From 34abb9209e4781f9c273284b1d81c5279163e93c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Niels=20M=C3=B6ller?= <nisse@lysator.liu.se>
Date: Mon, 8 Oct 2001 22:36:10 +0200
Subject: [PATCH] * yarrow256.c (yarrow_fast_reseed): New function.
 (yarrow_slow_reseed): New function. (yarrow256_update): Check seed/reseed
 thresholds. (yarrow_gate): New function, extracted from
 yarrow_generate_block_with_gate which was deleted.
 (yarrow_generate_block_with_gate): Deleted function. (yarrow256_random):
 Don't buffer any output, instead gate after each request.

Rev: src/nettle/yarrow256.c:1.4
---
 yarrow256.c | 60 +++++++++++------------------------------------------
 1 file changed, 12 insertions(+), 48 deletions(-)

diff --git a/yarrow256.c b/yarrow256.c
index de924c35..3be5b29a 100644
--- a/yarrow256.c
+++ b/yarrow256.c
@@ -61,9 +61,6 @@ yarrow256_init(struct yarrow256_ctx *ctx,
 
   ctx->seeded = 0;
 
-  /* Means that we have no buffered output */
-  ctx->index = sizeof(ctx->buffer);
-  
   ctx->nsources = n;
   ctx->sources = s;
 }
@@ -144,9 +141,6 @@ yarrow256_update(struct yarrow256_ctx *ctx,
 
   sha256_update(&ctx->pools[current], length, data);
  
-  /* FIXME: Use different counters for fast and slow poll? Or a total
-   * for fast poll, and individual for slow poll? */
-
   /* NOTE: We should be careful to avoid overflows in the estimates. */
   if (source->estimate[current] < YARROW_MAX_ENTROPY)
     {
@@ -215,30 +209,16 @@ yarrow_generate_block(struct yarrow256_ctx *ctx,
     }
 }
 
-/* FIXME: According to Niels Ferguson, it's better to gate after each
- * request for random data. */
 static void
-yarrow_generate_block_with_gate(struct yarrow256_ctx *ctx,
-				uint8_t *block)
+yarrow_gate(struct yarrow256_ctx *ctx)
 {
-  if (ctx->block_count < YARROW_GATE_THRESHOLD)
-    {
-      yarrow_generate_block(ctx, block);
-      ctx->block_count++;
-    }
-  else
-    {
-      uint8_t key[AES_MAX_KEY_SIZE];
-      unsigned i;
-
-      for (i = 0; i < sizeof(key); i+= AES_BLOCK_SIZE)
-	yarrow_generate_block(ctx, key + i);
+  uint8_t key[AES_MAX_KEY_SIZE];
+  unsigned i;
 
-      aes_set_key(&ctx->key, sizeof(key), key);
+  for (i = 0; i < sizeof(key); i+= AES_BLOCK_SIZE)
+    yarrow_generate_block(ctx, key + i);
 
-      yarrow_generate_block(ctx, block);
-      ctx->block_count = 1;
-    }
+  aes_set_key(&ctx->key, sizeof(key), key);
 }
 
 void
@@ -246,35 +226,19 @@ yarrow256_random(struct yarrow256_ctx *ctx, unsigned length, uint8_t *dst)
 {
   assert(ctx->seeded);
 
-  if (ctx->index < AES_BLOCK_SIZE)
-    {
-      unsigned left = AES_BLOCK_SIZE - ctx->index;
-
-      if (length <= left)
-	{
-	  memcpy(dst, ctx->buffer + ctx->index, length);
-	  ctx->index += length;
-	  return;
-	}
-
-      memcpy(dst, ctx->buffer + ctx->index, left);
-      dst += left;
-      length -= left;
-
-      assert(length);
-    }
-
   while (length > AES_BLOCK_SIZE)
     {
-      yarrow_generate_block_with_gate(ctx, dst);
+      yarrow_generate_block(ctx, dst);
       dst += AES_BLOCK_SIZE;
       length -= AES_BLOCK_SIZE;
     }
   if (length)
     {
+      uint8_t buffer[AES_BLOCK_SIZE];
+      
       assert(length < AES_BLOCK_SIZE);
-      yarrow_generate_block_with_gate(ctx, ctx->buffer);
-      memcpy(dst, ctx->buffer, length);
-      ctx->index = length;
+      yarrow_generate_block(ctx, buffer);
+      memcpy(dst, buffer, length);
     }
+  yarrow_gate(ctx);
 }
-- 
GitLab