From 708164b0b9ce46b411620c4e6d8fa7b931a3dc4b Mon Sep 17 00:00:00 2001 From: Ben Wiederhake Date: Sat, 25 Jul 2020 17:25:28 +0200 Subject: [PATCH] LibCrypto: Already using strong crypto ModularFunctions::random_number calls into AK::fill_with_random calls (on Serenity) into arc4random_buf calls into Process::sys calls into get_good_random_bytes, which is cryptographically secure. --- Libraries/LibCrypto/NumberTheory/ModularFunctions.h | 1 - 1 file changed, 1 deletion(-) diff --git a/Libraries/LibCrypto/NumberTheory/ModularFunctions.h b/Libraries/LibCrypto/NumberTheory/ModularFunctions.h index 7d31f666ac..afd97a107c 100644 --- a/Libraries/LibCrypto/NumberTheory/ModularFunctions.h +++ b/Libraries/LibCrypto/NumberTheory/ModularFunctions.h @@ -311,7 +311,6 @@ static UnsignedBigInteger random_number(const UnsignedBigInteger& min, const Uns ASSERT(min < max); auto range = max.minus(min); UnsignedBigInteger base; - // FIXME: Need a cryptographically secure rng auto size = range.trimmed_length() * sizeof(u32); u8 buf[size]; AK::fill_with_random(buf, size);