[Python-checkins] cpython (2.7): Improve the default seeding in random module to use 32 bytes of entropy when

raymond.hettinger python-checkins at python.org
Sat Mar 8 18:56:15 CET 2014

• Previous message: [Python-checkins] cpython: whatsnew: base65 encodings. (#17618)
• Next message: [Python-checkins] cpython: whatsnew: glob.escape.
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---

http://hg.python.org/cpython/rev/1ba8deb4536d
changeset: 89513:1ba8deb4536d
branch: 2.7
parent: 89484:52256a5861fa
user: Raymond Hettinger <python at rcn.com>
date: Sat Mar 08 09:56:08 2014 -0800
summary:
 Improve the default seeding in random module to use 32 bytes of entropy when available.
files:
 Lib/random.py | 2 +-
 Misc/NEWS | 4 ++++
 2 files changed, 5 insertions(+), 1 deletions(-)
diff --git a/Lib/random.py b/Lib/random.py
--- a/Lib/random.py
+++ b/Lib/random.py
@@ -108,7 +108,7 @@
 
 if a is None:
 try:
- a = long(_hexlify(_urandom(16)), 16)
+ a = long(_hexlify(_urandom(32)), 16)
 except NotImplementedError:
 import time
 a = long(time.time() * 256) # use fractional seconds
diff --git a/Misc/NEWS b/Misc/NEWS
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -44,6 +44,10 @@
 as documented. The pattern and source keyword parameters are left as
 deprecated aliases.
 
+- Improve the random module's default seeding to use 256 bits of entropy
+ from os.urandom(). This was already done for Python 3, mildly improving
+ security with a bigger seed space.
+
 - Issue #15618: Make turtle.py compatible with 'from __future__ import
 unicode_literals'. Initial patch by Juancarlo Añez.
 
-- 
Repository URL: http://hg.python.org/cpython

---

• Previous message: [Python-checkins] cpython: whatsnew: base65 encodings. (#17618)
• Next message: [Python-checkins] cpython: whatsnew: glob.escape.
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---

More information about the Python-checkins mailing list