[Sebastian Krause] > ... > Ideally I would only want to use the random module for > non-secure and (in 3.6) the secrets module (which could block) for > secure random data and never bother with os.urandom (and knowing how > it behaves). But then those modules should probably get new > functions to directly return bytes.
`secrets.token_bytes()` does just that, and other token_XXX() functions return bytes too but with different spellings (e.g., if you want, with the byte values represented as ASCII hex digits).. I believe everyone agrees token_bytes() will potentially block in 3.6 (along with all the other `secrets` facilities) on platforms supporting getrandom(). You're right that `random` doesn't expose such a function, and that the closest it gets is .getrandbits() (which returns a potentially giant int). So far, nobody has proposed adding new functions to `random`. _______________________________________________ Python-Dev mailing list Python-Dev@python.org https://mail.python.org/mailman/listinfo/python-dev Unsubscribe: https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
