[Python-Dev] [Python-checkins] cpython: Issue #12049: Add RAND_bytes() and RAND_pseudo_bytes() functions to the ssl
Eric Smith
eric at trueblade.com
Wed May 25 12:54:22 CEST 2011
> Victor Stinner wrote:
>> I already patched the doc of the random module to add a security
>> warning. Well, you don't really need to know how a CSPRNG is
>> implemented, just that random cannot be used for security and that
>> ssl.RAND_bytes() raises an error if was seeded with enough data.
>>
>> Tell me if my warning is not clear:
>>
>> .. warning::
>>
>> The generators of the :mod:`random` module should not be used for
>> security purposes, they are not cryptographic. Use ssl.RAND_bytes()
>> if you require a cryptographically secure pseudorandom number
>> generator.
>
> Looks good to me. Regarding style, you should probably make a link,
> like :func:`ssl.RAND_bytes()`.
Does "are not cryptographic" have any meaning? (I'm not an expert, just
not sure). Should it not be "cryptographically secure", to match the next
sentence?
Eric.
More information about the Python-Dev
mailing list