summaryrefslogtreecommitdiff
path: root/random/gnupg-random.c
AgeCommit message (Collapse)Author
2016-09-06random: Hash continuous areas in the csprng pool.Justus Winter
* random/gnupg-random.c (mix_pool): Store the first hash at the end of the pool. -- This fixes a long standing bug (since 1998) in Libgcrypt and GnuPG. An attacker who obtains 580 bytes of the random number from the standard RNG can trivially predict the next 20 bytes of output. The bug was found and reported by Felix Dörre and Vladimir Klebanov, Karlsruhe Institute of Technology. A paper describing the problem in detail will shortly be published. This is a port of c6dbfe89 from the GnuPG classic branch. CVE-id: CVE-2016-6313
2015-12-29fix compiler warnings in hurd/randomFlavio Cruz
random: Fix compiler warnings. * random/gnupg-random.c: Use byte instead of char. * random/gnupg-rmd.h (rmd160_mixblock): Use byte instead of char. * random/gnupg-rmd.c (rmd160_mixblock): Likewise. * random/gnupg-rmd.c: Place #ifdef __HURD__ earlier to avoid warnings.
2015-01-04random: fix typoJustus Winter
* random/gnupg-random.c (read_pool): Fix typo in comment.
2015-01-03misc: Fix typos in comments (found by codespell)Stefan Weil
Signed-off-by: Stefan Weil <sw@weilnetz.de>
2014-06-09Prepare the random translator to be merged into the Hurd sourcesJustus Winter
Move the random translator to its own subdirectory 'random'. This is the last commit to this repository. Development of the random translator will continue in the main Hurd repository.
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-15 10:03:44 +0000