[Freeipa-devel] [PATCH] [IMPORTANT] Make otptoken use os.urandom() for random data

[Simo Sorce]

On Thu, 2014-06-19 at 12:36 -0400, Nathaniel McCallum wrote:
> This also fixes an error where the default value was not respecting
> the KEY_LENGTH variable.
> 
> (NOTE: the os.urandom() change should not change the security properties
> of the existing code. However, the failure of the previous code to
> respect KEY_LENGTH causes us to violate the RFC.)

LGTM!
I do prefer using os.urandom() directly, as random.SystemRandom uses it
under the hood anyway.

Simo.