[dpdk-dev] [PATCH v1 1/1] examples/l2fwd-crypto: improve random key generator

Declan Doherty declan.doherty at intel.com
Wed Jul 13 17:54:18 CEST 2016

Previous message: [dpdk-dev] [PATCH v1 1/1] examples/l2fwd-crypto: improve random key generator
Next message: [dpdk-dev] [PATCH v1 1/1] examples/l2fwd-crypto: improve random key generator
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 07/11/2016 03:17 PM, Thomas Monjalon wrote:
> 2016-06-08 07:46, Azarewicz, PiotrX T:
>>> 2016-05-25 15:34, Piotr Azarewicz:
>>>> This patch improve generate_random_key() function by replacing rand()
>>>> function with reading from /dev/urandom.
>>>>
>>>> CID 120136 : Calling risky function (DC.WEAK_CRYPTO)
>>>> dont_call: rand should not be used for security related applications,
>>>> as linear congruential algorithms are too easy to break
>>>>
>>>> Coverity issue: 120136
>>>>
>>>> Signed-off-by: Piotr Azarewicz <piotrx.t.azarewicz at intel.com>
>>>
>>> Is it relevant for this example?
>>
>> Maybe not. But it don't break anything, and in the end make Coverity tool happy.
>>
>> Declan, please share your opinion.
>
> Declan?
>

sorry I'm missed this thread. While not strictly necessary for the 
example app, I don't see a problem applying it, as coverity points out 
it is a bad idea to use rand() for crypto purposes.

Declan

Previous message: [dpdk-dev] [PATCH v1 1/1] examples/l2fwd-crypto: improve random key generator
Next message: [dpdk-dev] [PATCH v1 1/1] examples/l2fwd-crypto: improve random key generator
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the dev mailing list