Closes #15213: update comment for _PyOS_URandom

diff --git a/Doc/library/os.rst b/Doc/library/os.rst
index ee378a6b15774478049c9c147b22b034e58c2e87..9d4642c2d5827175f2e2f8544a87038a8c442d6c 100644 (file)
--- a/Doc/library/os.rst
+++ b/Doc/library/os.rst
@@ -3306,8 +3306,9 @@ Miscellaneous Functions
    This function returns random bytes from an OS-specific randomness source.  The
    returned data should be unpredictable enough for cryptographic applications,
    though its exact quality depends on the OS implementation.  On a Unix-like
-   system this will query /dev/urandom, and on Windows it will use CryptGenRandom.
-   If a randomness source is not found, :exc:`NotImplementedError` will be raised.
+   system this will query ``/dev/urandom``, and on Windows it will use
+   ``CryptGenRandom()``.  If a randomness source is not found,
+   :exc:`NotImplementedError` will be raised.
 
    For an easy-to-use interface to the random number generator
    provided by your platform, please see :class:`random.SystemRandom`.

diff --git a/Python/random.c b/Python/random.c
index e5caa828b555b0df308db8410dafe117a14121ce..337be8608740fc97ff7d20b9f6273bcf30f33521 100644 (file)
--- a/Python/random.c
+++ b/Python/random.c
@@ -224,8 +224,9 @@ lcg_urandom(unsigned int x0, unsigned char *buffer, size_t size)
     }
 }
 
-/* Fill buffer with size pseudo-random bytes, not suitable for cryptographic
-   use, from the operating random number generator (RNG).
+/* Fill buffer with size pseudo-random bytes from the operating system random
+   number generator (RNG). It is suitable for for most cryptographic purposes
+   except long living private keys for asymmetric encryption.
 
    Return 0 on success, raise an exception and return -1 on error. */
 int