Message 195364 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	neologix
Recipients	christian.heimes, hynek, jcea, neologix, pitrou, tarek, vstinner
Date	2013-08-16.16:58:47
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<CAH_1eM2V6VhNA7b0g15z8A=otgrOWqJYQgE27=K1KUqnDrYc2Q@mail.gmail.com>
In-reply-to	<520E5947.2000405@cheimes.de>

Content
> In the light of the recent Android issue with PRNGs [1] I don't think > that Python should roll out its own CPRNG. I'd rather use the operation > system's CPRNG or OpenSSL's CPRNG. After all we aren't crypto experts. > I'd rather point my finger to OpenSSL than take the blame for a faulty > CPRNG. Yeah, sure. But it would be nice to have an API similar to the random module (i.e. a Random ABC, which could have several implementations, among which an /dev/urandom backed one). The underlying FD lifetime would be tied to the Random object lifetime, and we couldn't have to open/close it at each call.

> In the light of the recent Android issue with PRNGs [1] I don't think
> that Python should roll out its own CPRNG. I'd rather use the operation
> system's CPRNG or OpenSSL's CPRNG. After all we aren't crypto experts.
> I'd rather point my finger to OpenSSL than take the blame for a faulty
> CPRNG.

Yeah, sure.
But it would be nice to have an API similar to the random module (i.e.
a Random ABC, which could have several implementations, among which an
/dev/urandom backed one). The underlying FD lifetime would be tied to
the Random object lifetime, and we couldn't have to open/close it at
each call.

History
Date	User	Action	Args
2013-08-16 16:58:47	neologix	set	recipients: + neologix, jcea, pitrou, vstinner, christian.heimes, tarek, hynek
2013-08-16 16:58:47	neologix	link	issue18756 messages
2013-08-16 16:58:47	neologix	create