[tor-bugs] #29594 [Obfuscation/BridgeDB]: Remove OpenSSL.rand.bytes from code

Tor Bug Tracker & Wiki blackhole at torproject.org
Wed Mar 6 15:09:29 UTC 2019


#29594: Remove OpenSSL.rand.bytes from code
----------------------------------+-----------------------------
 Reporter:  dgoulet               |          Owner:  dgoulet
     Type:  defect                |         Status:  merge_ready
 Priority:  Medium                |      Milestone:
Component:  Obfuscation/BridgeDB  |        Version:
 Severity:  Normal                |     Resolution:
 Keywords:  bridgedb              |  Actual Points:
Parent ID:  #29276                |         Points:
 Reviewer:  sysrqb                |        Sponsor:
----------------------------------+-----------------------------
Changes (by sysrqb):

 * status:  needs_review => merge_ready


Comment:

 lgtm - but I didn't test it, but it should be a safe substitution:
 {{{

     urandom(...)
         urandom(n) -> str

         Return n random bytes suitable for cryptographic use.
 }}}
 https://github.com/pyca/pyopenssl/blob/16.2.0/src/OpenSSL/rand.py#L41
 {{{
 def bytes(num_bytes):
     """
     Get some random bytes from the PRNG as a string.
     This is a wrapper for the C function ``RAND_bytes``.
     :param num_bytes: The number of bytes to fetch.
     :return: A string of random bytes.
     """
 }}}

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/29594#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list