[Pcsclite-cvs-commit] r4552 - /trunk/PCSC/src/readerfactory.c
rousseau at users.alioth.debian.org
rousseau at users.alioth.debian.org
Tue Nov 17 10:22:20 UTC 2009
Author: rousseau
Date: Tue Nov 17 10:22:20 2009
New Revision: 4552
URL: http://svn.debian.org/wsvn/pcsclite/?sc=1&rev=4552
Log:
RFCreateReaderHandle(): add a comment that a 16-bit random is not secure
enough
Modified:
trunk/PCSC/src/readerfactory.c
Modified: trunk/PCSC/src/readerfactory.c
URL: http://svn.debian.org/wsvn/pcsclite/trunk/PCSC/src/readerfactory.c?rev=4552&op=diff
==============================================================================
--- trunk/PCSC/src/readerfactory.c (original)
+++ trunk/PCSC/src/readerfactory.c Tue Nov 17 10:22:20 2009
@@ -996,6 +996,9 @@
/* Create a random handle with 16 bits check to see if it already is
* used. */
+ /* FIXME: THIS IS NOT STRONG ENOUGH: A 128-bit token should be
+ * generated. The client and server would associate token and hCard
+ * for authentication. */
randHandle = SYS_RandomInt(10, 65000);
while (1)
More information about the Pcsclite-cvs-commit
mailing list