From 18009aaf5e1d8a436f251b6f70ac46bcad1ad768 Mon Sep 17 00:00:00 2001 From: Brad King Date: Tue, 21 Mar 2017 11:05:28 -0400 Subject: libarchive: backport rc4 crypto requirement update Backport upstream libarchive commit 70f497f456 (As per Cryptographic Requirements, 2017-03-19). Discard more bytes of the RC4 keystream to reduce the possibility of non-random bytes. --- Utilities/cmlibarchive/libarchive/archive_random.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'Utilities') diff --git a/Utilities/cmlibarchive/libarchive/archive_random.c b/Utilities/cmlibarchive/libarchive/archive_random.c index a20b9b1115..fcea6c6d0b 100644 --- a/Utilities/cmlibarchive/libarchive/archive_random.c +++ b/Utilities/cmlibarchive/libarchive/archive_random.c @@ -222,7 +222,7 @@ arc4_stir(void) * Discard early keystream, as per recommendations in: * "(Not So) Random Shuffles of RC4" by Ilya Mironov. */ - for (i = 0; i < 1024; i++) + for (i = 0; i < 3072; i++) (void)arc4_getbyte(); arc4_count = 1600000; } -- cgit v1.2.1