git a/src/cryptography/hazmat/bindings/openssl/binding.py b/src/cryptography/hazmat/bindings/openssl/binding.py index e0a83972..8f741a29 100644 --- a/src/cryptography/hazmat/bindings/openssl/binding.py +++ b/src/cryptography/hazmat/bindings/openssl/binding.py @@ -20,6 +20,8 @@ class Binding(object): _lock_cb_handle = None _init_lock = threading.Lock() _lock_init_lock = threading.Lock() + _osrandom_engine_id = b"osrandom" + _osrandom_engine_name = b"osrandom_engine" def __init__(self): self._ensure_ffi_initialized() -- cgit v1.2.3 From 73541ea8b61ae871fcd4470600f7012fb1aa75b3 Mon Sep 17 00:00:00 2001 From: Glyph Date: Fri, 26 Jun 2015 22:00:45 -0700 Subject: use new constant --- src/cryptography/hazmat/backends/openssl/backend.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src') diff --git a/src/cryptography/hazmat/backends/openssl/backend.py b/src/cryptography/hazmat/backends/openssl/backend.py index 78de79d1..85f65972 100644 --- a/src/cryptography/hazmat/backends/openssl/backend.py +++ b/src/cryptography/hazmat/backends/openssl/backend.py @@ -197,7 +197,7 @@ class Backend(object): self.activate_builtin_random() # Fetches an engine by id and returns it. This creates a structural # reference. - e = self._lib.ENGINE_by_id(self._lib.Cryptography_osrandom_engine_id) + e = self._lib.ENGINE_by_id(self._binding._osrandom_engine_id) assert e != self._ffi.NULL # Initialize the engine for use. This adds a functional reference. res = self._lib.ENGINE_init(e) -- cgit v1.2.3 From b3d37a5d485bcd295d1933d638180e9cd5d23478 Mon Sep 17 00:00:00 2001 From: Glyph Date: Fri, 26 Jun 2015 22:01:09 -0700 Subject: python implementation --- .../hazmat/bindings/openssl/binding.py | 66 +++++++++++++++++++++- 1 file changed, 65 insertions(+), 1 deletion(-) (limited to 'src') diff --git a/src/cryptography/hazmat/bindings/openssl/binding.py b/src/cryptography/hazmat/bindings/openssl/binding.py index 8f741a29..94751cf5 100644 --- a/src/cryptography/hazmat/bindings/openssl/binding.py +++ b/src/cryptography/hazmat/bindings/openssl/binding.py @@ -4,6 +4,7 @@ from __future__ import absolute_import, division, print_function +import os import threading from cryptography.hazmat.bindings._openssl import ffi, lib @@ -18,10 +19,12 @@ class Binding(object): _lib_loaded = False _locks = None _lock_cb_handle = None + _rand_method = None _init_lock = threading.Lock() _lock_init_lock = threading.Lock() _osrandom_engine_id = b"osrandom" _osrandom_engine_name = b"osrandom_engine" + _retained = [] def __init__(self): self._ensure_ffi_initialized() @@ -34,9 +37,70 @@ class Binding(object): with cls._init_lock: if not cls._lib_loaded: cls._lib_loaded = True - res = cls.lib.Cryptography_add_osrandom_engine() + res = cls._register_osrandom_engine() assert res != 0 + @classmethod + def _register_osrandom_engine(cls): + def retain(it): + cls._retained.append(it) + return it + + if cls._rand_method is not None: + raise TypeError("no") + method = cls.ffi.new("RAND_METHOD*") + retain(method) + method.seed = cls.ffi.NULL + + @retain + @cls.ffi.callback("int (*)(unsigned char *buf, int num)", error=0) + def osrandom_rand_bytes(buf, size): + signed = cls.ffi.cast("char*", buf) + result = os.urandom(size) + signed[0:size] = result + return 1 + + @retain + @cls.ffi.callback("int (*)(unsigned char *buf, int num)", error=0) + def osrandom_pseudo_rand_bytes(buf, size): + result = osrandom_rand_bytes(buf, size) + if result == 0: + return -1 + else: + return result + + @retain + @cls.ffi.callback("int (*)(void)", error=0) + def osrandom_rand_status(): + return 1 + + @retain + @cls.ffi.callback("ENGINE_GEN_INT_FUNC_PTR", error=0) + def osrandom_init(engine): + return 1 + + @retain + @cls.ffi.callback("ENGINE_GEN_INT_FUNC_PTR", error=0) + def osrandom_finish(engine): + return 1 + + method.bytes = osrandom_rand_bytes + method.cleanup = cls.ffi.NULL + method.add = cls.ffi.NULL + method.pseudorand = osrandom_pseudo_rand_bytes + method.status = osrandom_rand_status + + e = cls.lib.ENGINE_new() + result = (cls.lib.ENGINE_set_id(e, cls._osrandom_engine_id) + and cls.lib.ENGINE_set_name(e, cls._osrandom_engine_name) + and cls.lib.ENGINE_set_RAND(e, method) + and cls.lib.ENGINE_set_init_function(e, osrandom_init) + and cls.lib.ENGINE_set_finish_function(e, osrandom_finish) + and cls.lib.ENGINE_add(e)) + if not cls.lib.ENGINE_free(e): + return 0 + return result + @classmethod def init_static_locks(cls): with cls._lock_init_lock: -- cgit v1.2.3 From b51d246eb6ccaed7920ba6dd6a816f74d1158c16 Mon Sep 17 00:00:00 2001 From: Glyph Date: Fri, 26 Jun 2015 22:08:44 -0700 Subject: remove remaining vestiges, make adding twice work --- src/_cffi_src/build_openssl.py | 1 - src/_cffi_src/openssl/osrandom_engine.py | 31 ---- src/_cffi_src/openssl/src/osrandom_engine.c | 167 --------------------- src/_cffi_src/openssl/src/osrandom_engine.h | 6 - .../hazmat/bindings/openssl/binding.py | 5 +- 5 files changed, 2 insertions(+), 