[Python-Dev] os.urandom API

"Martin v. Löwis" martin at v.loewis.de
Sun Aug 29 23:26:20 CEST 2004 

Raymond Hettinger wrote:
> I would like to change the API for the new os.urandom(n) function to
> return a long integer instead of a string.  The former better serves
> more use cases and fits better with existing modules.

-1. Bytes is what the underlying system returns, and it is also
conceptually the right thing. We are really talking about a stream
of random bytes here (where u signals unlimitedness).

> 1) The call random.seed(os.random(100)) is a likely use case.  If the
> intermediate value is a string, then random.seed() will hash it and only
> use 32 bits.  If the intermediate value is a long integer, all bits are
> used.  In the given example, the latter is clearly what the user expects
> (otherwise, they would only request 4 bytes).

Then add an os.randint if you think this is important. Given the
easiness of using the struct module, I don't think it is important to
provide this out of the box.

> 2) Another likely use case is accessing all the tools in the random
> module with a subclass that overrides random() and getrandbits().  Both
> can be done easier and faster if os.random() returns long integers.  If
> the starting point is a string, the code gets ugly and slow.

Don't try guessing use cases too much. I don't think either the original
submitter, nor the original reviewer, had sequences of pseudo-random
numbers as their use case. Instead, the typical application will be a
one-time token for some crypto algorithm, in which case sequences of
pseudo-randomness are evil. What kind of data structure these things
will need is hard to guess, but "sequence of bytes" is a good bet.

> 3) Most use cases for random values involve numeric manipulation.
> Simple tasks like finding a random integer in the range [0,100000)
> become unnecessarily more complicated when starting from a string.

That is not true. Most use cases of random numbers involve bit
manipulation.

> 1) This form is handy for cyptoweenies to xor with other byte strings
> (perhaps for a one-time pad).

And indeed, cryptoweenies have contributed that code. He who writes
the code choses the interface.

Regards,
Martin

More information about the Python-Dev mailing list