The random tests are encrypting small blocks of data (the first between 0
and
15 bytes per write, the second between 65 and 128) using the same key and
IV - this is basically the worst case scenario and the byte-at-a-time
algorithm is almost certainly more performant.
However, this is not
I asked insane coder if he could review getentropy(2), and he pointed out
some mistakes and has other suggestions:
http://insanecoding.blogspot.com/2014/05/a-good-idea-with-bad-usage-devurandom.html?showComment=1405248508436#c1490309017011835743
J
It seems that the implementation fails just like described in the blog
post, as soon as ChaCha() is called with a length which is not a multiple
of 64, all further uses of the method produce incorrect results.
Thanks for pointing this out - I've just fixed this in -current. The
underlying
Hello,
After reading the blog post here:
http://insanecoding.blogspot.com/2014/06/avoid-incorrect-chacha20-implementations.html
I went to test the implementation found here:
http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libssl/src/crypto/chacha/
It seems that the implementation fails just like