208 deletions(-) delete mode 100644 src/_cffi_src/openssl/osrandom_engine.py delete mode 100644 src/_cffi_src/openssl/src/osrandom_engine.c delete mode 100644 src/_cffi_src/openssl/src/osrandom_engine.h (limited to 'src') diff --git a/src/_cffi_src/build_openssl.py b/src/_cffi_src/build_openssl.py index 1ebadccb..dac3e4d8 100644 --- a/src/_cffi_src/build_openssl.py +++ b/src/_cffi_src/build_openssl.py @@ -78,7 +78,6 @@ ffi = build_ffi_for_binding( "nid", "objects", "opensslv", - "osrandom_engine", "pem", "pkcs7", "pkcs12", diff --git a/src/_cffi_src/openssl/osrandom_engine.py b/src/_cffi_src/openssl/osrandom_engine.py deleted file mode 100644 index a8479b07..00000000 --- a/src/_cffi_src/openssl/osrandom_engine.py +++ /dev/null @@ -1,31 +0,0 @@ -# This file is dual licensed under the terms of the Apache License, Version -# 2.0, and the BSD License. See the LICENSE file in the root of this repository -# for complete details. - -from __future__ import absolute_import, division, print_function - -import os - -with open(os.path.join( - os.path.dirname(__file__), "src/osrandom_engine.h" -)) as f: - INCLUDES = f.read() - -TYPES = """ -static const char *const Cryptography_osrandom_engine_name; -static const char *const Cryptography_osrandom_engine_id; -""" - -FUNCTIONS = """ -int Cryptography_add_osrandom_engine(void); -""" - -MACROS = """ -""" - -with open(os.path.join( - os.path.dirname(__file__), "src/osrandom_engine.c" -)) as f: - CUSTOMIZATIONS = f.read() - -CONDITIONAL_NAMES = {} diff --git a/src/_cffi_src/openssl/src/osrandom_engine.c b/src/_cffi_src/openssl/src/osrandom_engine.c deleted file mode 100644 index 27894712..00000000 --- a/src/_cffi_src/openssl/src/osrandom_engine.c +++ /dev/null @@ -1,167 +0,0 @@ -static const char *Cryptography_osrandom_engine_id = "osrandom"; -static const char *Cryptography_osrandom_engine_name = "osrandom_engine"; - -#if defined(_WIN32) -static HCRYPTPROV hCryptProv = 0; - -static int osrandom_init(ENGINE *e) { - if (hCryptProv > 0) { - return 1; - } - if (CryptAcquireContext(&hCryptProv, NULL, NULL, - PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)) { - return 1; - } else { - return 0; - } -} - -static int osrandom_rand_bytes(unsigned char *buffer, int size) { - if (hCryptProv == 0) { - return 0; - } - - if (!CryptGenRandom(hCryptProv, (DWORD)size, buffer)) { - ERR_put_error( - ERR_LIB_RAND, 0, ERR_R_RAND_LIB, "osrandom_engine.py", 0 - ); - return 0; - } - return 1; -} - -static int osrandom_finish(ENGINE *e) { - if (CryptReleaseContext(hCryptProv, 0)) { - hCryptProv = 0; - return 1; - } else { - return 0; - } -} - -static int osrandom_rand_status(void) { - if (hCryptProv == 0) { - return 0; - } else { - return 1; - } -} -#else -static int urandom_fd = -1; - -static int osrandom_finish(ENGINE *e); - -static int osrandom_init(ENGINE *e) { - if (urandom_fd > -1) { - return 1; - } - urandom_fd = open("/dev/urandom", O_RDONLY); - if (urandom_fd > -1) { - int flags = fcntl(urandom_fd, F_GETFD); - if (flags == -1) { - osrandom_finish(e); - return 0; - } else if (fcntl(urandom_fd, F_SETFD, flags | FD_CLOEXEC) == -1) { - osrandom_finish(e); - return 0; - } - return 1; - } else { - return 0; - } -} - -static int osrandom_rand_bytes(unsigned char *buffer, int size) { - ssize_t n; - while (size > 0) { - do { - n = read(urandom_fd, buffer, (size_t)size); - } while (n < 0 && errno == EINTR); - if (n <= 0) { - ERR_put_error( - ERR_LIB_RAND, 0, ERR_R_RAND_LIB, "osrandom_engine.py", 0 - ); - return 0; - } - buffer += n; - size -= n; - } - return 1; -} - -static int osrandom_finish(ENGINE *e) { - int n; - do { - n = close(urandom_fd); - } while (n < 0 && errno == EINTR); - urandom_fd = -1; - if (n < 0) { - return 0; - } else { - return 1; - } -} - -static int osrandom_rand_status(void) { - if (urandom_fd == -1) { - return 0; - } else { - return 1; - } -} -#endif - -/* This replicates the behavior of the OpenSSL FIPS RNG, which returns a - -1 in the event that there is an error when calling RAND_pseudo_bytes. */ -static int osrandom_pseudo_rand_bytes(unsigned char *buffer, int size) { - int res = osrandom_rand_bytes(buffer, size); - if (res == 0) { - return -1; - } else { - return res; - } -} - -static RAND_METHOD osrandom_rand = { - NULL, - osrandom_rand_bytes, - NULL, - NULL, - osrandom_pseudo_rand_bytes, - osrandom_rand_status, -}; - -/* Returns 1 if successfully added, 2 if engine has previously been added, - and 0 for error. */ -int Cryptography_add_osrandom_engine(void) { - ENGINE *e; - e = ENGINE_by_id(Cryptography_osrandom_engine_id); - if (e != NULL) { - ENGINE_free(e); - return 2; - } else { - ERR_clear_error(); - } - - e = ENGINE_new(); - if (e == NULL) { - return 0; - } - if(!ENGINE_set_id(e, Cryptography_osrandom_engine_id) || - !ENGINE_set_name(e, Cryptography_osrandom_engine_name) || - !ENGINE_set_RAND(e, &osrandom_rand) || - !ENGINE_set_init_function(e, osrandom_init) || - !ENGINE_set_finish_function(e, osrandom_finish)) { - ENGINE_free(e); - return 