[Python-Dev] BDFL ruling request: should we block forever waiting for high-quality random bits?

Fri Jun 10 15:29:55 EDT 2016

Ooops.... thinko there! Of course `secrets` won't exist in 3.5.1, so that's
a 3.6 matter instead.

On Fri, Jun 10, 2016 at 12:29 PM, David Mertz <mertz at gnosis.cx> wrote:

> I believe that secrets.token_bytes() and secrets.SystemRandom() should be
> changed even for 3.5.1 to use getrandom() on Linux.
>
> Thanks for fixing my spelling of the secrets API, Donald. :-)
>
> On Fri, Jun 10, 2016 at 12:17 PM, Donald Stufft <donald at stufft.io> wrote:
>
>>
>> On Jun 10, 2016, at 3:05 PM, David Mertz <mertz at gnosis.cx> wrote:
>>
>> OK.  My understanding is that Guido ruled out introducing an
>> os.getrandom() API in 3.5.2.  But would you be happy if that interface is
>> added to 3.6?
>>
>> It feels to me like the correct spelling in 3.6 should probably be
>> secrets.getrandom() or something related to that.
>>
>>
>>
>> Well we have
>> https://docs.python.org/dev/library/secrets.html#secrets.token_bytes so
>> adding a getrandom() function to secrets would largely be the same as that
>> function.
>>
>> The problem of course is that the secrets library in 3.6 uses os.urandom
>> under the covers, so it’s security rests on the security of os.urandom. To
>> ensure that the secrets library is actually safe even in early boot it’ll
>> need to stop using os.urandom on Linux and use the getrandom() function.
>>
>> That same library exposes random.SystemRandom as secrets.SystemRandom
>> [1], and of course SystemRandom uses os.urandom too. So if we want people
>> to treat secrets.SystemRandom as “always secure” then it would need to stop
>> using os.urandom and start using the get random() function on Linux as well.
>>
>>
>> [1] This is actually documented as "using the highest-quality sources
>> provided by the operating system” in the secrets documentation, and I’d
>> argue that it is not using the highest-quality source if it’s reading from
>> /dev/urandom or getrandom(GRD_NONBLOCK) on Linux systems where getrandom()
>> is available. Of course, it’s just an alias for random.SystemRandom, and
>> that is documented as using os.urandom.
>>
>> —
>> Donald Stufft
>>
>>
>>
>>
>
>
> --
> Keeping medicines from the bloodstreams of the sick; food
> from the bellies of the hungry; books from the hands of the
> uneducated; technology from the underdeveloped; and putting
> advocates of freedom in prisons.  Intellectual property is
> to the 21st century what the slave trade was to the 16th.
>

-- 
Keeping medicines from the bloodstreams of the sick; food
from the bellies of the hungry; books from the hands of the
uneducated; technology from the underdeveloped; and putting
advocates of freedom in prisons.  Intellectual property is
to the 21st century what the slave trade was to the 16th.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-dev/attachments/20160610/3d030b8d/attachment.html>