[Python-Dev] [Python-checkins] cpython: Issue #12049: Add RAND_bytes() and RAND_pseudo_bytes() functions to the ssl
Petri Lehtinen
petri at digip.org
Wed May 25 12:58:52 CEST 2011
Eric Smith wrote:
> > Victor Stinner wrote:
> >> I already patched the doc of the random module to add a security
> >> warning. Well, you don't really need to know how a CSPRNG is
> >> implemented, just that random cannot be used for security and that
> >> ssl.RAND_bytes() raises an error if was seeded with enough data.
> >>
> >> Tell me if my warning is not clear:
> >>
> >> .. warning::
> >>
> >> The generators of the :mod:`random` module should not be used for
> >> security purposes, they are not cryptographic. Use ssl.RAND_bytes()
> >> if you require a cryptographically secure pseudorandom number
> >> generator.
> >
> > Looks good to me. Regarding style, you should probably make a link,
> > like :func:`ssl.RAND_bytes()`.
>
> Does "are not cryptographic" have any meaning? (I'm not an expert, just
> not sure). Should it not be "cryptographically secure", to match the next
> sentence?
Or just remove ", they are not cryptographic" altogether?
More information about the Python-Dev
mailing list