[darcs-devel] [patch1732] use cryptonite instead of cryptohash and random

Ben Franksen bugs at darcs.net
Tue Sep 25 20:14:47 UTC 2018


Ben Franksen <ben.franksen at online.de> added the comment:

After reading a bit through the sources of both cryptonite and random 
package I decided that using cryptonite here makes sense. Granted, 
the patch hashes which rely on the system entropy aren't temper proof 
anyway, since they hash only the meta data and not the patch content. 
Still, what the standard implementation of randomRIO uses to seed its 
RNG is really extremely simple minded: it just reads the system 
clock! So if we depend on cryptonite anyway we might as well use its 
high quality system entropy source, if only to discourage future 
contributors from using the function from the random package when it 
might actually hurt us.

I am screening this patch now as it is.

__________________________________
Darcs bug tracker <bugs at darcs.net>
<http://bugs.darcs.net/patch1732>
__________________________________


More information about the darcs-devel mailing list