0; - } - if (!ENGINE_add(e)) { - ENGINE_free(e); - return 0; - } - if (!ENGINE_free(e)) { - return 0; - } - - return 1; -} diff --git a/src/_cffi_src/openssl/src/osrandom_engine.h b/src/_cffi_src/openssl/src/osrandom_engine.h deleted file mode 100644 index 11a3159e..00000000 --- a/src/_cffi_src/openssl/src/osrandom_engine.h +++ /dev/null @@ -1,6 +0,0 @@ -#ifdef _WIN32 -#include -#else -#include -#include -#endif diff --git a/src/cryptography/hazmat/bindings/openssl/binding.py b/src/cryptography/hazmat/bindings/openssl/binding.py index 94751cf5..8e80aa60 100644 --- a/src/cryptography/hazmat/bindings/openssl/binding.py +++ b/src/cryptography/hazmat/bindings/openssl/binding.py @@ -42,12 +42,11 @@ class Binding(object): @classmethod def _register_osrandom_engine(cls): + if cls._retained: + return 2 def retain(it): cls._retained.append(it) return it - - if cls._rand_method is not None: - raise TypeError("no") method = cls.ffi.new("RAND_METHOD*") retain(method) method.seed = cls.ffi.NULL -- cgit v1.2.3 From d70c98d28effdc410d5ac773e0e461fb548a40e0 Mon Sep 17 00:00:00 2001 From: Glyph Date: Fri, 26 Jun 2015 23:09:46 -0700 Subject: pointer shenanigans apparently (?) ENGINE_by_id treats its ID as an opaque *pointer* key and not actually as a string, and while CPython's CFFI support seems to manage to preserve the pointer identity when using the same Python string, PyPy doesn't. Fix things to use a cffi-wrapped pointer again and tests pass on PyPy. --- src/cryptography/hazmat/bindings/openssl/binding.py | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'src') diff --git a/src/cryptography/hazmat/bindings/openssl/binding.py b/src/cryptography/hazmat/bindings/openssl/binding.py index 8e80aa60..eda23959 100644 --- a/src/cryptography/hazmat/bindings/openssl/binding.py +++ b/src/cryptography/hazmat/bindings/openssl/binding.py @@ -22,8 +22,8 @@ class Binding(object): _rand_method = None _init_lock = threading.Lock() _lock_init_lock = threading.Lock() - _osrandom_engine_id = b"osrandom" - _osrandom_engine_name = b"osrandom_engine" + _osrandom_engine_id = ffi.new("const char[]", b"osrandom") + _osrandom_engine_name = ffi.new("const char[]", b"osrandom_engine") _retained = [] def __init__(self): @@ -98,6 +98,7 @@ class Binding(object): and cls.lib.ENGINE_add(e)) if not cls.lib.ENGINE_free(e): return 0 + assert cls.lib.ENGINE_by_id(cls._osrandom_engine_id) != cls.ffi.NULL return result @classmethod -- cgit v1.2.3 From 79b291dcf6a263698d921b534d34bf63b5febfcf Mon Sep 17 00:00:00 2001 From: Glyph Date: Fri, 26 Jun 2015 23:12:09 -0700 Subject: lint --- src/cryptography/hazmat/bindings/openssl/binding.py | 1 + 1 file changed, 1 insertion(+) (limited to 'src') diff --git a/src/cryptography/hazmat/bindings/openssl/binding.py b/src/cryptography/hazmat/bindings/openssl/binding.py index eda23959..35ea4979 100644 --- a/src/cryptography/hazmat/bindings/openssl/binding.py +++ b/src/cryptography/hazmat/bindings/openssl/binding.py @@ -44,6 +44,7 @@ class Binding(object): def _register_osrandom_engine(cls): if cls._retained: return 2 + def retain(it): cls._retained.append(it) return it -- cgit v1.2.3 From add79c02c102f2874974bdec727c9733a48685cc Mon Sep 17 00:00:00 2001 From: Glyph Date: Fri, 26 Jun 2015 23:17:06 -0700 Subject: comply with C coding standard, for which there is no linter --- src/_cffi_src/openssl/engine.py | 14 +++++++------- src/cryptography/hazmat/bindings/openssl/binding.py | 4 ++-- 2 files changed, 9 insertions(+), 9 deletions(-) (limited to 'src') diff --git a/src/_cffi_src/openssl/engine.py b/src/_cffi_src/openssl/engine.py index bc5c1906..821c9235 100644 --- a/src/_cffi_src/openssl/engine.py +++ b/src/_cffi_src/openssl/engine.py @@ -12,12 +12,12 @@ TYPES = """ static const long Cryptography_HAS_ENGINE_CRYPTODEV; struct rand_meth_st { - void (*seed)(const void *buf, int num); - int (*bytes)(unsigned char *buf, int num); - void (*cleanup)(void); - void (*add)(const void *buf, int num, double entropy); - int (*pseudorand)(unsigned char *buf, int num); - int (*status)(void); + void (*seed)(const void *, int); + int (*bytes)(unsigned char *, int); + void (*cleanup)(); + void (*add)(const void *, int, double); + int (*pseudorand)(unsigned char *, int); + int (*status)(); }; typedef ... ENGINE; @@ -28,7 +28,7 @@ typedef ... ECDSA_METHOD; typedef ... DH_METHOD; typedef struct rand_meth_st RAND_METHOD; typedef ... STORE_METHOD; -typedef int(*ENGINE_GEN_INT_FUNC_PTR)(ENGINE*); +typedef int (*ENGINE_GEN_INT_FUNC_PTR)(ENGINE *); typedef ... *ENGINE_CTRL_FUNC_PTR; typedef ... *ENGINE_LOAD_KEY_PTR; typedef ... *ENGINE_CIPHERS_PTR; diff --git a/src/cryptography/hazmat/bindings/openssl/binding.py b/src/cryptography/hazmat/bindings/openssl/binding.py index 35ea4979..f85429d8 100644 --- a/src/cryptography/hazmat/bindings/openssl/binding.py +++ b/src/cryptography/hazmat/bindings/openssl/binding.py @@ -53,7 +53,7 @@ class Binding(object): method.seed = cls.ffi.NULL @retain - @cls.ffi.callback("int (*)(unsigned char *buf, int num)", error=0) + @cls.ffi.callback("int (*)(unsigned char *, int)", error=0) def osrandom_rand_bytes(buf, size): signed = cls.ffi.cast("char*", buf) result = os.urandom(size) @@ -61,7 +61,7 @@ class Binding(object): return 1 @retain - @cls.ffi.callback("int (*)(unsigned char *buf, int num)", error=0) + @cls.ffi.callback("int (*)(unsigned char *, int)", error=0) def osrandom_pseudo_rand_bytes(buf, size): result = osrandom_rand_bytes(buf, size) if result == 0: -- cgit v1.2.3 From 28e7d80faff025e2fa90ea69813fc73332387c25 Mon Sep 17 00:00:00 2001 From: Glyph Date: Sat, 27 Jun 2015 15:13:12 -0700 Subject: don't need the intermediary 'struct' declaration. --- src/_cffi_src/openssl/engine.py | 18 ++++++++---------- 1 file changed, 8 insertions(+), 10 deletions(-) (limited to 'src') diff --git a/src/_cffi_src/openssl/engine.py b/src/_cffi_src/openssl/engine.py index 821c9235..5079fd69 100644 --- a/src/_cffi_src/openssl/engine.py +++ b/src/_cffi_src/openssl/engine.py @@ -11,22 +11,20 @@ INCLUDES = """ TYPES = """ static const long Cryptography_HAS_ENGINE_CRYPTODEV; -struct rand_meth_st { - void (*seed)(const void *, int); - int (*bytes)(unsigned char *, int); - void (*cleanup)(); - void (*add)(const void *, int, double); - int (*pseudorand)(unsigned char *, int); - int (*status)(); -}; - typedef ... ENGINE; typedef ... RSA_METHOD; typedef ... DSA_METHOD; typedef ... ECDH_METHOD; typedef ... ECDSA_METHOD; typedef ... DH_METHOD; -typedef struct rand_meth_st RAND_METHOD; +typedef struct { + void (*seed)(const void *, int); + int (*bytes)(unsigned char *, int); + void (*cleanup)(); + void (*add)(const void *, int, double); + int (*pseudorand)(unsigned char *, int); + int (*status)(); +} RAND_METHOD; typedef ... STORE_METHOD; typedef int (*ENGINE_GEN_INT_FUNC_PTR)(ENGINE *); typedef ... *ENGINE_CTRL_FUNC_PTR; -- cgit v1.2.3 From e03e9aaf17d70f7a891920d91ac8b79a30c64282 Mon Sep 17 00:00:00 2001 From: Glyph Date: Sat, 27 Jun 2015 15:13:43 -0700 Subject: move everything to module scope; much simpler that way --- .../hazmat/bindings/openssl/binding.py | 125 ++++++++++----------- 1 file changed, 58 insertions(+), 67 deletions(-) (limited to 'src') diff --git a/src/cryptography/hazmat/bindings/openssl/binding.py b/src/cryptography/hazmat/bindings/openssl/binding.py index f85429d8..17dad4c1 100644 --- a/src/cryptography/hazmat/bindings/openssl/binding.py +++ b/src/cryptography/hazmat/bindings/openssl/binding.py @@ -9,6 +9,58 @@ import threading from cryptography.hazmat.bindings._openssl import ffi, lib +_osrandom_engine_id = ffi.new("const char[]", b"osrandom") +_osrandom_engine_name = ffi.new("const char[]", b"osrandom_engine") + +@ffi.callback("int (*)(unsigned char *, int)", error=0) +def osrandom_rand_bytes(buf, size): + signed = ffi.cast("char*", buf) + result = os.urandom(size) + signed[0:size] = result + return 1 + + +@ffi.callback("int (*)(unsigned char *, int)", error=0) +def osrandom_pseudo_rand_bytes(buf, size): + result = osrandom_rand_bytes(buf, size) + if result == 0: + return -1 + else: + return result + + +@ffi.callback("int (*)(void)") +def osrandom_rand_status(): + return 1 + + +def _register_osrandom_engine(): + looked_up_engine = lib.ENGINE_by_id(_osrandom_engine_id) + if looked_up_engine != ffi.NULL: + return 2 + + method = ffi.new( + "RAND_METHOD*", dict(bytes=osrandom_rand_bytes, + pseudorand=osrandom_pseudo_rand_bytes, + status=osrandom_rand_status) + ) + engine = lib.ENGINE_new() + try: + result = lib.ENGINE_set_id(engine, _osrandom_engine_id) + assert result == 1 + result = lib.ENGINE_set_name(engine, _osrandom_engine_name) + assert result == 1 + result = lib.ENGINE_set_RAND(engine, method) + assert result == 1 + result = lib.ENGINE_add(engine) + assert result == 1 + finally: + result = lib.ENGINE_free(engine) + assert result == 1 + looked_up_engine = lib.ENGINE_by_id(_osrandom_engine_id) + assert looked_up_engine != ffi.NULL + return 1 + class Binding(object): """ @@ -22,9 +74,11 @@ class Binding(object): _rand_method = None _init_lock = threading.Lock() _lock_init_lock = threading.Lock() - _osrandom_engine_id = ffi.new("const char[]", b"osrandom") - _osrandom_engine_name = ffi.new("const char[]", b"osrandom_engine") - _retained = [] + + # aliases for the convenience of tests. + _osrandom_engine_id = _osrandom_engine_id + _osrandom_engine_name = _osrandom_engine_name + _register_osrandom_engine = staticmethod(_register_osrandom_engine) def __init__(self): self._ensure_ffi_initialized() @@ -37,70 +91,7 @@ class Binding(object): with cls._init_lock: if not cls._lib_loaded: cls._lib_loaded = True - res = cls._register_osrandom_engine() - assert res != 0 - - @classmethod - def _register_osrandom_engine(cls): - if cls._retained: - return 2 - - def retain(it): - cls._retained.append(it) - return it - method = cls.ffi.new("RAND_METHOD*") - retain(method) - method.seed = cls.ffi.NULL - - @retain - @cls.ffi.callback("int (*)(unsigned char *, int)", error=0) - def osrandom_rand_bytes(buf, size): - signed = cls.ffi.cast("char*", buf) - result = os.urandom(size) - signed[0:size] = result - return 1 - - @retain - @cls.ffi.callback("int (*)(unsigned char *, int)", error=0) - def osrandom_pseudo_rand_bytes(buf, size): - result = osrandom_rand_bytes(buf, size) - if result == 0: - return -1 - else: - return result - - @retain - @cls.ffi.callback("int (*)(void)", error=0) - def osrandom_rand_status(): - return 1 - - @retain - @cls.ffi.callback("ENGINE_GEN_INT_FUNC_PTR", error=0) - def osrandom_init(engine): - return 1 - - @retain - @cls.ffi.callback("ENGINE_GEN_INT_FUNC_PTR", error=0) - def osrandom_finish(engine): - return 1 - - method.bytes = osrandom_rand_bytes - method.cleanup = cls.ffi.NULL - method.add = cls.ffi.NULL - method.pseudorand = osrandom_pseudo_rand_bytes - method.status = osrandom_rand_status - - e = cls.lib.ENGINE_new() - result = (cls.lib.ENGINE_set_id(e, cls._osrandom_engine_id) - and cls.lib.ENGINE_set_name(e, cls._osrandom_engine_name) - and cls.lib.ENGINE_set_RAND(e, method) - and cls.lib.ENGINE_set_init_function(e, osrandom_init) - and cls.lib.ENGINE_set_finish_function(e, osrandom_finish) - and cls.lib.ENGINE_add(e)) - if not cls.lib.ENGINE_free(e): - return 0 - assert cls.lib.ENGINE_by_id(cls._osrandom_engine_id) != cls.ffi.NULL - return result + _register_osrandom_engine() @classmethod def init_static_locks(cls): -- cgit v1.2.3 From dd53a5b216ac45620e7eee0c5a70e9dbfa33d08d Mon Sep 17 00:00:00 2001 From: Glyph Date: Sat, 27 Jun 2015 15:16:25 -0700 Subject: also retain method with a global reference --- src/cryptography/hazmat/bindings/openssl/binding.py | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) (limited to 'src') diff --git a/src/cryptography/hazmat/bindings/openssl/binding.py b/src/cryptography/hazmat/bindings/openssl/binding.py index 17dad4c1..d3999959 100644 --- a/src/cryptography/hazmat/bindings/openssl/binding.py +++ b/src/cryptography/hazmat/bindings/openssl/binding.py @@ -34,16 +34,18 @@ def osrandom_rand_status(): return 1 +method = ffi.new( + "RAND_METHOD*", dict(bytes=osrandom_rand_bytes, + pseudorand=osrandom_pseudo_rand_bytes, + status=osrandom_rand_status) +) + + def _register_osrandom_engine(): looked_up_engine = lib.ENGINE_by_id(_osrandom_engine_id) if looked_up_engine != ffi.NULL: return 2 - method = ffi.new( - "RAND_METHOD*", dict(bytes=osrandom_rand_bytes, - pseudorand=osrandom_pseudo_rand_bytes, - status=osrandom_rand_status) - ) engine = lib.ENGINE_new() try: result = lib.ENGINE_set_id(engine, _osrandom_engine_id) -- cgit v1.2.3 From 885d688aae732042034fed4c7cab5dd6a70c6c26 Mon Sep 17 00:00:00 2001 From: Glyph Date: Sat, 27 Jun 2015 15:40:52 -0700 Subject: bind ERR_clear_error --- src/_cffi_src/openssl/err.py | 1 + 1 file changed, 1 insertion(+) (limited to 'src') diff --git a/src/_cffi_src/openssl/err.py b/src/_cffi_src/openssl/err.py index 0ee19c9e..eebf19ba 100644 --- a/src/_cffi_src/openssl/err.py +++ b/src/_cffi_src/openssl/err.py @@ -251,6 +251,7 @@ unsigned long ERR_peek_error_line(const char **, int *); unsigned long ERR_peek_last_error_line(const char **, int *); unsigned long ERR_get_error_line_data(const char **, int *, const char **, int *); +void ERR_clear_error(void); unsigned long ERR_peek_error_line_data(const char **, int *, const char **, int *); unsigned long ERR_peek_last_error_line_data(const char **, -- cgit v1.2.3 From c1d04467fdc58e4f97e7768f77706ac4c8099c42 Mon Sep 17 00:00:00 2001 From: Glyph Date: Sat, 27 Jun 2015 15:41:08 -0700 Subject: clear the error queue make sure we're not in an error state when we start, because then all bets are off and we might consume an error we didn't cause. then clear the error queue, which restores the behavior of the way the C module was previously checking for existence of its engine. --- src/cryptography/hazmat/bindings/openssl/binding.py | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'src') diff --git a/src/cryptography/hazmat/bindings/openssl/binding.py b/src/cryptography/hazmat/bindings/openssl/binding.py index d3999959..1fb7478d 100644 --- a/src/cryptography/hazmat/bindings/openssl/binding.py +++ b/src/cryptography/hazmat/bindings/openssl/binding.py @@ -42,10 +42,14 @@ method = ffi.new( def _register_osrandom_engine(): + assert lib.ERR_peek_error() == 0 looked_up_engine = lib.ENGINE_by_id(_osrandom_engine_id) if looked_up_engine != ffi.NULL: + assert lib.ERR_peek_error() == 0 return 2 + lib.ERR_clear_error() + engine = lib.ENGINE_new() try: result = lib.ENGINE_set_id(engine, _osrandom_engine_id) -- cgit v1.2.3 From 4e9b7d852e79769c2d51396ed747f63b85cefb29 Mon Sep 17 00:00:00 2001 From: Glyph Date: Sat, 27 Jun 2015 18:33:27 -0700 Subject: coding standard --- src/cryptography/hazmat/bindings/openssl/binding.