On Jun 23, 2016, at 11:27 PM, Victor Stinner wrote:
Alternative ===========
Leave os.urandom() unchanged, add os.getrandom() ------------------------------------------------
os.urandom() remains unchanged: never block, but it can return weak entropy if system urandom is not initialized yet.
A new ``os.getrandom()`` function is added: thin wrapper to the ``getrandom()`` syscall.
Expected usage to write portable code::
def my_random(n): if hasattr(os, 'getrandom'): return os.getrandom(n, 0) return os.urandom(n)
I would actually expect that this would be handled in the secrets module, so the recommendation would be that most users wouldn't use os.urandom() or os.getrandom() unless they specifically wanted the low-level functions and knew what they were doing. Thus, "expected usage to write portable code" would be to use secrets.token_bytes(). Other than that, thanks for adding this alternative. Cheers, -Barry