[Python-ideas] Pre-PEP Adding A Secrets Module To The Standard Library

Robert Kern robert.kern at gmail.com
Mon Sep 21 18:29:08 CEST 2015

On 2015-09-21 17:22, Steven D'Aprano wrote:
> On Sun, Sep 20, 2015 at 09:00:08AM +0300, Serhiy Storchaka wrote:
>> On 20.09.15 02:40, Tim Peters wrote:

>>>   Token functions
>>>      .token_bytes(nbytes)
>>>          another name for os.urandom()
>>>      .token_hex(nbytes)
>>>          same, but return string of ASCII hex digits
>>>      .token_url(nbytes)
>>>          same, but return URL-safe base64-encoded ASCII
>>>      .token_alpha(alphabet, nchars)
>>>          string of `nchars` characters drawn uniformly
>>>          from `alphabet`
>> token_hex(nbytes) == token_alpha('0123456789abcdef', nchars) ?
>> token_url(nbytes) == token_alpha(
>>      'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_',
>>       nchars) ?
> They may be reasonable implementations for the functions, but simple as
> they are, I think we still want to provide them as named functions
> rather than expect the user to write things like the above. If they're
> doing it more than once, they'll want to write a helper function, we
> might as well provide that for them.

Actually, I don't think those are the semantics that Tim intended. Rather, 
token_hex(nbytes) would return a string twice as long as nbytes. The idea is 
that you want to get nbytes-worth of random bits, just encoded in a common 
"safe" format. Similarly, token_url(nbytes) would get nbytes of random bits then 
base64-encode it, not just pick nbytes characters from a URL-safe list of 
characters. This makes it easier to reason about how much entropy you are 
actually using.

Robert Kern

"I have come to believe that the whole world is an enigma, a harmless enigma
  that is made terrible by our own mad attempt to interpret it as though it had
  an underlying truth."
   -- Umberto Eco

More information about the Python-ideas mailing list