Issue 23025: ssl.RAND_bytes docs should mention os.urandom

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

This issue has been migrated to GitHub: https://github.com/python/cpython/issues/67214

classification

Title:	ssl.RAND_bytes docs should mention os.urandom
Type:		Stage:	resolved
Components:	Documentation	Versions:	Python 3.4, Python 3.5

process

Status:	closed	Resolution:	fixed
Dependencies:		Superseder:
Assigned To:	docs@python	Nosy List:	alex, berker.peksag, docs@python, dstufft, python-dev, vstinner
Priority:	normal	Keywords:	patch

Created on 2014-12-10 18:16 by alex, last changed 2022-04-11 14:58 by admin. This issue is now closed.

Files
File name	Uploaded	Description	Edit
rand.diff	alex, 2014-12-10 18:16		review

Messages (7)
msg232436 - (view)	Author: Alex Gaynor (alex) *	Date: 2014-12-10 18:16
For almost any conceivable application, os.urandom is a preferable way to access a CSPRNG, and is less error prone, the docs should point this out.
msg232437 - (view)	Author: Donald Stufft (dstufft) *	Date: 2014-12-10 18:23
I agree completely. This is something that should generally be discouraged all together. See: http://sockpuppet.org/blog/2014/02/25/safely-generate-random-numbers/
msg232471 - (view)	Author: STINNER Victor (vstinner) *	Date: 2014-12-11 11:45
RAND_bytes() has an annoying bug: it can produces the same byte sequence in two different processes if they get the same identifier (yes, it occurs sometimes). See the issue #18747 and warnings about fork in the ssl module. I don't know if it is now fixed in OpenSSL or maybe in LibreSSL. I was surprised that such bug exist in a serious library designed for cryptography. The usual reply to bug report is that users have to inject entropy manually at fork. It may be possible in an application, the issue #18747 explains why it is not a good idea to that in Python. /dev/urandom doesn't have such issue... I made the change to expose RAND_bytes(). I made it for my Hasard program (expermental tool to learn PRNG), to easily test the OpenSSL library in Python. That's how I "discovered" the fork issue (it was already known in fact..). I never used ssl.RAND_bytes() in a (real) Python application. http://sockpuppet.org/blog/2014/02/25/safely-generate-random-numbers/ gives good reasons to not use ssl.RAND_bytes. So rand.diff looks good to me.
msg232472 - (view)	Author: STINNER Victor (vstinner) *	Date: 2014-12-11 11:46
Note: ssl.RAND_bytes() doesn't exist in Python 2 (even in Python 2.7.9!).
msg233708 - (view)	Author: STINNER Victor (vstinner) *	Date: 2015-01-09 01:20
To be clear: rand.diff looks good to me, go ahead.
msg240418 - (view)	Author: Roundup Robot (python-dev)	Date: 2015-04-10 13:19
New changeset f85ac33b12a1 by Berker Peksag in branch '3.4': Issue #23025: Add a mention of os.urandom to RAND_bytes and RAND_pseudo_bytes docs. https://hg.python.org/cpython/rev/f85ac33b12a1 New changeset 7aa42cea8968 by Berker Peksag in branch 'default': Issue #23025: Add a mention of os.urandom to RAND_bytes and RAND_pseudo_bytes docs. https://hg.python.org/cpython/rev/7aa42cea8968
msg240419 - (view)	Author: Berker Peksag (berker.peksag) *	Date: 2015-04-10 13:20
Thanks for the patch, Alex.

History
Date	User	Action	Args
2022-04-11 14:58:11	admin	set	github: 67214
2015-04-10 13:20:10	berker.peksag	set	status: open -> closed nosy: + berker.peksag messages: + msg240419 resolution: fixed stage: resolved
2015-04-10 13:19:26	python-dev	set	nosy: + python-dev messages: + msg240418
2015-01-09 01:20:44	vstinner	set	messages: + msg233708
2014-12-11 11:46:52	vstinner	set	messages: + msg232472 versions: + Python 3.4, Python 3.5
2014-12-11 11:45:40	vstinner	set	messages: + msg232471
2014-12-11 10:32:34	pitrou	set	nosy: + vstinner
2014-12-10 18:23:32	dstufft	set	nosy: + dstufft messages: + msg232437
2014-12-10 18:16:06	alex	create