From ce3ebfb50fa16e1548fd1cccfba4a24ae26441fa Mon Sep 17 00:00:00 2001 From: Frazer McLean Date: Sat, 22 Aug 2015 18:30:28 +0200 Subject: [PATCH] Remove random_util, use os.urandom instead. https://github.com/Roguelazer/onepasswordpy/issues/9 --- onepassword/padding.py | 4 ++-- onepassword/random_util.py | 38 -------------------------------------- tests/unit/random_tests.py | 24 ------------------------ 3 files changed, 2 insertions(+), 64 deletions(-) delete mode 100644 onepassword/random_util.py delete mode 100644 tests/unit/random_tests.py diff --git a/onepassword/padding.py b/onepassword/padding.py index f53a684..e401bf7 100644 --- a/onepassword/padding.py +++ b/onepassword/padding.py @@ -1,4 +1,4 @@ -from . import random_util +import os import six @@ -24,7 +24,7 @@ def pkcs5_unpad(string): return string[:-amount_of_padding] -def ab_pad(string, block_size=16, random_generator=random_util.sort_of_random_bytes): +def ab_pad(string, block_size=16, random_generator=os.urandom): """AgileBits custom pad a string to the given block size Arguments: diff --git a/onepassword/random_util.py b/onepassword/random_util.py deleted file mode 100644 index f186bbb..0000000 --- a/onepassword/random_util.py +++ /dev/null @@ -1,38 +0,0 @@ -"""Random sources""" - -import os -import random - -import six - - -# If someone's truly paranoid and wants to contribute -# code that knows how to talk to an EGD for really really -# strong randomness, I would not say no to that. but it's -# almost always safer/smarter to just use /dev/random and -# trust that your sysadmin knows how to use the EGD - - -def really_random_bytes(l): - """Return bytes that should be cryptographically strong (generally, a - PRNG regularly seeded with real-world entropy""" - with open("/dev/random", "rb") as f: - return f.read(l) - - -def sort_of_random_bytes(l): - """Return bytes that may be cryptographically strong or may be - PRNG-based depending on the operating system status""" - return os.urandom(l) - - -def barely_random_bytes(l): - """Return bytes that appear random but are not cryptographically - strong""" - return b''.join(six.int2byte(random.randrange(0, 255)) for b in six.moves.range(l)) - - -def not_random_bytes(l): - """Return bytes that are not at all random, but suitable for use as - testing filler""" - return b''.join(six.int2byte(x % 255) for x in six.moves.range(l)) diff --git a/tests/unit/random_tests.py b/tests/unit/random_tests.py deleted file mode 100644 index 9f6bb50..0000000 --- a/tests/unit/random_tests.py +++ /dev/null @@ -1,24 +0,0 @@ -from unittest2 import TestCase -from onepassword import random_util - - -class RandomTestCase(TestCase): - # just make sure that all of the functions return the right number - # of bytes for now - BYTES = 512 - - def test_not_random(self): - bytez = random_util.not_random_bytes(self.BYTES) - self.assertEqual(len(bytez), self.BYTES) - - def test_barely_random(self): - bytez = random_util.barely_random_bytes(self.BYTES) - self.assertEqual(len(bytez), self.BYTES) - - def test_sort_of_random(self): - bytez = random_util.sort_of_random_bytes(self.BYTES) - self.assertEqual(len(bytez), self.BYTES) - - def test_really_random(self): - bytez = random_util.really_random_bytes(self.BYTES) - self.assertEqual(len(bytez), self.BYTES)