On 22 September 2015 at 18:26, Jonas Wielicki <j.wielicki@sotecware.net> wrote:
On 20.09.2015 02:27, Chris Angelico wrote:
My personal preference for shed colour: token_bytes returns a bytestring, its length being the number provided. All the others return Unicode strings, their lengths again being the number provided. So they're all text bar the one that explicitly says it's in bytes.
My personal preference would be for the number of bytes to rather reflect the entropy in the result. This would be a safer use when migrating from using e.g. token_url to token_alpha with the base32 alphabet [1], for example because you want to have better readable tokens.
This isn't something to decide by personal preference, it's something to be decide by considering the consequences of someone misunderstanding the API and not noticing that the result isn't what they expected. Scenario 1: API specifies bytes of entropy Consequence of misunderstanding: result is twice as long as expected, with more entropy than expected Scenario 2: API specifies length of result Consequence of misunderstanding: result is half as long as expected, with less entropy than expected Scenario 1 fails safe, scenario 2 doesn't, so for the APIs that are just reversible data transforms around os.urandom, it makes the most sense to specify the number of bytes of entropy you want. Building a password from an alphabet is different, as that involves repeated applications of secrets.choice() to the given alphabet, so you need to specify the result length directly. Cheers, Nick. -- Nick Coghlan | ncoghlan@gmail.com | Brisbane, Australia