You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
can return 3 or less in salt_len, not the expected 4. Based on how often it happens (1-4 times typical per ~500 tries) we're guessing that it's happening when the top 8 bits of the salt happen to be 0, and the value isn't getting zero-padded to 32 bits properly.
Calling the same function with the same values almost always fixes it, but we worry that we're effectively truncating the salt by doing so, since some values are now not possible, thus an attacker would know not to even try them.
This doesn't happen for the same inputs each time, either, which further indicates that it's the library's internal handling of the random numbers that's at fault here, not our call.
The text was updated successfully, but these errors were encountered:
We're seeing a symptom where this code:
can return 3 or less in
salt_len, not the expected 4. Based on how often it happens (1-4 times typical per ~500 tries) we're guessing that it's happening when the top 8 bits of the salt happen to be 0, and the value isn't getting zero-padded to 32 bits properly.Calling the same function with the same values almost always fixes it, but we worry that we're effectively truncating the salt by doing so, since some values are now not possible, thus an attacker would know not to even try them.
This doesn't happen for the same inputs each time, either, which further indicates that it's the library's internal handling of the random numbers that's at fault here, not our call.
The text was updated successfully, but these errors were encountered: