From ad5d6dc31dc66b47f887e3a349757a7b92caf0ae Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Niels=20M=C3=B6ller?= <nisse@lysator.liu.se>
Date: Tue, 9 Oct 2001 18:30:13 +0200
Subject: [PATCH] (yarrow256_init): Initialize the sources. (yarrow256_random):
 Fixed loop condition.

Rev: src/nettle/yarrow256.c:1.7
---
 yarrow256.c | 58 ++++++++++++++++++++++++++++++-----------------------
 1 file changed, 33 insertions(+), 25 deletions(-)

diff --git a/yarrow256.c b/yarrow256.c
index 3e72278a..f9df9144 100644
--- a/yarrow256.c
+++ b/yarrow256.c
@@ -50,16 +50,46 @@
 
 void
 yarrow256_init(struct yarrow256_ctx *ctx,
-	       int n,
+	       unsigned n,
 	       struct yarrow_source *s)
 {
   sha256_init(&ctx->pools[0]);
   sha256_init(&ctx->pools[1]);
-
+  unsigned i;
+  
   ctx->seeded = 0;
 
   ctx->nsources = n;
   ctx->sources = s;
+
+  for (i = 0; i<n; i++)
+    {
+      ctx->sources[i].estimate[YARROW_FAST] = 0;
+      ctx->sources[i].estimate[YARROW_SLOW] = 0;
+      ctx->sources[i].next = YARROW_FAST;
+    }
+}
+
+static void
+yarrow_generate_block(struct yarrow256_ctx *ctx,
+		      uint8_t *block)
+{
+  unsigned i;
+  
+  aes_encrypt(&ctx->key, sizeof(ctx->counter), block, ctx->counter);
+
+  /* Increment counter, treating it as a big-endian number. This is
+   * machine independent, and follows appendix B of the NIST
+   * specification of cipher modes of operation.
+   *
+   * We could keep a representation of thy counter as 4 32-bit values,
+   * and write entire words (in big-endian byteorder) into the counter
+   * block, whenever they change. */
+  for (i = sizeof(ctx->counter); i--; )
+    {
+      if (++ctx->counter[i])
+	break;
+    }
 }
 
 /* NOTE: The SHA-256 digest size equals the AES key size, so we need
@@ -193,28 +223,6 @@ yarrow256_update(struct yarrow256_ctx *ctx,
     }
 }
 
-static void
-yarrow_generate_block(struct yarrow256_ctx *ctx,
-		      uint8_t *block)
-{
-  unsigned i;
-  
-  aes_encrypt(&ctx->key, sizeof(ctx->counter), block, ctx->counter);
-
-  /* Increment counter, treating it as a big-endian number. This is
-   * machine independent, and follows appendix B of the NIST
-   * specification of cipher modes of operation.
-   *
-   * We could keep a representation of thy counter as 4 32-bit values,
-   * and write entire words (in big-endian byteorder) into the counter
-   * block, whenever they change. */
-  for (i = sizeof(ctx->counter); i--; )
-    {
-      if (++ctx->counter[i])
-	break;
-    }
-}
-
 static void
 yarrow_gate(struct yarrow256_ctx *ctx)
 {
@@ -232,7 +240,7 @@ yarrow256_random(struct yarrow256_ctx *ctx, unsigned length, uint8_t *dst)
 {
   assert(ctx->seeded);
 
-  while (length > AES_BLOCK_SIZE)
+  while (length >= AES_BLOCK_SIZE)
     {
       yarrow_generate_block(ctx, dst);
       dst += AES_BLOCK_SIZE;
-- 
GitLab