From 1d733808c3182ddcdb02af1b2e2c3c0f282ef28a Mon Sep 17 00:00:00 2001 From: Simon Tatham Date: Sun, 5 May 2019 20:43:16 +0100 Subject: [PATCH] Missing piece of the previous commit. Ahem. I was sure I'd hit save! --- unix/gtkask.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/unix/gtkask.c b/unix/gtkask.c index 4e741203..064e3f18 100644 --- a/unix/gtkask.c +++ b/unix/gtkask.c @@ -80,6 +80,13 @@ static void cleanup_keypress_prng(void) } static int choose_new_area(int prev_area) { + /* + * Don't actually put the passphrase keystrokes themselves into + * the PRNG; that doesn't seem like the course of wisdom when + * that's precisely what the information displayed on the screen + * is trying _not_ to be correlated to. + */ + noise_ultralight(NOISE_SOURCE_KEY, 0); uint8_t data[8]; prng_read(keypress_prng, data, 8); uint64_t randval = GET_64BIT_MSB_FIRST(data);