From 79f6c64c58cfb8795fa40b6999a89219ac9f102d Mon Sep 17 00:00:00 2001 From: "Dwayne C. Litzenberger" Date: Mon, 2 Aug 2010 16:58:07 -0400 Subject: getRandomNumber API compatibility: Legrandin's getStrongPrime() patch changed the behaviour of Crypto.Util.number.getRandomNumber() to something that is more like what people would expect, but different from what we did before. This change modifies Crypto.Util.number in the following ways: - Rename getRandomNBitNumber -> getRandomNBitInteger and getRandomNumber -> getRandomInteger - Preserve old behaviour by making getRandomNumber work the same as getRandomNBitInteger. - Emit a DeprecationWarning when the old getRandomNumber is used. --- Doc/pycrypt.rst | 27 ++++++++++++++++++++++++++- 1 file changed, 26 insertions(+), 1 deletion(-) (limited to 'Doc') diff --git a/Doc/pycrypt.rst b/Doc/pycrypt.rst index 2c46d92..4b8114b 100644 --- a/Doc/pycrypt.rst +++ b/Doc/pycrypt.rst @@ -852,7 +852,32 @@ corresponding length; the ``get_bytes()`` method of a ``RandomPool`` object will serve the purpose nicely, as will the ``read()`` method of an opened file such as ``/dev/random``. -**getRandomNumber(N, randfunc)**: +**getStrongPrime(N, e=0, false_positive_prob=1e-6, randfunc=None)**: +Return a random strong ``N``-bit prime number. +In this context p is a strong prime if p-1 and p+1 have at +least one large prime factor. +``N`` should be a multiple of 128 and > 512. + +If ``e`` is provided the returned prime p-1 will be coprime to ``e`` +and thus suitable for RSA where e is the public exponent. + +The optional ``false_positive_prob`` is the statistical probability +that true is returned even though it is not (pseudo-prime). +It defaults to 1e-6 (less than 1:1000000). +Note that the real probability of a false-positive is far less. This is +just the mathematically provable limit. + +``randfunc`` should take a single int parameter and return that +many random bytes as a string. +If randfunc is omitted, then ``Random.new().read`` is used. + +**getRandomNBitInteger(N, randfunc)**: +Return an ``N``-bit random number, using random data obtained from the +function ``randfunc``. As usual, ``randfunc`` must take a single +integer argument and return a string of random data of the +corresponding length. + +**getRandomNBitInteger(N, randfunc)**: Return an ``N``-bit random number, using random data obtained from the function ``randfunc``. As usual, ``randfunc`` must take a single integer argument and return a string of random data of the -- cgit v1.2.1