From a675206366435432118e443090d3e08613db6679 Mon Sep 17 00:00:00 2001 From: Victor Stinner Date: Wed, 25 May 2011 11:27:40 +0200 Subject: Issue #12049: Document errors cases of ssl.RAND_bytes() and ssl.RAND_pseudo_bytes(). Add also links to RAND_status and RAND_add. --- Doc/library/ssl.rst | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/Doc/library/ssl.rst b/Doc/library/ssl.rst index 295d007..ca71d20 100644 --- a/Doc/library/ssl.rst +++ b/Doc/library/ssl.rst @@ -164,10 +164,14 @@ Random generation .. function:: RAND_bytes(num) - Returns *num* cryptographically strong pseudo-random bytes. + Returns *num* cryptographically strong pseudo-random bytes. Raises an + :class:`SSLError` if the PRNG has not been seeded with enough data or if the + operation is not supported by the current RAND method. :func:`RAND_status` + can be used to check the status of the PRNG and :func:`RAND_add` can be used + to seed the PRNG. Read the Wikipedia article, `Cryptographically secure pseudorandom number - generator + generator (CSPRNG) `_, to get the requirements of a cryptographically generator. @@ -177,7 +181,8 @@ Random generation Returns (bytes, is_cryptographic): bytes are *num* pseudo-random bytes, is_cryptographic is True if the bytes generated are cryptographically - strong. + strong. Raises an :class:`SSLError` if the operation is not supported by the + current RAND method. Generated pseudo-random byte sequences will be unique if they are of sufficient length, but are not necessarily unpredictable. They can be used -- cgit v0.12