Skip to content

u64 random seed is not enough entropy for TLS. #123

Open
Open
u64 random seed is not enough entropy for TLS.#123
@Dirbaio

Description

@Dirbaio
Dirbaio
opened on Oct 6, 2025

reqwless requests a u64 from the user and uses it to seed a ChaCha8Rng for TLS.

reqwless/src/client.rs

Line 157 in 311060f

let mut rng = ChaCha8Rng::seed_from_u64(tls.seed);

64 bits is not enough entropy to make TLS secure. The seed should be larger, or ideally the user would pass the RNG directly.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions