OK.  My understanding is that Guido ruled out introducing an os.getrandom() API in 3.5.2.  But would you be happy if that interface is added to 3.6? 

It feels to me like the correct spelling in 3.6 should probably be secrets.getrandom() or something related to that.

On Fri, Jun 10, 2016 at 11:55 AM, Donald Stufft <donald@stufft.io> wrote:
Ok, so you’re looking for how would you replicate the blocking behavior of os.urandom that exists in 3.5.0 and 3.5.1?

In that case, it’s hard. I don’t think linux provides any way to externally determine if /dev/urandom has been initialized or not. Probably the easiest thing to do would be to interface with the getrandom() function using a c-ext, CFFI, or ctypes. If you’re looking for a way of doing this without calling the getrandom() function.. I believe the answer is you can’t.

The closest thing you can get is checking the /proc/sys/kernel/random/entropy_avail file, but that tells you how much entropy the system currently thinks it has (which will go up and down over time) and corresponds to /dev/random on Linux not /dev/urandom.

You could read from /dev/random, but that’s going to randomly block outside of the pool initialization whenever the kernel things it doesn’t have enough entropy. Cryptographers and security experts alike consider this to be pretty stupid behavior and don’t recommend using it because of this “randomly block throughout the use of your application” behavior.

So really, out of the recommended solutions you really only have find a way to interface with the getrandom() function, or just consume /dev/urandom and hope it’s been initialized.


On Jun 10, 2016, at 2:43 PM, David Mertz <mertz@gnosis.cx> wrote:

My hypothetical is "Ensure good random bits (on Python 3.5.2 and Linux), and block rather than allow bad bits."

I'm not quite sure I understand all of your question, Donald.  On Python 3.4—and by BDFL declaration on 3.5.2—os.urandom() *will not* block, although it might on 3.5.1.

On Fri, Jun 10, 2016 at 11:33 AM, Donald Stufft <donald@stufft.io> wrote:

On Jun 10, 2016, at 2:29 PM, David Mertz <mertz@gnosis.cx> wrote:

If I *were* someone who needed to write a Linux system initialization script using Python 3.5.2, what would the code look like.  I think for this use case, requiring something with a little bit of "code smell" is fine, but I kinda hope it exists at all.

Do you mean if os.urandom blocked and you wanted to call os.urandom from your boot script? Or if os.urandom doesn’t block and you wanted to ensure you got good random numbers on boot?


Donald Stufft






-- 
Keeping medicines from the bloodstreams of the sick; food 
from the bellies of the hungry; books from the hands of the 
uneducated; technology from the underdeveloped; and putting 
advocates of freedom in prisons.  Intellectual property is
to the 21st century what the slave trade was to the 16th.



Donald Stufft






--
Keeping medicines from the bloodstreams of the sick; food
from the bellies of the hungry; books from the hands of the
uneducated; technology from the underdeveloped; and putting
advocates of freedom in prisons.  Intellectual property is
to the 21st century what the slave trade was to the 16th.