Re: Bug#754513: ITP: libressl -- SSL library, forked from OpenSSL
Oh, and note that OpenSSH Portable uses RAND_bytes from libssl to seed
its arc4random implementation.
So AFAICT if you were to link OpenSSH Portable against LibreSSL
Portable, it would get really crazy:
/dev/urandom or sysctl or scary fallback ->
LibreSSL Portable getentropy ->
LibreSSL Portable arc4random.c (ChaCha-20) ->
LibreSSL RAND_bytes ->
OpenSSH Portable arc4random.c (ChaCha-20) ->
OpenSSH
with the stream cipher, seeding and stirring all happening twice.
So I really like the idea of both getting an arc4random implementation
from one place, such as libbsd.
Regards,
--
Steven Chamberlain
steven@pyro.eu.org
Reply to: