[Python-Dev] [Python-checkins] cpython: Issue #12049: Add RAND_bytes() and RAND_pseudo_bytes() functions to the ssl (original) (raw)

Victor Stinner victor.stinner at haypocalc.com
Wed May 25 11:29:17 CEST 2011

• Previous message: [Python-Dev] [Python-checkins] cpython: Issue #12049: Add RAND_bytes() and RAND_pseudo_bytes() functions to the ssl
• Next message: [Python-Dev] [Python-checkins] cpython: Issue #12049: Add RAND_bytes() and RAND_pseudo_bytes() functions to the ssl
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Le mercredi 25 mai 2011 à 15:09 +1000, Nick Coghlan a écrit :

The RANDbytes() documentation should probably make it clearer that unlike the random module and RANDpseudobytes(), RANDbytes() can fail (by raising SSLError) if it isn't in a position to provide the requested random data.

According to the doc, both functions can fail, but it is more likely than RAND_bytes() fail. I disabled temporary Linux random devices to test RAND_bytes() error code:

mv /dev/random /dev/random.xxx mv /dev/urandom /dev/urandom.xxx

In this case, RAND_pseudo_bytes() generates non-cryptographic random numbers: it returns (random_bytes, False). I don't know how to test RAND_pseudo_bytes() error code.

--

I patched test_ssl to test that RAND_bytes() raises an SSLError if there is not enough entropy, and I also improved the documentation to detail the error cases.

Victor

• Previous message: [Python-Dev] [Python-checkins] cpython: Issue #12049: Add RAND_bytes() and RAND_pseudo_bytes() functions to the ssl
• Next message: [Python-Dev] [Python-checkins] cpython: Issue #12049: Add RAND_bytes() and RAND_pseudo_bytes() functions to the ssl
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Python-Dev mailing list