[Cryptography Team] Re: [squeak-dev]
DigitalSignatureAlgorithm>>#initRandomNonInteractively is not random
Rob Withers
reefedjib at gmail.com
Mon Aug 23 15:09:14 UTC 2010
Hi Chris,
It works really well. The only issue now is the DigitalSignatureAlgorithm
is located in the core squeak image and the changes I made are in the
Cryptography package. It would be nice to fold Cryptography into the core
squeak image, or pull DigitalSignatureAlgorithm out into Cryptography.
Rob
--------------------------------------------------
From: "Chris Muller" <asqueaker at gmail.com>
Sent: Sunday, August 22, 2010 5:35 PM
To: "The general-purpose Squeak developers list"
<squeak-dev at lists.squeakfoundation.org>
Cc: "Squeak Crypto" <cryptography at lists.squeakfoundation.org>
Subject: [Cryptography Team] Re: [squeak-dev]
DigitalSignatureAlgorithm>>#initRandomNonInteractively is not random
> Good, SecureRandom employs its #generateKey method (on the class side)
> to initialize its 'picker' (class-instance var). This was intended to
> serve as a globally usable SecureRandom so that clients like
> DigitalSignatureAlgorithm would not have to define their own.
>
> On Sat, Aug 21, 2010 at 5:30 AM, Rob Withers <reefedjib at gmail.com> wrote:
>> I found a problem with
>> DigitalSignatureAlgorithm>>#initRandomNonInteractively. It is grabbing
>> randomBits from the SoundSystem, but I may not have that installed. It
>> gave
>> me the same bits repeatedly. I modified
>> DigitalSignatureAlgorithm>>#initRandomNonInteractively to not rely on the
>> SoundSystem and instead use SecureRandom. This is published in the
>> Cryptography repository.
>>
>> Rob
>>
>>
> _______________________________________________
> Cryptography mailing list
> Cryptography at lists.squeakfoundation.org
> http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/cryptography
>
More information about the Squeak-dev
mailing list
|