classification
Title: ssl.RAND_bytes docs should mention os.urandom
Type: Stage: resolved
Components: Documentation Versions: Python 3.4, Python 3.5
process
Status: closed Resolution: fixed
Dependencies: Superseder:
Assigned To: docs@python Nosy List: alex, berker.peksag, docs@python, dstufft, python-dev, vstinner
Priority: normal Keywords: patch

Created on 2014-12-10 18:16 by alex, last changed 2015-04-10 13:20 by berker.peksag. This issue is now closed.

Files
File name Uploaded Description Edit
rand.diff alex, 2014-12-10 18:16 review
Messages (7)
msg232436 - (view) Author: Alex Gaynor (alex) * (Python committer) Date: 2014-12-10 18:16
For almost any conceivable application, os.urandom is a preferable way to access a CSPRNG, and is less error prone, the docs should point this out.
msg232437 - (view) Author: Donald Stufft (dstufft) * (Python committer) Date: 2014-12-10 18:23
I agree completely. This is something that should generally be discouraged all together. See: http://sockpuppet.org/blog/2014/02/25/safely-generate-random-numbers/
msg232471 - (view) Author: STINNER Victor (vstinner) * (Python committer) Date: 2014-12-11 11:45
RAND_bytes() has an annoying bug: it can produces the same byte sequence in two different processes if they get the same identifier (yes, it occurs sometimes). See the issue #18747 and warnings about fork in the ssl module. I don't know if it is now fixed in OpenSSL or maybe in LibreSSL. I was surprised that such bug exist in a serious library designed for cryptography. The usual reply to bug report is that users have to inject entropy manually at fork. It may be possible in an application, the issue #18747 explains why it is not a good idea to that in Python. /dev/urandom doesn't have such issue...

I made the change to expose RAND_bytes(). I made it for my Hasard program (expermental tool to learn PRNG), to easily test the OpenSSL library in Python. That's how I "discovered" the fork issue (it was already known in fact..). I never used ssl.RAND_bytes() in a (real) Python application.

http://sockpuppet.org/blog/2014/02/25/safely-generate-random-numbers/ gives good reasons to not use ssl.RAND_bytes. So rand.diff looks good to me.
msg232472 - (view) Author: STINNER Victor (vstinner) * (Python committer) Date: 2014-12-11 11:46
Note: ssl.RAND_bytes() doesn't exist in Python 2 (even in Python 2.7.9!).
msg233708 - (view) Author: STINNER Victor (vstinner) * (Python committer) Date: 2015-01-09 01:20
To be clear: rand.diff looks good to me, go ahead.
msg240418 - (view) Author: Roundup Robot (python-dev) (Python triager) Date: 2015-04-10 13:19
New changeset f85ac33b12a1 by Berker Peksag in branch '3.4':
Issue #23025: Add a mention of os.urandom to RAND_bytes and RAND_pseudo_bytes docs.
https://hg.python.org/cpython/rev/f85ac33b12a1

New changeset 7aa42cea8968 by Berker Peksag in branch 'default':
Issue #23025: Add a mention of os.urandom to RAND_bytes and RAND_pseudo_bytes docs.
https://hg.python.org/cpython/rev/7aa42cea8968
msg240419 - (view) Author: Berker Peksag (berker.peksag) * (Python committer) Date: 2015-04-10 13:20
Thanks for the patch, Alex.
History
Date User Action Args
2015-04-10 13:20:10berker.peksagsetstatus: open -> closed

nosy: + berker.peksag
messages: + msg240419

resolution: fixed
stage: resolved
2015-04-10 13:19:26python-devsetnosy: + python-dev
messages: + msg240418
2015-01-09 01:20:44vstinnersetmessages: + msg233708
2014-12-11 11:46:52vstinnersetmessages: + msg232472
versions: + Python 3.4, Python 3.5
2014-12-11 11:45:40vstinnersetmessages: + msg232471
2014-12-11 10:32:34pitrousetnosy: + vstinner
2014-12-10 18:23:32dstufftsetnosy: + dstufft
messages: + msg232437
2014-12-10 18:16:06alexcreate