public/pysim
1
0
Fork 1
mirror of https://gitea.osmocom.org/sim-card/pysim.git synced 2026-06-24 17:04:13 +03:00
Code Issues Packages Projects Releases Wiki Activity

param_source: use random.SystemRandom as random nr source

Browse Source 
Python's random module uses a PRNG (Mersenne Twister) which is
utterly insecure for key generation - it was so far only used for
testing.  Replace it with random.SystemRandom(), which draws from
/dev/urandom and is suitable for generating cryptographic key material.

Change-Id: I6de38c14ac6dd55bc84d53974192509c18d02bfa
Jenkins: skip-card-test
This commit is contained in:
Neels Hofmeyr
2025-08-05 00:20:21 +02:00
committed by Vadim Yanitskiy
parent b5ba274583
commit 512aba8b1d
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
pySim/esim/saip/param_source.py
+1 -1
View File
@@ -124,7 +124,7 @@ class DecimalRangeSource(InputExpandingParamSource):
return "%0*d" % (self.num_digits, val) # pylint: disable=consider-using-f-string return "%0*d" % (self.num_digits, val) # pylint: disable=consider-using-f-string
class RandomSourceMixin: class RandomSourceMixin:
random_impl = random # TODO secure random source? random_impl = random.SystemRandom()
class RandomDigitSource(DecimalRangeSource, RandomSourceMixin): class RandomDigitSource(DecimalRangeSource, RandomSourceMixin):
"""return a different sequence of random decimal digits each""" """return a different sequence of random decimal digits each"""