[darcs-devel] [patch1732] use cryptonite instead of cryptohash and random
Ben Franksen
bugs at darcs.net
Tue Sep 25 20:14:47 UTC 2018
Ben Franksen <ben.franksen at online.de> added the comment:
After reading a bit through the sources of both cryptonite and random
package I decided that using cryptonite here makes sense. Granted,
the patch hashes which rely on the system entropy aren't temper proof
anyway, since they hash only the meta data and not the patch content.
Still, what the standard implementation of randomRIO uses to seed its
RNG is really extremely simple minded: it just reads the system
clock! So if we depend on cryptonite anyway we might as well use its
high quality system entropy source, if only to discourage future
contributors from using the function from the random package when it
might actually hurt us.
I am screening this patch now as it is.
__________________________________
Darcs bug tracker <bugs at darcs.net>
<http://bugs.darcs.net/patch1732>
__________________________________
More information about the darcs-devel
mailing list