[tor-bugs] #17981 [Tor]: [PATCH] replace getentropy() with arc4random_buf()

Tor Bug Tracker & Wiki blackhole at torproject.org
Sun Jan 3 06:02:28 UTC 2016


#17981: [PATCH] replace getentropy() with arc4random_buf()
--------------------+------------------------------------
 Reporter:  logan   |          Owner:
     Type:  defect  |         Status:  needs_review
 Priority:  Medium  |      Milestone:  Tor: 0.2.8.x-final
Component:  Tor     |        Version:
 Severity:  Normal  |     Resolution:
 Keywords:          |  Actual Points:
Parent ID:          |         Points:
  Sponsor:          |
--------------------+------------------------------------

Comment (by yawning):

 For what it's worth, nickm's shake_prng_v3 branch uses `arc4random_buf()`
 as a secondary entropy source in addition to the current syscall based
 entropy, so it duplicates this functionality in what I view as a more
 appropriate manner.

 Tor is just tricky and rather paranoid, and hasn't ever really fit the
 definition of "normal code".

 nb: I'll defer to nickm's opinion on this matter should we happen to
 disagree.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17981#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list