|
Cryptographic weakness on Debian systemsCryptographic weakness on Debian systemsPosted May 13, 2008 16:22 UTC (Tue) by IkeTo (subscriber, #2122)In reply to: Cryptographic weakness on Debian systems by jwb Parent article: Cryptographic weakness on Debian systems
> The patch is only half undone. Oversight? Unlikely. The original intent is quite defensible: if some data is not initialized, you don't know whether it is coming from some attacker, so you shouldn't use it as part of the random number to generate your key. I expect that is the part that is left alone, in the function ssleay_rand_bytes. The "#ifndef PURIFY" macro probably is there because some tools detects that it is using uninitialized data, and would die or produce other ugly result if the code is allowed to run. But the patch change another function ssleay_rand_add as well. I'm wondering whether the buf being passed in is actually the data that it want to add to the random pool. If so, the original removal of line 274 probably drops nearly all randomness that the random number generator can ever obtain.
(Log in to post comments)
|
Copyright © 2008, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds
Powered by Rackspace Managed Hosting.