[Python-Dev] BDFL ruling request: should we block forever waiting for high-quality random bits? (original) (raw)
Stephen J. Turnbull turnbull at sk.tsukuba.ac.jp
Sun Jun 12 02:43:20 EDT 2016
- Previous message (by thread): [Python-Dev] BDFL ruling request: should we block forever waiting for high-quality random bits?
- Next message (by thread): [Python-Dev] BDFL ruling request: should we block forever waiting for high-quality random bits?
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Donald Stufft writes:
I guess one question would be, what does the secrets module do if it’s on a Linux that is too old to have getrandom(0), off the top of my head I can think of:
- Silently fall back to reading os.urandom and hope that it’s been seeded.
- Fall back to os.urandom and hope that it’s been seeded and add a SecurityWarning or something like it to mention that it’s falling back to os.urandom and it may be getting predictable random from /dev/urandom.
- Hard fail because it can’t guarantee secure cryptographic random.
I'm going to hide behind the Linux manpage (which actually suggests saving the data in a file to speed initialization at boot) in mentioning this:
- if random_initialized_timestamp_pre_boot():
r = open("/dev/random", "rb")
u = open("/dev/urandom", "wb")
u.write(r.read(enough_bytes))
set_random_initialized_timestamp()
in theory, secrets can now use os.urandom
- Previous message (by thread): [Python-Dev] BDFL ruling request: should we block forever waiting for high-quality random bits?
- Next message (by thread): [Python-Dev] BDFL ruling request: should we block forever waiting for high-quality random bits?
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]