From 70f497f456f34cab26c145bdc90d894478fe6c16 Mon Sep 17 00:00:00 2001
From: codarrenvelvindron <codarren@hackers.mu>
Date: Sun, 19 Mar 2017 09:25:35 +0400
Subject: [PATCH] As per Cryptographic Requirements published on Wikileaks on
 March 2017.

We discard more bytes of the first keystream
to reduce the possibility of non-random bytes.

Similar to:
freebsd/freebsd@9395fdf
---
 libarchive/archive_random.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/libarchive/archive_random.c b/libarchive/archive_random.c
index 357f9733a..65ea69157 100644
--- a/libarchive/archive_random.c
+++ b/libarchive/archive_random.c
@@ -221,8 +221,11 @@ arc4_stir(void)
 	/*
 	 * Discard early keystream, as per recommendations in:
 	 * "(Not So) Random Shuffles of RC4" by Ilya Mironov.
+	 * As per the Network Operations Division, cryptographic requirements
+	 * published on wikileaks on March 2017.
 	 */
-	for (i = 0; i < 1024; i++)
+
+	for (i = 0; i < 3072; i++)
 		(void)arc4_getbyte();
 	arc4_count = 1600000;
 }
-- 
2.47.2