From patchwork Thu Mar 16 19:57:27 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Loganaden Velvindron X-Patchwork-Id: 739963 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from helium.openadk.org (helium.openadk.org [IPv6:2a00:1828:2000:679::23]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 3vkfQk0MVKz9rxw for ; Fri, 17 Mar 2017 06:57:48 +1100 (AEDT) Received: from helium.openadk.org (localhost [IPv6:::1]) by helium.openadk.org (Postfix) with ESMTP id A05A410066; Thu, 16 Mar 2017 20:57:45 +0100 (CET) X-Original-To: devel@uclibc-ng.org Delivered-To: devel@helium.openadk.org Received: from walmailout03.yourhostingaccount.com (walmailout03.yourhostingaccount.com [65.254.253.25]) by helium.openadk.org (Postfix) with ESMTPS id 856B110066 for ; Thu, 16 Mar 2017 20:57:44 +0100 (CET) Received: from mailscan14.yourhostingaccount.com ([10.1.15.14] helo=walmailscan14.yourhostingaccount.com) by walmailout03.yourhostingaccount.com with esmtp (Exim) id 1cobWo-0006q8-RC for devel@uclibc-ng.org; Thu, 16 Mar 2017 15:57:42 -0400 Received: from [10.114.3.33] (helo=walimpout13) by walmailscan14.yourhostingaccount.com with esmtp (Exim) id 1cobWo-00022d-Pe for devel@uclibc-ng.org; Thu, 16 Mar 2017 15:57:42 -0400 Received: from walauthsmtp09.yourhostingaccount.com ([10.1.18.9]) by walimpout13 with id wjxf1u00D0BkWne01jxinC; Thu, 16 Mar 2017 15:57:42 -0400 X-Authority-Analysis: v=2.1 cv=Q71c4uGa c=1 sm=1 tr=0 a=6Nsp9XPxgQEopsMv/m97rg==:117 a=WHNmDfeGQOY4APh2GjLlVA==:17 a=L9H7d07YOLsA:10 a=9cW_t1CCXrUA:10 a=s5jvgZ67dGcA:10 a=kj9zAlcOel0A:10 a=6Iz7jQTuP9IA:10 a=6I5d2MoRAAAA:8 a=yIfbXyKrAAAA:8 a=tlVbRNvhIeAebJfROVcA:9 a=CjuIK1q_8ugA:10 a=IjZwj45LgO3ly-622nXo:22 a=gAZuYHTgtdx8AbkcJ_XD:22 Received: from [197.226.251.178] (port=28542 helo=hackers.mu) by walauthsmtp09.yourhostingaccount.com with esmtpsa (TLSv1.2:AES256-GCM-SHA384:256) (Exim) id 1cobWj-0006xA-Dn for devel@uclibc-ng.org; Thu, 16 Mar 2017 15:57:39 -0400 Date: Thu, 16 Mar 2017 23:57:27 +0400 From: Loganaden Velvindron To: devel@uclibc-ng.org Message-ID: <20170316195727.qegpahg2jgvr33il@hackers.mu> MIME-Version: 1.0 Content-Disposition: inline User-Agent: Mutt/1.6.2-neo (2016-08-21) X-EN-UserInfo: 95196899299f09adc0d28ca7f13e46bb:931c98230c6409dcc37fa7e93b490c27 X-EN-AuthUser: logan@hackers.mu X-EN-OrigIP: 197.226.251.178 X-EN-OrigHost: unknown Subject: [uclibc-ng-devel] [PATCH] Discard 3072 bytes instead of 256 bytes X-BeenThere: devel@uclibc-ng.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: uClibc-ng Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: devel-bounces@uclibc-ng.org Sender: "devel" This follows the recommendations outlined in Network Operations Division Cryptographic Requirements published on wikileaks on March 2017. We discard more bytes of the first keystream to reduce possibility of non-random bytes. This is similar to a change in FreeBSD: https://svnweb.freebsd.org/base?view=revision&revision=315225 Signed-off-by: Loganaden Velvindron --- libc/stdlib/arc4random.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/libc/stdlib/arc4random.c b/libc/stdlib/arc4random.c index 0013612..8b62931 100644 --- a/libc/stdlib/arc4random.c +++ b/libc/stdlib/arc4random.c @@ -153,9 +153,10 @@ arc4_stir(struct arc4_stream *as) /* * Discard early keystream, as per recommendations in: - * http://www.wisdom.weizmann.ac.il/~itsik/RC4/Papers/Rc4_ksa.ps + * Network Operations Division Cryptographic requirements + * published on wikileaks on march 2017 */ - for (n = 0; n < 256; n++) + for (n = 0; n < 3072; n++) (void)arc4_getbyte(as); arc4_count = 1600000; }