[Tor-BSD] Recognizing Randomness Exhaustion

Miod Vallat miod at online.fr
Thu Jan 1 14:37:03 EST 2015


> > I should have also specified that I didn't just go ahead and enable them
> > because I wasn't sure if they're considered safe. I like abiding by
> > OpenBSD's crypto best practices when possible.
> > 
> > Is there any reason why they're disabled by default?
> 
> Compiler bugs generate incorrect code for 128 bit integers.

In slightly more words, we have tried enabling this code, and found out
the hard way that, when compiled by the system compiler under OpenBSD,
it would generate slightly wrong code, and cause computations to be
subtly wrong.

Until someone spends enough time checking the various compiler versions
around to check which are safe to use, and which are not, this code will
remain disabled in LibreSSL.

Miod


More information about the Tor-BSD mailing list