Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

rand_jitter: Discourage use for cryptographic purposes #814

Merged
merged 1 commit into from
Jun 3, 2019

Conversation

vks
Copy link
Collaborator

@vks vks commented Jun 3, 2019

This is a breaking change, because JitterRng no longer implements CryptoRng.

Fixes #699.

This is a breaking change, because `JitterRng` no longer implements
`CryptoRng`.

Fixes rust-random#699.
@dhardy
Copy link
Member

dhardy commented Jun 3, 2019

I checked the book, and there doesn't seem to be anything recommending use of JitterRng for cryptography (though there is plenty that is outdated). The only other mention I see is in rand::rngs module doc but that already mentions security issues. Thus I think this is enough to fix #699.

@dhardy dhardy merged commit cb10a2c into rust-random:master Jun 3, 2019
@tarcieri
Copy link

tarcieri commented Jun 3, 2019

@dhardy thank you!

@dhardy
Copy link
Member

dhardy commented Jun 3, 2019

Thank @vks, he actually implemented this!

@tarcieri
Copy link

tarcieri commented Jun 3, 2019

Thanks @vks! 😄

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

JitterRng security
3 participants