Re: [Python-Dev] [Python-checkins] cpython: Issue #12049: Add RAND_bytes() and RAND_pseudo_bytes() functions to the ssl

Wed, 25 May 2011 02:42:30 -0700 

Le mercredi 25 mai 2011 à 08:59 +0300, Petri Lehtinen a écrit :
> So it seems to me that RAND_bytes() either returns cryptographically
> strong data or fails (is it possible to detect the failure with the
> Python function? Should this be documented?).

RAND_bytes() raises an SSLError on error. You can check if there is
enough entropy before calling RAND_bytes() using RAND_status(). I
documented this two infos.

> RAND_pseudo_bytes() always succeeds...

No, it can fail if the RAND method was changed and the current RAND
method doesn't support this operation.

Example:
----
>>> import ctypes
>>> from ctypes import c_void_p
>>> libssl=ctypes.cdll.LoadLibrary('libssl.so')
>>> RAND_set_rand_method=libssl.RAND_set_rand_method
>>> class rand_meth_st(ctypes.Structure): _fields_ = (('seed',
c_void_p), ('bytes', c_void_p), ('cleanup', c_void_p), ('add',
c_void_p), ('pseudorand', c_void_p), ('status', c_void_p))
... 
>>> not_supported = rand_meth_st()
>>> RAND_set_rand_method(ctypes.byref(not_supported))
>>> import ssl
>>> ssl.RAND_bytes(1)
...
ssl.SSLError: [Errno 0] None
>>> ssl.RAND_pseudo_bytes(1)
...
ssl.SSLError: [Errno 0] None
------

Cool, ssl.RAND_pseudo_bytes() raises also an error, as expected :-)

> ... but does not necessarily generate cryptographically
> strong data.

Yes, if the PRNG was not seed with enough data, the RAND_pseudo_bytes()
Python function returns (random_bytes, False).

> > >We may also add a link from random to SSL.RAND_bytes() and
> > >SSL.RAND_pseudo_bytes().
> 
> Obviously, the user needs to be familiar with the concept of
> "cryptographically strong randomness" to use these functions.

I already patched the doc of the random module to add a security
warning. Well, you don't really need to know how a CSPRNG is
implemented, just that random cannot be used for security and that
ssl.RAND_bytes() raises an error if was seeded with enough data.

Tell me if my warning is not clear:

.. warning::

   The generators of the :mod:`random` module should not be used for
   security purposes, they are not cryptographic. Use ssl.RAND_bytes()
   if you require a cryptographically secure pseudorandom number
   generator.

Victor

_______________________________________________
Python-Dev mailing list
Python-Dev@python.org
http://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

Reply via email to