[Python-Dev] [Python-checkins] cpython: Issue #12049: Add RAND_bytes() and RAND_pseudo_bytes() functions to the ssl
Eric Smith
eric at trueblade.com
Wed May 25 15:08:30 CEST 2011
On 05/25/2011 06:58 AM, Petri Lehtinen wrote:
> Eric Smith wrote:
>>> Victor Stinner wrote:
>>>> I already patched the doc of the random module to add a security
>>>> warning. Well, you don't really need to know how a CSPRNG is
>>>> implemented, just that random cannot be used for security and that
>>>> ssl.RAND_bytes() raises an error if was seeded with enough data.
>>>>
>>>> Tell me if my warning is not clear:
>>>>
>>>> .. warning::
>>>>
>>>> The generators of the :mod:`random` module should not be used for
>>>> security purposes, they are not cryptographic. Use ssl.RAND_bytes()
>>>> if you require a cryptographically secure pseudorandom number
>>>> generator.
>>>
>>> Looks good to me. Regarding style, you should probably make a link,
>>> like :func:`ssl.RAND_bytes()`.
>>
>> Does "are not cryptographic" have any meaning? (I'm not an expert, just
>> not sure). Should it not be "cryptographically secure", to match the next
>> sentence?
>
> Or just remove ", they are not cryptographic" altogether?
Good call. That's a better change.
Eric.
More information about the Python-Dev
mailing list