Possible security hole in SSL - was Random Passwords Generation

John Nagle nagle at animats.com
Mon Jan 29 18:42:44 CET 2007


Paul Rubin wrote:
> "Szabolcs Nagy" <nszabolcs at gmail.com> writes:
> 
>>file('/dev/urandom').read(6).encode('base64')
>>(oneliner and without import sa op requested)
> 
> 
> Nice, though Un*x dependent (os.urandom is supposed to be portable).

    Uh oh.  I was looking at the Python "SSL" code recently, and
noted that OpenSSL initializes the keys with '/dev/urandom' if
available, and otherwise relies on the caller to seed it with
random data and to check that enough randomness has been input.

    But the Python glue code for SSL doesn't seem to have the
machinery to seed SSL with randomness.  I suspect that on
platforms without '/dev/urandom', Python's SSL package may
be using the same keys every time.  This needs to be looked
at by a crypto expert.

					John Nagle



More information about the Python-list mailing list