Itamar S.-T. itamarst at YAHOO.COM
Fri Sep 21 12:44:30 CEST 2001

Hi everyone,

There is a need for a standard API for getting random
data to be used in cryptographic applications.

1) Random sources may rely on other such sources for
an initial seed. Therefore basic sources should be
built upon which more complex sources may be built.
2) Some sources may not be available on certain
platforms (/dev/urandom is not available on Windows).

This is my suggestion:

Each module implementing a source of random data must
provide two functions - new() and available(). The
arguments they get are determined by each module,
except that new() and available() must both accept the
same arguments.

available() returns a boolean telling us if this
source can be used or not. If the result is false the
output of new() is undefined.

new() returns an object, which has at least single
method, read(bytes). read() accepts one argument, an
integer, and returns a string of this length. The
object returned by new() may optionally have other
methods as well.
Should there be a meta-API allowing the user to get
the strongest available source?

For example, a source that reads from a file:

import os.path

class FileSource:
    def __init__(self, path):
        self.f = open(path, "rb")

    def read(self, bytes):
        return self.f.read(bytes)

def available(file="/dev/urandom"):
    return os.path.exists(file)

def new(file="/dev/urandom"):
    return FileSource(file)

Itamar Shtull-Trauring, itamar(at)shtull-trauring.org

Terrorist Attacks on U.S. - How can you help?
Donate cash, emergency relief information

More information about the python-crypto mailing list