[tor-bugs] #17981 [Tor]: [PATCH] replace getentropy() with arc4random_buf()
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sun Jan 3 05:27:58 UTC 2016
#17981: [PATCH] replace getentropy() with arc4random_buf()
--------------------+---------------------
Reporter: logan | Owner:
Type: defect | Status: new
Priority: Medium | Milestone:
Component: Tor | Version:
Severity: Normal | Resolution:
Keywords: | Actual Points:
Parent ID: | Points:
Sponsor: |
--------------------+---------------------
Comment (by yawning):
NACK.
> getentropy() fills a buffer with high-quality entropy, which can be used
as input for process-context pseudorandom generators like arc4random(3).
The OpenSSL CSPRNG is a process-context pseudorandom generator. #17799's
SHAKE based CSPRNG is a process-context pseudorandom generator, and
neither are normal code, and we really do want raw entropy.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17981#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list