Im writing my own version of ssl and in order to create a master key, I need to create 2 random numbers of 16 bytes and xor them. can someone help me doing so?
Asked
Active
Viewed 8,616 times
3
-
1[How random do they need to be](http://www.bishopfox.com/blog/2012/03/ssl-key-generation-weaknesses/)? – Peter Wood Jul 11 '15 at 07:28
-
Possible duplicate of [How to generate random number with the specific length in python](http://stackoverflow.com/q/2673385) or [Bitwise XOR of hex numbers in python](http://stackoverflow.com/questions/11119632/bitwise-xor-of-hex-numbers-in-python). If you don't know how to perform an XOR, do you really think its a good idea to write a TLS library? – jww Jul 11 '15 at 19:27
3 Answers
6
i hope you do this for scientific purposes... ssl is huge. and - as always in crypto - a lot can go wrong with an implementation... good luck!
import os
print(os.urandom(16))
but as an effort to study/improve e.g. openssl, that would be a very welcome effort!
hiro protagonist
- 40,708
- 13
- 78
- 98
-
its just a little project I got... little vbersion of ssl, nothing huge. thanks alot! – ransar Jul 11 '15 at 08:13
2
What about
int(os.urandom(16).encode('hex'),16) ^ int(os.urandom(16).encode('hex'),16)
jimijimjim
- 575
- 6
- 11
1
It is often operating system and computer (i.e. hardware) specific.
On Linux, you could use /dev/random (read 16 bytes from it) but read random(4) first.
Be very careful, it is a very sensitive issue and a lot of things can go silently wrong.
BTW, I don't think that rewriting SSL from scratch is reasonable (except for learning purposes).
Basile Starynkevitch
- 216,767
- 17
- 275
- 509