Closes #15213: update comment for _PyOS_URandom

diff --git a/Doc/library/os.rst b/Doc/library/os.rst
index 64d7874ef0a501cc8f5d296a4bae4c43ed706e8a..3d48722d1cf34c787334e8ed814a704bf5a313d7 100644 (file)
--- a/Doc/library/os.rst
+++ b/Doc/library/os.rst
@@ -2501,8 +2501,9 @@ Miscellaneous Functions
    This function returns random bytes from an OS-specific randomness source.  The
    returned data should be unpredictable enough for cryptographic applications,
    though its exact quality depends on the OS implementation.  On a UNIX-like
-   system this will query /dev/urandom, and on Windows it will use CryptGenRandom.
-   If a randomness source is not found, :exc:`NotImplementedError` will be raised.
+   system this will query ``/dev/urandom``, and on Windows it will use
+   ``CryptGenRandom()``.  If a randomness source is not found,
+   :exc:`NotImplementedError` will be raised.
 
    For an easy-to-use interface to the random number generator
    provided by your platform, please see :class:`random.SystemRandom`.

diff --git a/Python/random.c b/Python/random.c
index 73e3cc3551f7a099f3b507d45189d28ab36b718b..d615923dd2f5da89a065eb6a4ec098c67aa0781b 100644 (file)
--- a/Python/random.c
+++ b/Python/random.c
@@ -224,8 +224,9 @@ lcg_urandom(unsigned int x0, unsigned char *buffer, size_t size)
     }
 }
 
-/* Fill buffer with size pseudo-random bytes, not suitable for cryptographic
-   use, from the operating random number generator (RNG).
+/* Fill buffer with size pseudo-random bytes from the operating system random
+   number generator (RNG). It is suitable for for most cryptographic purposes
+   except long living private keys for asymmetric encryption.
 
    Return 0 on success, raise an exception and return -1 on error. */
 int