chiark / gitweb /
~ianmdlvl / vbig.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Use RC4-drop, not RC4
[vbig.git] / vbig.cc
diff --git a/vbig.cc b/vbig.cc
index 53ef6a575c5c69e2346df0db0a196a474f87e4eb..1823dd316aaacba1cc7d1efb7bea0d6d4e300e29 100644 (file)
--- a/vbig.cc
+++ b/vbig.cc
@@ -192,6 +192,9 @@ static long long execute(mode_type mode, bool entire, const char *show) {
     setvbuf(fp, 0, _IONBF, 0);
   char generated[4096], input[4096];
   long long remain = size;
+  static const size_t rc4drop = 3072; // en.wikipedia.org/wiki/RC4#Security
+  assert(rc4drop <= sizeof(generated));
+  rng.stream(generated, rc4drop);
   while(remain > 0) {
     size_t bytesGenerated = (remain > (ssize_t)sizeof generated
                              ? sizeof generated
Unnamed repository; edit this file 'description' to name the repository.