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'src') diff --git a/src/cryptography/hazmat/bindings/openssl/binding.py b/src/cryptography/hazmat/bindings/openssl/binding.py index 1fb7478d..27c70745 100644 --- a/src/cryptography/hazmat/bindings/openssl/binding.py +++ b/src/cryptography/hazmat/bindings/openssl/binding.py @@ -12,9 +12,10 @@ from cryptography.hazmat.bindings._openssl import ffi, lib _osrandom_engine_id = ffi.new("const char[]", b"osrandom") _osrandom_engine_name = ffi.new("const char[]", b"osrandom_engine") + @ffi.callback("int (*)(unsigned char *, int)", error=0) def osrandom_rand_bytes(buf, size): - signed = ffi.cast("char*", buf) + signed = ffi.cast("char *", buf) result = os.urandom(size) signed[0:size] = result return 1 -- cgit v1.2.3 From eb8059d7bd4abc11a14bdf149812057d505a2685 Mon Sep 17 00:00:00 2001 From: Glyph Date: Sat, 27 Jun 2015 18:38:02 -0700 Subject: unnecessary belt-and-suspenders error checking --- src/cryptography/hazmat/bindings/openssl/binding.py | 2 -- 1 file changed, 2 deletions(-) (limited to 'src') diff --git a/src/cryptography/hazmat/bindings/openssl/binding.py b/src/cryptography/hazmat/bindings/openssl/binding.py index 27c70745..727522a3 100644 --- a/src/cryptography/hazmat/bindings/openssl/binding.py +++ b/src/cryptography/hazmat/bindings/openssl/binding.py @@ -64,8 +64,6 @@ def _register_osrandom_engine(): finally: result = lib.ENGINE_free(engine) assert result == 1 - looked_up_engine = lib.ENGINE_by_id(_osrandom_engine_id) - assert looked_up_engine != ffi.NULL return 1 -- cgit v1.2.3 From 1e3ffe10719ef8eeeda0df79aa3e708400f7028a Mon Sep 17 00:00:00 2001 From: Glyph Date: Sat, 27 Jun 2015 18:41:16 -0700 Subject: handle previous registration by raising RuntimeError --- src/cryptography/hazmat/bindings/openssl/binding.py | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) (limited to 'src') diff --git a/src/cryptography/hazmat/bindings/openssl/binding.py b/src/cryptography/hazmat/bindings/openssl/binding.py index 727522a3..be9904a2 100644 --- a/src/cryptography/hazmat/bindings/openssl/binding.py +++ b/src/cryptography/hazmat/bindings/openssl/binding.py @@ -46,8 +46,7 @@ def _register_osrandom_engine(): assert lib.ERR_peek_error() == 0 looked_up_engine = lib.ENGINE_by_id(_osrandom_engine_id) if looked_up_engine != ffi.NULL: - assert lib.ERR_peek_error() == 0 - return 2 + raise RuntimeError("osrandom engine already registered") lib.ERR_clear_error() @@ -64,7 +63,6 @@ def _register_osrandom_engine(): finally: result = lib.ENGINE_free(engine) assert result == 1 - return 1 class Binding(object): -- cgit v1.2.3 From 3abff3a85ce23577e914b2132795ae1b0ff0a684 Mon Sep 17 00:00:00 2001 From: Glyph Date: Sat, 27 Jun 2015 18:43:45 -0700 Subject: nothing pseudo about it --- src/cryptography/hazmat/bindings/openssl/binding.py | 13 ++----------- 1 file changed, 2 insertions(+), 11 deletions(-) (limited to 'src') diff --git a/src/cryptography/hazmat/bindings/openssl/binding.py b/src/cryptography/hazmat/bindings/openssl/binding.py index be9904a2..dd26fe1b 100644 --- a/src/cryptography/hazmat/bindings/openssl/binding.py +++ b/src/cryptography/hazmat/bindings/openssl/binding.py @@ -13,7 +13,7 @@ _osrandom_engine_id = ffi.new("const char[]", b"osrandom") _osrandom_engine_name = ffi.new("const char[]", b"osrandom_engine") -@ffi.callback("int (*)(unsigned char *, int)", error=0) +@ffi.callback("int (*)(unsigned char *, int)", error=-1) def osrandom_rand_bytes(buf, size): signed = ffi.cast("char *", buf) result = os.urandom(size) @@ -21,15 +21,6 @@ def osrandom_rand_bytes(buf, size): return 1 -@ffi.callback("int (*)(unsigned char *, int)", error=0) -def osrandom_pseudo_rand_bytes(buf, size): - result = osrandom_rand_bytes(buf, size) - if result == 0: - return -1 - else: - return result - - @ffi.callback("int (*)(void)") def osrandom_rand_status(): return 1 @@ -37,7 +28,7 @@ def osrandom_rand_status(): method = ffi.new( "RAND_METHOD*", dict(bytes=osrandom_rand_bytes, - pseudorand=osrandom_pseudo_rand_bytes, + pseudorand=osrandom_rand_bytes, status=osrandom_rand_status) ) -- cgit v1.2.3 From 3c7164a9528b0058721d139adc4da89c2efe2936 Mon Sep 17 00:00:00 2001 From: Glyph Date: Sat, 27 Jun 2015 18:48:51 -0700 Subject: space before star --- src/cryptography/hazmat/bindings/openssl/binding.