From: codarrenvelvindron <codarren@hackers.mu>
Date: Sun, 19 Mar 2017 05:25:35 +0000 (+0400)
Subject: As per Cryptographic Requirements published on Wikileaks on March 2017.
X-Git-Tag: v3.3.2~46^2
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=refs%2Fpull%2F887%2Fhead;p=thirdparty%2Flibarchive.git

As per Cryptographic Requirements published on Wikileaks on March 2017.

We discard more bytes of the first keystream
to reduce the possibility of non-random bytes.

Similar to:
freebsd/freebsd@9395fdf
---

diff --git a/libarchive/archive_random.c b/libarchive/archive_random.c
index 357f9733a..65ea69157 100644
--- a/libarchive/archive_random.c
+++ b/libarchive/archive_random.c
@@ -221,8 +221,11 @@ arc4_stir(void)
 	/*
 	 * Discard early keystream, as per recommendations in:
 	 * "(Not So) Random Shuffles of RC4" by Ilya Mironov.
+	 * As per the Network Operations Division, cryptographic requirements
+	 * published on wikileaks on March 2017.
 	 */
-	for (i = 0; i < 1024; i++)
+
+	for (i = 0; i < 3072; i++)
 		(void)arc4_getbyte();
 	arc4_count = 1600000;
 }