diff options
author | Edward Ned Harvey <edward.harvey@conceptblossom.com> | 2014-08-05 11:02:40 -0400 |
---|---|---|
committer | Edward Ned Harvey <edward.harvey@conceptblossom.com> | 2014-08-05 11:02:40 -0400 |
commit | 663cace258c429c13d980aec5c8f40db50ba580b (patch) | |
tree | 1135a0bb7ea9ac2c693372d52206028f8e0a2615 | |
parent | Check point against cofactor after decompression (diff) | |
download | BouncyCastle.NET-ed25519-663cace258c429c13d980aec5c8f40db50ba580b.tar.xz |
use 32 bytes instead of 24 for seed material from ThreadedSeedGenerator
-rw-r--r-- | crypto/src/security/SecureRandom.cs | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/crypto/src/security/SecureRandom.cs b/crypto/src/security/SecureRandom.cs index ac9d98158..9fd7e9e65 100644 --- a/crypto/src/security/SecureRandom.cs +++ b/crypto/src/security/SecureRandom.cs @@ -26,8 +26,12 @@ namespace Org.BouncyCastle.Security gen = new ReversedWindowGenerator(gen, 32); SecureRandom sr = master[0] = new SecureRandom(gen); + // Even though Ticks has at most 8 or 14 bits of entropy, there's no harm in adding it. sr.SetSeed(DateTime.Now.Ticks); - sr.SetSeed(new ThreadedSeedGenerator().GenerateSeed(24, true)); + + // 32 will be enough when ThreadedSeedGenerator is fixed. Until then, ThreadedSeedGenerator returns low + // entropy, and this is not sufficient to be secure. http://www.bouncycastle.org/csharpdevmailarchive/msg00814.html + sr.SetSeed(new ThreadedSeedGenerator().GenerateSeed(32, true)); sr.GenerateSeed(1 + sr.Next(32)); } |