Message 317079 - Python tracker

Message317079

Author	vstinner
Recipients	David Carlier, benjamin.peterson, eitan.adler, rhettinger, serhiy.storchaka, vstinner
Date	2018-05-19.00:30:20
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1526689821.85.0.682650639539.issue33528@psf.upfronthosting.co.za>
In-reply-to

Content
I know two main use cases for random numbers: * security: use os.urandom(), secrets and random.SystemRandom * not security: use the random module Exposing os.getentropy() seems like a new non-portable function for the first use case, security. What does it add compared to directly call os.urandom() for example? I chose to expose os.getrandom() for one very specific use case, described in the PEP 524: check if os.urandom() is going to block. On OpenBSD, os.urandom() and getentropy() does never block, so os.getentropy() seems useless to me. OpenBSD design is different: the CSRPNG is feeded from the boot loader. Or tell me if I missed something.

Content

I know two main use cases for random numbers:

* security: use os.urandom(), secrets and random.SystemRandom
* not security: use the random module

Exposing os.getentropy() seems like a new non-portable function for the first use case, security. What does it add compared to directly call os.urandom() for example?

I chose to expose os.getrandom() for one very specific use case, described in the PEP 524: check if os.urandom() is going to block.

On OpenBSD, os.urandom() and getentropy() does never block, so os.getentropy() seems useless to me. OpenBSD design is different: the CSRPNG is feeded from the boot loader. Or tell me if I missed something.

History
Date	User	Action	Args
2018-05-19 00:30:21	vstinner	set	recipients: + vstinner, rhettinger, benjamin.peterson, serhiy.storchaka, eitan.adler, David Carlier
2018-05-19 00:30:21	vstinner	set	messageid: <1526689821.85.0.682650639539.issue33528@psf.upfronthosting.co.za>
2018-05-19 00:30:21	vstinner	link	issue33528 messages
2018-05-19 00:30:20	vstinner	create