[Python-Dev] BDFL ruling request: should we block forever waiting for high-quality random bits?
Guido van Rossum
guido at python.org
Fri Jun 10 00:28:18 EDT 2016
So secrets.py needs an upgrade; it currently uses random.SysRandom.
On Thursday, June 9, 2016, Tim Peters <tim.peters at gmail.com> wrote:
> [Nikolaus Rath]
> >> Aeh, what the tin says is "return random bytes".
> [Larry Hastings]
> > What the tin says is "urandom", which has local man pages that dictate
> > exactly how it behaves. On Linux the "urandom" man page says:
> > A read from the /dev/urandom device will not block waiting for more
> > If there is not sufficient entropy, a pseudorandom number generator
> is used
> > to create the requested bytes.
> > os.urandom() needs to behave like that on Linux, which is how it behaved
> > Python 2.4 through 3.4.
> I agree (with Larry). If the change hadn't already been made, nobody
> would get anywhere trying to make it now. So best to pretend it was
> never made to begin with ;-)
> The tin that _will_ say "return random bytes" in Python will
> be`secrets.token_bytes()`. That's self-evidently (to me) where the
> "possibly block forever" implementation belongs.
> Python-Dev mailing list
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Python-Dev