Antoine Pitrou <pit...@free.fr> added the comment: > > add PyOS_URandom() using CryptoGen, SSL (only on VMS!!) > > or /dev/urandom > > Oh, OpenSSL (RAND_pseudo_bytes) should be used on Windows, Linux, Mac > OS X, etc. if OpenSSL is available.
Apart from the large dependency, the OpenSSL license is not GPL-compatible which may be a problem for some Python-embedding applications: http://en.wikipedia.org/wiki/OpenSSL#Licensing > > will a fallback on a dummy LCG > > It's the Linear congruent generator (LCG) used by Microsoft Visual C++ > and PHP: > > x(n+1) = (x(n) * 214013 + 2531011) % 2^32 > > I only use bits 23..16 (bits 15..0 are not really random). If PHP uses it, I'm confident it is secure. ---------- _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue13703> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
