Closed Bug 1263015 Opened 7 years ago Closed 7 years ago

sort out entropy collector and PK11_RandomUpdate situation

Categories

(Core :: Security: PSM, defect)

Product:
Core
Component:
Security: PSM
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED DUPLICATE of bug 883718
Tracking Flags:
Tracking Status
firefox48 --- affected

People

(Reporter: keeler, Unassigned)

Details

(Whiteboard: [psm-backlog]) 

nsIEntropyCollector appears to exist to gather entropy in order to call PK11_RandomUpdate. This works correctly in the parent process, but since the child process doesn't fully instantiate PSM in the same way, this doesn't happen in the child. After some discussion with the NSS team, it appears to be the case that the only real benefit of calling PK11_RandomUpdate is re-seeding the RNG, which is a good idea after forking or doing some sort of checkpoint/restore with a VM. Of course, if we always fork before using NSS (which I believe we do), this isn't necessary. It's also not clear how much we need to support the checkpoint/restore thing.
Oh hey, there's already a bug on this.
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.