Ooops.... thinko there! Of course `secrets` won't exist in 3.5.1, so that's a 3.6 matter instead.
On Fri, Jun 10, 2016 at 12:29 PM, David Mertz <me...@gnosis.cx> wrote: > I believe that secrets.token_bytes() and secrets.SystemRandom() should be > changed even for 3.5.1 to use getrandom() on Linux. > > Thanks for fixing my spelling of the secrets API, Donald. :-) > > On Fri, Jun 10, 2016 at 12:17 PM, Donald Stufft <don...@stufft.io> wrote: > >> >> On Jun 10, 2016, at 3:05 PM, David Mertz <me...@gnosis.cx> wrote: >> >> OK. My understanding is that Guido ruled out introducing an >> os.getrandom() API in 3.5.2. But would you be happy if that interface is >> added to 3.6? >> >> It feels to me like the correct spelling in 3.6 should probably be >> secrets.getrandom() or something related to that. >> >> >> >> Well we have >> https://docs.python.org/dev/library/secrets.html#secrets.token_bytes so >> adding a getrandom() function to secrets would largely be the same as that >> function. >> >> The problem of course is that the secrets library in 3.6 uses os.urandom >> under the covers, so it’s security rests on the security of os.urandom. To >> ensure that the secrets library is actually safe even in early boot it’ll >> need to stop using os.urandom on Linux and use the getrandom() function. >> >> That same library exposes random.SystemRandom as secrets.SystemRandom >> [1], and of course SystemRandom uses os.urandom too. So if we want people >> to treat secrets.SystemRandom as “always secure” then it would need to stop >> using os.urandom and start using the get random() function on Linux as well. >> >> >> [1] This is actually documented as "using the highest-quality sources >> provided by the operating system” in the secrets documentation, and I’d >> argue that it is not using the highest-quality source if it’s reading from >> /dev/urandom or getrandom(GRD_NONBLOCK) on Linux systems where getrandom() >> is available. Of course, it’s just an alias for random.SystemRandom, and >> that is documented as using os.urandom. >> >> — >> Donald Stufft >> >> >> >> > > > -- > Keeping medicines from the bloodstreams of the sick; food > from the bellies of the hungry; books from the hands of the > uneducated; technology from the underdeveloped; and putting > advocates of freedom in prisons. Intellectual property is > to the 21st century what the slave trade was to the 16th. > -- Keeping medicines from the bloodstreams of the sick; food from the bellies of the hungry; books from the hands of the uneducated; technology from the underdeveloped; and putting advocates of freedom in prisons. Intellectual property is to the 21st century what the slave trade was to the 16th.
_______________________________________________ Python-Dev mailing list Python-Dev@python.org https://mail.python.org/mailman/listinfo/python-dev Unsubscribe: https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
