def configure_trng(config): """Initialize the true entropy source from a given Config object. If none is provided, tries some sane defaults.""" global _TRNG_FILENAME global _theTrueRNG if sys.platform == 'win32': # We have two entropy sources on windows: openssl's built-in # entropy generator that takes data from the screen, and # Windows's CryptGenRandom function. Because the former is # insecure, and the latter is closed-source, we xor them. _ml.win32_openssl_seed() _ml.openssl_seed(_ml.win32_get_random_bytes(32)) _theTrueRNG = _XorRNG(_OpensslRNG(), _WinTrueRNG()) return if config is not None: requestedFile = config['Host'].get('EntropySource') else: requestedFile = None # Build a list of candidates defaults = PLATFORM_TRNG_DEFAULTS.get(sys.platform, PLATFORM_TRNG_DEFAULTS['***']) files = [requestedFile] + defaults # Now find the first of our candidates that exists and is a character # device. randFile = None for filename in files: if filename is None: continue verbose = (filename == requestedFile) if not os.path.exists(filename): if verbose: log.warn("No such file as %s", filename) else: st = os.stat(filename) if not (st[stat.ST_MODE] & stat.S_IFCHR): if verbose: log.error("Entropy source %s isn't a character device", filename) else: randFile = filename break if randFile is None and _TRNG_FILENAME is None: log.critical("No entropy source available: Tried all of %s", files) raise MixFatalError("No entropy source available") elif randFile is None: log.warn("Falling back to previous entropy source %s", _TRNG_FILENAME) else: log.info("Setting entropy source to %r", randFile) _TRNG_FILENAME = randFile _theTrueRNG = _TrueRNG(1024)
def configure_trng(config): """Initialize the true entropy source from a given Config object. If none is provided, tries some sane defaults.""" global _TRNG_FILENAME global _theTrueRNG if sys.platform == 'win32': # We have two entropy sources on windows: openssl's built-in # entropy generator that takes data from the screen, and # Windows's CryptGenRandom function. Because the former is # insecure, and the latter is closed-source, we xor them. _ml.win32_openssl_seed() _ml.openssl_seed(_ml.win32_get_random_bytes(32)) _theTrueRNG = _XorRNG(_OpensslRNG(), _WinTrueRNG()) return if config is not None: requestedFile = config['Host'].get('EntropySource') else: requestedFile = None # Build a list of candidates defaults = PLATFORM_TRNG_DEFAULTS.get(sys.platform, PLATFORM_TRNG_DEFAULTS['***']) files = [requestedFile] + defaults # Now find the first of our candidates that exists and is a character # device. randFile = None for filename in files: if filename is None: continue verbose = (filename == requestedFile) if not os.path.exists(filename): if verbose: LOG.warn("No such file as %s", filename) else: st = os.stat(filename) if not (st[stat.ST_MODE] & stat.S_IFCHR): if verbose: LOG.error("Entropy source %s isn't a character device", filename) else: randFile = filename break if randFile is None and _TRNG_FILENAME is None: LOG.fatal("No entropy source available: Tried all of %s", files) raise MixFatalError("No entropy source available") elif randFile is None: LOG.warn("Falling back to previous entropy source %s", _TRNG_FILENAME) else: LOG.info("Setting entropy source to %r", randFile) _TRNG_FILENAME = randFile _theTrueRNG = _TrueRNG(1024)
def _prng(self, n): return _ml.win32_get_random_bytes(n)