reqwless icon indicating copy to clipboard operation
reqwless copied to clipboard
verified publisher icon drogue-iot

u64 random seed is not enough entropy for TLS.

Open Dirbaio opened this issue 2 months ago • 0 comments

reqwless requests a u64 from the user and uses it to seed a ChaCha8Rng for TLS.

https://github.com/drogue-iot/reqwless/blob/311060f9dcfe065941fa224139786fe3c205e71b/src/client.rs#L157

64 bits is not enough entropy to make TLS secure. The seed should be larger, or ideally the user would pass the RNG directly.

Dirbaio avatar Oct 06 '25 21:10 Dirbaio