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'src') diff --git a/src/cryptography/hazmat/bindings/openssl/binding.py b/src/cryptography/hazmat/bindings/openssl/binding.py index dd26fe1b..9ceabf48 100644 --- a/src/cryptography/hazmat/bindings/openssl/binding.py +++ b/src/cryptography/hazmat/bindings/openssl/binding.py @@ -27,9 +27,9 @@ def osrandom_rand_status(): method = ffi.new( - "RAND_METHOD*", dict(bytes=osrandom_rand_bytes, - pseudorand=osrandom_rand_bytes, - status=osrandom_rand_status) + "RAND_METHOD *", + dict(bytes=osrandom_rand_bytes, pseudorand=osrandom_rand_bytes, + status=osrandom_rand_status) ) -- cgit v1.2.3 From 678e5e336efa0acc4c69854439c804b9c7a6fcdc Mon Sep 17 00:00:00 2001 From: Glyph Date: Sat, 27 Jun 2015 18:50:34 -0700 Subject: consistency about underscores and prefixes --- src/cryptography/hazmat/bindings/openssl/binding.py | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) (limited to 'src') diff --git a/src/cryptography/hazmat/bindings/openssl/binding.py b/src/cryptography/hazmat/bindings/openssl/binding.py index 9ceabf48..b885017a 100644 --- a/src/cryptography/hazmat/bindings/openssl/binding.py +++ b/src/cryptography/hazmat/bindings/openssl/binding.py @@ -14,7 +14,7 @@ _osrandom_engine_name = ffi.new("const char[]", b"osrandom_engine") @ffi.callback("int (*)(unsigned char *, int)", error=-1) -def osrandom_rand_bytes(buf, size): +def _osrandom_rand_bytes(buf, size): signed = ffi.cast("char *", buf) result = os.urandom(size) signed[0:size] = result @@ -22,14 +22,14 @@ def osrandom_rand_bytes(buf, size): @ffi.callback("int (*)(void)") -def osrandom_rand_status(): +def _osrandom_rand_status(): return 1 -method = ffi.new( +_osrandom_method = ffi.new( "RAND_METHOD *", - dict(bytes=osrandom_rand_bytes, pseudorand=osrandom_rand_bytes, - status=osrandom_rand_status) + dict(bytes=_osrandom_rand_bytes, pseudorand=_osrandom_rand_bytes, + status=_osrandom_rand_status) ) @@ -47,7 +47,7 @@ def _register_osrandom_engine(): assert result == 1 result = lib.ENGINE_set_name(engine, _osrandom_engine_name) assert result == 1 - result = lib.ENGINE_set_RAND(engine, method) + result = lib.ENGINE_set_RAND(engine, _osrandom_method) assert result == 1 result = lib.ENGINE_add(engine) assert result == 1 -- cgit v1.2.3 From 3af7e26efa2903c6c194a1cc30aafa521c2c5ac7 Mon Sep 17 00:00:00 2001 From: Glyph Date: Sat, 27 Jun 2015 18:53:44 -0700 Subject: dead code --- src/cryptography/hazmat/bindings/openssl/binding.py | 1 - 1 file changed, 1 deletion(-) (limited to 'src') diff --git a/src/cryptography/hazmat/bindings/openssl/binding.py b/src/cryptography/hazmat/bindings/openssl/binding.py index b885017a..3df423dd 100644 --- a/src/cryptography/hazmat/bindings/openssl/binding.py +++ b/src/cryptography/hazmat/bindings/openssl/binding.py @@ -65,7 +65,6 @@ class Binding(object): _lib_loaded = False _locks = None _lock_cb_handle = None - _rand_method = None _init_lock = threading.Lock() _lock_init_lock = threading.Lock() -- cgit v1.2.3 From 9ad8a9443323c6702bc3e7a4d0afe0c4d400ab84 Mon Sep 17 00:00:00 2001 From: Glyph Date: Sat, 27 Jun 2015 19:03:34 -0700 Subject: shuffle everything back onto the class --- .../hazmat/bindings/openssl/binding.py | 95 ++++++++++------------ 1 file changed, 45 insertions(+), 50 deletions(-) (limited to 'src') diff --git a/src/cryptography/hazmat/bindings/openssl/binding.py b/src/cryptography/hazmat/bindings/openssl/binding.py index 3df423dd..aa072b4c 100644 --- a/src/cryptography/hazmat/bindings/openssl/binding.py +++ b/src/cryptography/hazmat/bindings/openssl/binding.py @@ -9,52 +9,6 @@ import threading from cryptography.hazmat.bindings._openssl import ffi, lib -_osrandom_engine_id = ffi.new("const char[]", b"osrandom") -_osrandom_engine_name = ffi.new("const char[]", b"osrandom_engine") - - -@ffi.callback("int (*)(unsigned char *, int)", error=-1) -def _osrandom_rand_bytes(buf, size): - signed = ffi.cast("char *", buf) - result = os.urandom(size) - signed[0:size] = result - return 1 - - -@ffi.callback("int (*)(void)") -def _osrandom_rand_status(): - return 1 - - -_osrandom_method = ffi.new( - "RAND_METHOD *", - dict(bytes=_osrandom_rand_bytes, pseudorand=_osrandom_rand_bytes, - status=_osrandom_rand_status) -) - - -def _register_osrandom_engine(): - assert lib.ERR_peek_error() == 0 - looked_up_engine = lib.ENGINE_by_id(_osrandom_engine_id) - if looked_up_engine != ffi.NULL: - raise RuntimeError("osrandom engine already registered") - - lib.ERR_clear_error() - - engine = lib.ENGINE_new() - try: - result = lib.ENGINE_set_id(engine, _osrandom_engine_id) - assert result == 1 - result = lib.ENGINE_set_name(engine, _osrandom_engine_name) - assert result == 1 - result = lib.ENGINE_set_RAND(engine, _osrandom_method) - assert result == 1 - result = lib.ENGINE_add(engine) - assert result == 1 - finally: - result = lib.ENGINE_free(engine) - assert result == 1 - class Binding(object): """ @@ -69,13 +23,54 @@ class Binding(object): _lock_init_lock = threading.Lock() # aliases for the convenience of tests. - _osrandom_engine_id = _osrandom_engine_id - _osrandom_engine_name = _osrandom_engine_name - _register_osrandom_engine = staticmethod(_register_osrandom_engine) + _osrandom_engine_id = ffi.new("const char[]", b"osrandom") + _osrandom_engine_name = ffi.new("const char[]", b"osrandom_engine") def __init__(self): self._ensure_ffi_initialized() + @ffi.callback("int (*)(unsigned char *, int)", error=-1) + @staticmethod + def _osrandom_rand_bytes(buf, size): + signed = ffi.cast("char *", buf) + result = os.urandom(size) + signed[0:size] = result + return 1 + + @ffi.callback("int (*)(void)") + @staticmethod + def _osrandom_rand_status(): + return 1 + + _osrandom_method = ffi.new( + "RAND_METHOD *", + dict(bytes=_osrandom_rand_bytes, pseudorand=_osrandom_rand_bytes, + status=_osrandom_rand_status) + ) + + @classmethod + def _register_osrandom_engine(cls): + assert cls.lib.ERR_peek_error() == 0 + looked_up_engine = cls.lib.ENGINE_by_id(cls._osrandom_engine_id) + if looked_up_engine != ffi.NULL: + raise RuntimeError("osrandom engine already registered") + + cls.lib.ERR_clear_error() + + engine = cls.lib.ENGINE_new() + try: + result = cls.lib.ENGINE_set_id(engine, cls._osrandom_engine_id) + assert result == 1 + result = cls.lib.ENGINE_set_name(engine, cls._osrandom_engine_name) + assert result == 1 + result = cls.lib.ENGINE_set_RAND(engine, cls._osrandom_method) + assert result == 1 + result = cls.lib.ENGINE_add(engine) + assert result == 1 + finally: + result = cls.lib.ENGINE_free(engine) + assert result == 1 + @classmethod def _ensure_ffi_initialized(cls): if cls._lib_loaded: @@ -84,7 +79,7 @@ class Binding(object): with cls._init_lock: if not cls._lib_loaded: cls._lib_loaded = True - _register_osrandom_engine() + cls._register_osrandom_engine() @classmethod def init_static_locks(cls): -- cgit v1.2.3 From 9f6d7b53470f19410aaf9cbeca773cc2f582a546 Mon Sep 17 00:00:00 2001 From: Glyph Date: Sat, 27 Jun 2015 19:06:17 -0700 Subject: do the hokey pokey you put the functions in, you take the functions out, you make the linter work, and you shake it all about --- .../hazmat/bindings/openssl/binding.py | 26 +++++++++++----------- 1 file changed, 13 insertions(+), 13 deletions(-) (limited to 'src') diff --git a/src/cryptography/hazmat/bindings/openssl/binding.py b/src/cryptography/hazmat/bindings/openssl/binding.py index aa072b4c..7943962f 100644 --- a/src/cryptography/hazmat/bindings/openssl/binding.py +++ b/src/cryptography/hazmat/bindings/openssl/binding.py @@ -10,6 +10,19 @@ import threading from cryptography.hazmat.bindings._openssl import ffi, lib +@ffi.callback("int (*)(unsigned char *, int)", error=-1) +def _osrandom_rand_bytes(buf, size): + signed = ffi.cast("char *", buf) + result = os.urandom(size) + signed[0:size] = result + return 1 + + +@ffi.callback("int (*)(void)") +def _osrandom_rand_status(): + return 1 + + class Binding(object): """ OpenSSL API wrapper. @@ -29,19 +42,6 @@ class Binding(object): def __init__(self): self._ensure_ffi_initialized() - @ffi.callback("int (*)(unsigned char *, int)", error=-1) - @staticmethod - def _osrandom_rand_bytes(buf, size): - signed = ffi.cast("char *", buf) - result = os.urandom(size) - signed[0:size] = result - return 1 - - @ffi.callback("int (*)(void)") - @staticmethod - def _osrandom_rand_status(): - return 1 - _osrandom_method = ffi.new( "RAND_METHOD *", dict(bytes=_osrandom_rand_bytes, pseudorand=_osrandom_rand_bytes, -- cgit v1.2.3 From 60b6b884ce0c1c7ad90de65bc7539459bda332a4 Mon Sep 17 00:00:00 2001 From: Glyph Date: Sat, 27 Jun 2015 19:10:39 -0700 Subject: comment on longer correct - not aliases any more also group all the class-level variables together for style points --- src/cryptography/hazmat/bindings/openssl/binding.py | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) (limited to 'src') diff --git a/src/cryptography/hazmat/bindings/openssl/binding.py b/src/cryptography/hazmat/bindings/openssl/binding.py index 7943962f..5aa731e4 100644 --- a/src/cryptography/hazmat/bindings/openssl/binding.py +++ b/src/cryptography/hazmat/bindings/openssl/binding.py @@ -35,19 +35,17 @@ class Binding(object): _init_lock = threading.Lock() _lock_init_lock = threading.Lock() - # aliases for the convenience of tests. _osrandom_engine_id = ffi.new("const char[]", b"osrandom") _osrandom_engine_name = ffi.new("const char[]", b"osrandom_engine") - - def __init__(self): - self._ensure_ffi_initialized() - _osrandom_method = ffi.new( "RAND_METHOD *", dict(bytes=_osrandom_rand_bytes, pseudorand=_osrandom_rand_bytes, status=_osrandom_rand_status) ) + def __init__(self): + self._ensure_ffi_initialized() + @classmethod def _register_osrandom_engine(cls): assert cls.lib.ERR_peek_error() == 0 -- cgit v1.2.3 From b7c6aafe2eb8c9684e5ffd69380e0f831c430fd9 Mon Sep 17 00:00:00 2001 From: Glyph Date: Sat, 27 Jun 2015 20:36:35 -0700 Subject: the assertier the merrier --- src/cryptography/hazmat/bindings/openssl/binding.py | 1 + 1 file changed, 1 insertion(+) (limited to 'src') diff --git a/src/cryptography/hazmat/bindings/openssl/binding.py b/src/cryptography/hazmat/bindings/openssl/binding.py index 5aa731e4..b7178bb2 100644 --- a/src/cryptography/hazmat/bindings/openssl/binding.py +++ b/src/cryptography/hazmat/bindings/openssl/binding.py @@ -56,6 +56,7 @@ class Binding(object): cls.lib.ERR_clear_error() engine = cls.lib.ENGINE_new() + assert engine != cls.ffi.NULL try: result = cls.lib.ENGINE_set_id(engine, cls._osrandom_engine_id) assert result == 1 -- cgit v1.2.3