Possible security hole in SSL - was Random Passwords Generation
John Nagle
nagle at animats.com
Mon Jan 29 12:42:44 EST 2007
Paul Rubin wrote:
> "Szabolcs Nagy" <nszabolcs at gmail.com> writes:
>
>>file('/dev/urandom').read(6).encode('base64')
>>(oneliner and without import sa op requested)
>
>
> Nice, though Un*x dependent (os.urandom is supposed to be portable).
Uh oh. I was looking at the Python "SSL" code recently, and
noted that OpenSSL initializes the keys with '/dev/urandom' if
available, and otherwise relies on the caller to seed it with
random data and to check that enough randomness has been input.
But the Python glue code for SSL doesn't seem to have the
machinery to seed SSL with randomness. I suspect that on
platforms without '/dev/urandom', Python's SSL package may
be using the same keys every time. This needs to be looked
at by a crypto expert.
John Nagle
More information about the Python-list
mailing list