* Citation: https://cryptography.io/en/latest/random-numbers/
On Sat, Jul 10, 2021 at 7:53 PM Wes Turner <wes.tur...@gmail.com> wrote: > FWIW, here is what https://cryptography.io has re: random (/? rng python > cryptography) > > ```rst > Random number generation > ======================== > > When generating random data for use in cryptographic operations, such as an > initialization vector for encryption in > :class:`~cryptography.hazmat.primitives.ciphers.modes.CBC` mode, you do not > want to use the standard :mod:`random` module APIs. This is because they > do not > provide a cryptographically secure random number generator, which can > result in > major security issues depending on the algorithms in use. > > Therefore, it is our recommendation to `always use your operating system's > provided random number generator`_, which is available as > :func:`os.urandom`. > For example, if you need 16 bytes of random data for an initialization > vector, > you can obtain them with: > > .. doctest:: > > >>> import os > >>> iv = os.urandom(16) > > This will use ``/dev/urandom`` on UNIX platforms, and ``CryptGenRandom`` on > Windows. > > If you need your random number as an integer (for example, for > :meth:`~cryptography.x509.CertificateBuilder.serial_number`), you can use > ``int.from_bytes`` to convert the result of ``os.urandom``: > > .. code-block:: pycon > > >>> serial = int.from_bytes(os.urandom(20), byteorder="big") > > Starting with Python 3.6 the `standard library includes`_ the ``secrets`` > module, which can be used for generating cryptographically secure random > numbers, with specific helpers for text-based formats. > > .. _`always use your operating system's provided random number generator`: > https://sockpuppet.org/blog/2014/02/25/safely-generate-random-numbers/ > .. _`standard library includes`: > https://docs.python.org/3/library/secrets.html > ``` > > - https://docs.python.org/3/library/random.html > - https://docs.python.org/3/library/random.html#random.SystemRandom > - https://docs.python.org/3/library/os.html#os.urandom (see below for > the docs) > - https://docs.python.org/3/library/secrets.html > - > https://numpy.org/doc/stable/reference/random/generator.html#simple-random-data > - > https://docs.scipy.org/doc/scipy/reference/tutorial/stats/discrete.html#discrete-distributions-in-scipy-stats > - > https://docs.scipy.org/doc/scipy/reference/tutorial/stats/discrete_randint.html > - https://docs.python.org/3/library/os.html#os.urandom : > > ```rst > Random numbers > -------------- > > > .. function:: getrandom(size, flags=0) > > Get up to *size* random bytes. The function can return less bytes than > requested. > > These bytes can be used to seed user-space random number generators or > for > cryptographic purposes. > > ``getrandom()`` relies on entropy gathered from device drivers and other > sources of environmental noise. Unnecessarily reading large quantities > of > data will have a negative impact on other users of the > ``/dev/random`` and > ``/dev/urandom`` devices. > > The flags argument is a bit mask that can contain zero or more of the > following values ORed together: :py:data:`os.GRND_RANDOM` and > :py:data:`GRND_NONBLOCK`. > > See also the `Linux getrandom() manual page > <http://man7.org/linux/man-pages/man2/getrandom.2.html>`_. > > .. availability:: Linux 3.17 and newer. > > .. versionadded:: 3.6 > > .. function:: urandom(size) > > Return a string of *size* random bytes suitable for cryptographic use. > > This function returns random bytes from an OS-specific randomness > source. The > returned data should be unpredictable enough for cryptographic > applications, > though its exact quality depends on the OS implementation. > > On Linux, if the ``getrandom()`` syscall is available, it is used in > blocking mode: block until the system urandom entropy pool is > initialized > (128 bits of entropy are collected by the kernel). See the :pep:`524` > for > the rationale. On Linux, the :func:`getrandom` function can be used to > get > random bytes in non-blocking mode (using the :data:`GRND_NONBLOCK` > flag) or > to poll until the system urandom entropy pool is initialized. > > On a Unix-like system, random bytes are read from the ``/dev/urandom`` > device. If the ``/dev/urandom`` device is not available or not > readable, the > :exc:`NotImplementedError` exception is raised. > > On Windows, it will use ``CryptGenRandom()``. > > .. seealso:: > The :mod:`secrets` module provides higher level functions. For an > easy-to-use interface to the random number generator provided by your > platform, please see :class:`random.SystemRandom`. > > .. versionchanged:: 3.6.0 > On Linux, ``getrandom()`` is now used in blocking mode to increase > the > security. > > .. versionchanged:: 3.5.2 > On Linux, if the ``getrandom()`` syscall blocks (the urandom entropy > pool > is not initialized yet), fall back on reading ``/dev/urandom``. > > .. versionchanged:: 3.5 > On Linux 3.17 and newer, the ``getrandom()`` syscall is now used > when available. On OpenBSD 5.6 and newer, the C ``getentropy()`` > function is now used. These functions avoid the usage of an internal > file > descriptor. > > .. data:: GRND_NONBLOCK > > By default, when reading from ``/dev/random``, :func:`getrandom` > blocks if > no random bytes are available, and when reading from ``/dev/urandom``, > it blocks > if the entropy pool has not yet been initialized. > > If the :py:data:`GRND_NONBLOCK` flag is set, then :func:`getrandom` > does not > block in these cases, but instead immediately raises > :exc:`BlockingIOError`. > > .. versionadded:: 3.6 > > .. data:: GRND_RANDOM > > If this bit is set, then random bytes are drawn from the > ``/dev/random`` pool instead of the ``/dev/urandom`` pool. > > .. versionadded:: 3.6 > ``` > > > On Fri, Jul 9, 2021 at 6:04 PM Ethan Furman <et...@stoneleaf.us> wrote: > >> On 7/9/21 2:25 PM, Tim Peters wrote: >> >> > `secrets` is just a wrapper around `random.SystemRandom`, so the >> > presence or absence of `secrets` doesn't matter. >> > >> > As to SystemRandom, all answers depend on the quality of the platform >> > os.urandom(), which Python has no control over. See my answer here, >> > and the comments on it: >> > >> > https://stackoverflow.com/questions/20936993/ >> >> Good to know, thanks. >> >> -- >> ~Ethan~ >> _______________________________________________ >> Python-Dev mailing list -- python-dev@python.org >> To unsubscribe send an email to python-dev-le...@python.org >> https://mail.python.org/mailman3/lists/python-dev.python.org/ >> Message archived at >> https://mail.python.org/archives/list/python-dev@python.org/message/ZGCYXLN6FS3RUHRWH65EDDS5CDMVDBJH/ >> Code of Conduct: http://python.org/psf/codeofconduct/ >> >
_______________________________________________ Python-Dev mailing list -- python-dev@python.org To unsubscribe send an email to python-dev-le...@python.org https://mail.python.org/mailman3/lists/python-dev.python.org/ Message archived at https://mail.python.org/archives/list/python-dev@python.org/message/5NFGOM7KQZHNLRF7J7EK2ES2BLYBGB3Q/ Code of Conduct: http://python.org/psf/codeofconduct/
