Closed
Bug 454313
Opened 16 years ago
Closed 16 years ago
PR_GetRandomNoise should be reimplemented to read from /dev/urandom
Categories
(NSPR :: NSPR, defect)
NSPR
NSPR
Tracking
(Not tracked)
RESOLVED
DUPLICATE
of bug 455829
People
(Reporter: wtc, Assigned: wtc)
Details
PR_GetRandomNoise was originally intended to replace the platform-specific code in NSS's lib/freebl/{unix_rand.c, win_rand.c}. Unfortunately, this has two problems. The first is an implementation problem. The second is an API design problem. 1. The current implementation of PR_GetRandomNoise doesn't try hard enough, so on most platforms it merely returns a high-resolution timestamp. 2. Users misunderstand the purpose of PR_GetRandomNoise (for seeding a PRNG), and use PR_GetRandomNoise as a PRNG. See http://mxr.mozilla.org/mozilla-central/ident?i=PR_GetRandomNoise I am afraid that the solution is to deprecate PR_GetRandomNoise, and reimplement it to read from /dev/urandom. If you have better ideas, please let me know.
Assignee | ||
Updated•16 years ago
|
OS: Windows XP → All
Hardware: PC → All
Comment 1•16 years ago
|
||
Wan-Teh, do you consider this bug to be a vulnerability that should be kept secret until it is fixed? I asked because that is the meaning of the "Security Sensitive Core bug" flag that you apparently set on this bug when you filed it.
Assignee | ||
Comment 2•16 years ago
|
||
The security vulnerability is in the applications that incorrectly use PR_GetRandomNoise as a secure PRNG. Unfortunately we don't have a mailing list similar to security-group@mozilla.org for notifying NSPR users of potential security issues. So I marked this bug as securiy-sensitive. Our documentation at http://developer.mozilla.org/en/NSPR_API_Reference/Random_Number_Generator actually describes the purpose of this function correctly, but some users still use this function as a PRNG.
Comment 3•16 years ago
|
||
See bug 455829 comment 9 for a summary of Mozilla callers of this function. This bug looks to be a duplicate of that one.
Updated•16 years ago
|
Status: NEW → RESOLVED
Closed: 16 years ago
Resolution: --- → DUPLICATE
Updated•15 years ago
|
Group: core-security
You need to log in
before you can comment on or make changes to this bug.
Description
•