Makes sense -- but perhaps justify the arc4random with a comment,
explaining what is being done, so that people don't need to look
in the commitlog?
Ted Unangst wrote:
> In the event that a program uses invalid parameters, I think we should
> overwrite the key with random data. Otherwise, there'
In the event that a program uses invalid parameters, I think we should
overwrite the key with random data. Otherwise, there's a chance the program
will continue with a zero key. It may even appear to work, encrypting and
decrypting data, but with a weak key. Random data means it fails closed, and
s
