3

Im writing my own version of ssl and in order to create a master key, I need to create 2 random numbers of 16 bytes and xor them. can someone help me doing so?

jww
  • 97,681
  • 90
  • 411
  • 885
ransar
  • 41
  • 1
  • 1
  • 3
  • 1
    [How random do they need to be](http://www.bishopfox.com/blog/2012/03/ssl-key-generation-weaknesses/)? – Peter Wood Jul 11 '15 at 07:28
  • Possible duplicate of [How to generate random number with the specific length in python](http://stackoverflow.com/q/2673385) or [Bitwise XOR of hex numbers in python](http://stackoverflow.com/questions/11119632/bitwise-xor-of-hex-numbers-in-python). If you don't know how to perform an XOR, do you really think its a good idea to write a TLS library? – jww Jul 11 '15 at 19:27

3 Answers3

7

i hope you do this for scientific purposes... ssl is huge. and - as always in crypto - a lot can go wrong with an implementation... good luck! but as an effort to study/improve e.g. openssl, that would be a very welcome effort!

generating random bytes:

starting from python 3.6 there is the secrets module in python. secrets.token_bytes(16) will output 16 random bytes.

from secrets import token_bytes
print(token_bytes(16))

for python <= 3.5:

import os
print(os.urandom(16))

xoring bytes

in order to xor the bytes a and b (which both have length 16)

byteorder = "little"
bytesize = 16
tmp_int = int.from_bytes(a, byteorder) ^ int.from_bytes(b, byteorder)
return tmp_int.to_bytes(16, byteorder)
hiro protagonist
  • 44,693
  • 14
  • 86
  • 111
2

What about

int(os.urandom(16).encode('hex'),16) ^ int(os.urandom(16).encode('hex'),16)
jimijimjim
  • 585
  • 5
  • 11
1

It is often operating system and computer (i.e. hardware) specific.

On Linux, you could use /dev/random (read 16 bytes from it) but read random(4) first.

Be very careful, it is a very sensitive issue and a lot of things can go silently wrong.

BTW, I don't think that rewriting SSL from scratch is reasonable (except for learning purposes).

Basile Starynkevitch
  • 223,805
  • 18
  • 296
  • 547