Module Name: src
Committed By: riastradh
Date: Wed Jan 21 02:47:39 UTC 2015
Modified Files:
src/lib/libc/gen: arc4random.c
Log Message:
Use ChaCha20 here as advertised, not ChaCha8.
Oops.
Fortunately, there is no public cryptanalysis even of ChaCha8: the
best published attack is on ChaCha7 with time complexity 2^248.
To generate a diff of this commit:
cvs rdiff -u -r1.27 -r1.28 src/lib/libc/gen/arc4random.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/lib/libc/gen/arc4random.c
diff -u src/lib/libc/gen/arc4random.c:1.27 src/lib/libc/gen/arc4random.c:1.28
--- src/lib/libc/gen/arc4random.c:1.27 Tue Jan 20 18:31:25 2015
+++ src/lib/libc/gen/arc4random.c Wed Jan 21 02:47:39 2015
@@ -1,4 +1,4 @@
-/* $NetBSD: arc4random.c,v 1.27 2015/01/20 18:31:25 christos Exp $ */
+/* $NetBSD: arc4random.c,v 1.28 2015/01/21 02:47:39 riastradh Exp $ */
/*-
* Copyright (c) 2014 The NetBSD Foundation, Inc.
@@ -52,7 +52,7 @@
*/
#include <sys/cdefs.h>
-__RCSID("$NetBSD: arc4random.c,v 1.27 2015/01/20 18:31:25 christos Exp $");
+__RCSID("$NetBSD: arc4random.c,v 1.28 2015/01/21 02:47:39 riastradh Exp $");
#include "namespace.h"
#include "reentrant.h"
@@ -109,7 +109,7 @@ crypto_le32enc(void *p, uint32_t v)
#define crypto_core_KEYBYTES 32
#define crypto_core_CONSTBYTES 16
-#define crypto_core_ROUNDS 8
+#define crypto_core_ROUNDS 20
static uint32_t
rotate(uint32_t u, unsigned c)
