Document that arc4random is not a great cryptographic PRNG.

author Nick Mathewson <nickm@torproject.org>

Mon, 10 Jun 2013 14:38:12 +0000 (10:38 -0400)

committer Nick Mathewson <nickm@torproject.org>

Mon, 10 Jun 2013 14:38:38 +0000 (10:38 -0400)
author Nick Mathewson <nickm@torproject.org>
Mon, 10 Jun 2013 14:38:12 +0000 (10:38 -0400)
committer Nick Mathewson <nickm@torproject.org>
Mon, 10 Jun 2013 14:38:38 +0000 (10:38 -0400)
diff --git a/include/event2/util.h b/include/event2/util.h

index 4b7e8b45fc7d6f9afde4dea8a87ae55174dd26fb..52d58ddc771f4a21add162705ae660eceeb8f491 100644 (file)
--- a/include/event2/util.h
+++ b/include/event2/util.h
@@ -648,9 +648,12 @@ const char *evutil_gai_strerror(int err);
  
  /** Generate n bytes of secure pseudorandom data, and store them in buf.
   *
- * By default, Libevent uses an ARC4-based random number generator, seeded
- * using the platform's entropy source (/dev/urandom on Unix-like systems;
- * CryptGenRandom on Windows).
+ * Current versions of Libevent use an ARC4-based random number generator,
+ * seeded using the platform's entropy source (/dev/urandom on Unix-like
+ * systems; CryptGenRandom on Windows).  This is not actually as secure as it
+ * should be: ARC4 is a pretty lousy cipher, and the current implementation
+ * provides only rudimentary prediction- and backtracking-resistance.  Don't
+ * use this for serious cryptographic applications.
   */
  void evutil_secure_rng_get_bytes(void *buf, size_t n);
author	Nick Mathewson <nickm@torproject.org>
	Mon, 10 Jun 2013 14:38:12 +0000 (10:38 -0400)
committer	Nick Mathewson <nickm@torproject.org>
	Mon, 10 Jun 2013 14:38:38 +0000 (10:38 -0400)