[pycrypto] Run test suite with /dev/random
Dwayne C. Litzenberger
dlitz at dlitz.net
Fri Jan 13 10:07:51 CST 2012
On Mon, Jan 02, 2012 at 05:08:32AM +0100, Sebastian Ramacher wrote:
>I'm facing the following issue: in the Debian package of pycrypto we build
>pycrypto for Python 2.6, 2.7 and 3.1 and the debug variants. For all these
>versions and variants the test suite is run during the build. This works fine
>except on the GNU/Hurd build system . There the test suite succeeds for Py
>2.6, 2.7 but fails for Py 3.2 because the system runs out of entropy.
>I see two options to fix the issue on the Debian side:
> * Disable the test suite on GNU/Hurd.
> * Replace every occurrence of /dev/urandom with /dev/random and run the
> test suite with /dev/random.
>I don't like either of these two options. I'd rather prefer an option to
>specify the random number generator that should be used for the test
>suite. But before implementing such an option I'd like to know if this
>has any chance to be accepted into pycrypto.
Not likely. This looks like a HURD bug that should be fixed in HURD.
Historically, /dev/random and /dev/urandom were OS-specific, but as far as
I'm aware, all of the other modern Unix-like systems have converged on one
- /dev/urandom always returns as many cryptographically-secure random bytes
as you request
- /dev/random either behaves exactly like /dev/urandom, or it does "entropy
estimation" (which is silly, IMHO) and blocks whenever the estimate
Notably, /dev/urandom behaves exactly the same on every system where it
exists---except, apparently, on HURD. What good reason could there
possibly be for HURD to be incompatible here? Why should all *nix
developers have to write a HURD-specific protocol switch in their
I'm not interested in patches that encourage such madness. It would better
for you to spend your effort fixing HURD's /dev/urandom implementation.
Dwayne C. Litzenberger <dlitz at dlitz.net>
OpenPGP: 19E1 1FE8 B3CF F273 ED17 4A24 928C EC13 39C2 5CF7
More information about the pycrypto