[Development] Someone please fix the remaining qrand cases in SSL code
Giuseppe D'Angelo
giuseppe.dangelo at kdab.com
Wed Jun 14 17:25:31 CEST 2017
Il 12/06/2017 22:45, Thiago Macieira ha scritto:
> I can't submit changes to SSL-related code, so can someone apply the
> equivalent ofhttps://codereview.qt-project.org/191738 to the files listed in
> that commit's message?
There are a couple of problems arising from there:
1) some place has a "TODO: use a CSPRNG". Given the current
QRandomGenerator API, is there a way to know if a CSPRNG is actually
being used or we're falling back to a plain PRNG?
2) a test wants to generate a few MB of random data. Ideally this would
be a no-brainer -- QRandomGenerator plus an engine from the standard
library, but we can't use those engines yet (or can we?). So those
places will need to keep qrand()?
Cheers,
--
Giuseppe D'Angelo | giuseppe.dangelo at kdab.com | Senior Software Engineer
KDAB (UK) Ltd., a KDAB Group company | Tel: UK +44-1625-809908
KDAB - Qt, C++ and OpenGL Experts
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4007 bytes
Desc: Firma crittografica S/MIME
URL: <http://lists.qt-project.org/pipermail/development/attachments/20170614/ae86b651/attachment.bin>
More information about the Development
mailing list