[Python-Dev] BDFL ruling request: should we block forever waiting for high-quality random bits? (original) (raw)

Larry Hastings larry at hastings.org
Sat Jun 11 04:24:15 EDT 2016

• Previous message (by thread): [Python-Dev] BDFL ruling request: should we block forever waiting for high-quality random bits?
• Next message (by thread): [Python-Dev] BDFL ruling request: should we block forever waiting for high-quality random bits?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 06/11/2016 12:49 AM, Steven D'Aprano wrote:

Will there be platforms where os.getrandom doesn't exist? If not, then secrets can just rely on it, otherwise what should it do?

if hasattr(os, 'getrandom'): return os.getrandom(n) else: # Fail? Fall back on os.urandom?

AFAIK:

• Only Linux and Solaris have getrandom() right now. IIUC Solaris duplicated Linux's API, but I don't know that for certain, and I don't know in particular what GRND_RANDOM does on Solaris. (Of course, you don't need GRND_RANDOM for secrets.token_bytes().)
• Only Linux and OS X have never-blocking /dev/urandom. On Linux, you can choose to block by calling getrandom(). On OS X you have no choice, you can only use the never-blocking /dev/urandom. (OS X also has a /dev/random but it behaves identically to /dev/urandom.) OS X's man page reassuringly claims blocking is never necessary; the blogosphere disagrees.

If I were writing the function for the secrets module, I'd write it like you have above: call os.getrandom() if it's present, and os.urandom() if it isn't. I believe that achieves current-best-practice everywhere: it does the right thing on Linux, it does the right thing on Solaris, it does the right thing on all the other OSes where reading from /dev/urandom can block, and it uses the only facility available to us on OS X.

//arry/

-------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mail.python.org/pipermail/python-dev/attachments/20160611/25e47ab8/attachment.html>

• Previous message (by thread): [Python-Dev] BDFL ruling request: should we block forever waiting for high-quality random bits?
• Next message (by thread): [Python-Dev] BDFL ruling request: should we block forever waiting for high-quality random bits?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Python-Dev mailing list