Jeffrey Walton suggested an improvement to this patch. Here's the new version, which I'm now using in pycryptopp and which seems to work fine. I would recommend a patch like this for Crypto++ trunk. If Wei Dai doesn't want to spend the CPU cycles and to eliminate the (questionable) bits of entropy to be found in uninitialized memory, then perhaps we could guard it with some sort of #define like "PURIFY_CLEAN"/"VALGRIND_CLEAN" or "INITIALIZE_RANDPOOL".
Regards, Zooko HACK rgnt1-210-206-dhcp:~/playground/pycryptopp/cryptopp/release-5.6.0- plus-zookopatches$ darcs diff -u -p'initialize the randpool' Thu Jun 4 07:41:58 MDT 2009 [email protected] * initialize the randpool with zeroes instead of using whatever bits were there This makes valgrind stop complaining about using uninitialized memory. There are other ways to make valgrind stop complaining, such as by explicitly telling it "See these here bytes? Pretend from now on that they are initialized.", but I don't like using uninitialized memory for my randpool anyway. If my randpool is broken, I would like for it to start giving the exact same output time after time (or a short cycle, or a selection from a small set, or whatever), so that the users and developers can more quickly detect the problem, rather than rely for my security on the values in the uninitialized memory, which might not be all that unpredictable. diff -rN -u old-release-5.6.0-plus-zookopatches/c5/randpool.cpp new- release-5.6.0-plus-zookopatches/c5/randpool.cpp --- old-release-5.6.0-plus-zookopatches/c5/randpool.cpp 2009-06-04 14:18:46.000000000 -0600 +++ new-release-5.6.0-plus-zookopatches/c5/randpool.cpp 2009-06-04 14:18:46.000000000 -0600 @@ -19,6 +19,8 @@ RandomPool::RandomPool() : m_pCipher(new AES::Encryption), m_keySet(false) { + memset(m_key, 0, m_key.size()); + memset(m_seed, 0, m_seed.SizeInBytes()); } void RandomPool::IncorporateEntropy(const byte *input, size_t length) --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the "Crypto++ Users" Google Group. To unsubscribe, send an email to [email protected]. More information about Crypto++ and this group is available at http://www.cryptopp.com. -~----------~----~----~----~------~----~------~--~---
