.. versionadded:: 3.3
-.. function:: RAND_pseudo_bytes(num)
-
- Return (bytes, is_cryptographic): bytes are *num* pseudo-random bytes,
- is_cryptographic is ``True`` if the bytes generated are cryptographically
- strong. Raises an :class:`SSLError` if the operation is not supported by the
- current RAND method.
-
- Generated pseudo-random byte sequences will be unique if they are of
- sufficient length, but are not necessarily unpredictable. They can be used
- for non-cryptographic purposes and for certain purposes in cryptographic
- protocols, but usually not for key generation etc.
-
- For almost all applications :func:`os.urandom` is preferable.
-
- .. versionadded:: 3.3
-
- .. deprecated:: 3.6
-
- OpenSSL has deprecated :func:`ssl.RAND_pseudo_bytes`, use
- :func:`ssl.RAND_bytes` instead.
-
.. function:: RAND_status()
Return ``True`` if the SSL pseudo-random number generator has been seeded
be aware that OpenSSL's internal random number generator does not properly
handle forked processes. Applications must change the PRNG state of the
parent process if they use any SSL feature with :func:`os.fork`. Any
-successful call of :func:`~ssl.RAND_add`, :func:`~ssl.RAND_bytes` or
-:func:`~ssl.RAND_pseudo_bytes` is sufficient.
+successful call of :func:`~ssl.RAND_add` or :func:`~ssl.RAND_bytes` is
+sufficient.
.. _ssl-tlsv1_3:
also a static method.
(Contributed by Victor Stinner in :gh:`94169`.)
+* Remove the :func:`ssl.RAND_pseudo_bytes` function, deprecated in Python 3.6:
+ use :func:`os.urandom` or :func:`ssl.RAND_bytes` instead.
+ (Contributed by Victor Stinner in :gh:`94199`.)
+
Porting to Python 3.12
======================
SSLSyscallError, SSLEOFError, SSLCertVerificationError
)
from _ssl import txt2obj as _txt2obj, nid2obj as _nid2obj
-from _ssl import RAND_status, RAND_add, RAND_bytes, RAND_pseudo_bytes
+from _ssl import RAND_status, RAND_add, RAND_bytes
try:
from _ssl import RAND_egd
except ImportError:
% (v, (v and "sufficient randomness") or
"insufficient randomness"))
- with warnings_helper.check_warnings():
- data, is_cryptographic = ssl.RAND_pseudo_bytes(16)
- self.assertEqual(len(data), 16)
- self.assertEqual(is_cryptographic, v == 1)
if v:
data = ssl.RAND_bytes(16)
self.assertEqual(len(data), 16)
# negative num is invalid
self.assertRaises(ValueError, ssl.RAND_bytes, -5)
- with warnings_helper.check_warnings():
- self.assertRaises(ValueError, ssl.RAND_pseudo_bytes, -5)
ssl.RAND_add("this is a random string", 75.0)
ssl.RAND_add(b"this is a random bytes object", 75.0)
--- /dev/null
+Remove the :func:`ssl.RAND_pseudo_bytes` function, deprecated in Python 3.6:
+use :func:`os.urandom` or :func:`ssl.RAND_bytes` instead. Patch by Victor
+Stinner.
return PySSL_RAND(module, n, 0);
}
-/*[clinic input]
-_ssl.RAND_pseudo_bytes
- n: int
- /
-
-Generate n pseudo-random bytes.
-
-Return a pair (bytes, is_cryptographic). is_cryptographic is True
-if the bytes generated are cryptographically strong.
-[clinic start generated code]*/
-
-static PyObject *
-_ssl_RAND_pseudo_bytes_impl(PyObject *module, int n)
-/*[clinic end generated code: output=b1509e937000e52d input=58312bd53f9bbdd0]*/
-{
- PY_SSL_DEPRECATED("ssl.RAND_pseudo_bytes() is deprecated", 1, NULL);
- return PySSL_RAND(module, n, 1);
-}
/*[clinic input]
_ssl.RAND_status
_SSL__TEST_DECODE_CERT_METHODDEF
_SSL_RAND_ADD_METHODDEF
_SSL_RAND_BYTES_METHODDEF
- _SSL_RAND_PSEUDO_BYTES_METHODDEF
_SSL_RAND_STATUS_METHODDEF
_SSL_GET_DEFAULT_VERIFY_PATHS_METHODDEF
_SSL_ENUM_CERTIFICATES_METHODDEF
return return_value;
}
-PyDoc_STRVAR(_ssl_RAND_pseudo_bytes__doc__,
-"RAND_pseudo_bytes($module, n, /)\n"
-"--\n"
-"\n"
-"Generate n pseudo-random bytes.\n"
-"\n"
-"Return a pair (bytes, is_cryptographic). is_cryptographic is True\n"
-"if the bytes generated are cryptographically strong.");
-
-#define _SSL_RAND_PSEUDO_BYTES_METHODDEF \
- {"RAND_pseudo_bytes", (PyCFunction)_ssl_RAND_pseudo_bytes, METH_O, _ssl_RAND_pseudo_bytes__doc__},
-
-static PyObject *
-_ssl_RAND_pseudo_bytes_impl(PyObject *module, int n);
-
-static PyObject *
-_ssl_RAND_pseudo_bytes(PyObject *module, PyObject *arg)
-{
- PyObject *return_value = NULL;
- int n;
-
- n = _PyLong_AsInt(arg);
- if (n == -1 && PyErr_Occurred()) {
- goto exit;
- }
- return_value = _ssl_RAND_pseudo_bytes_impl(module, n);
-
-exit:
- return return_value;
-}
-
PyDoc_STRVAR(_ssl_RAND_status__doc__,
"RAND_status($module, /)\n"
"--\n"
#ifndef _SSL_ENUM_CRLS_METHODDEF
#define _SSL_ENUM_CRLS_METHODDEF
#endif /* !defined(_SSL_ENUM_CRLS_METHODDEF) */
-/*[clinic end generated code: output=2a488dd0cbc777df input=a9049054013a1b77]*/
+/*[clinic end generated code: output=9d806f8ff4a06ed3 input=a9049054013a1b77]*/
projects / thirdparty / Python / cpython.git / commitdiff
