From 3f078a9c1d674e911f8c4169930359d603ccd5fb Mon Sep 17 00:00:00 2001 From: Mark Wooding Date: Thu, 12 Dec 2019 19:12:26 +0000 Subject: [PATCH] rand/rand.c: Mix the pool key in `rand_gate' and `rand_stretch'. Back in commit d6fab4f6ae209afd6799a2974ce2849123965170, I rearranged the cryptography to use plain SHA256 rather than RIPEMD160-HMAC for determining the cipher key for churning the generator state. I also managed to remove all the points at which the key actually influences the behaviour of the generator! This was four years ago, and I can't remember exactly why, but my guess is that the key was previously inserted as part of `rmd160_macinit', which was replaced by the unheyed `HASH_INIT' function. --- rand/rand.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/rand/rand.c b/rand/rand.c index f9f16d5d..6787c11a 100644 --- a/rand/rand.c +++ b/rand/rand.c @@ -323,6 +323,7 @@ void rand_gate(rand_pool *r) HASH_INIT(&hc); STORE32(g, r->gen); HASH(&hc, g, sizeof(g)); + HASH(&hc, r->k.k, RAND_KEYSZ); HASH(&hc, r->pool, RAND_POOLSZ); HASH(&hc, r->buf, RAND_BUFSZ); HASH_DONE(&hc, h); @@ -373,6 +374,7 @@ void rand_stretch(rand_pool *r) HASH_INIT(&hc); STORE32(g, r->gen); HASH(&hc, g, sizeof(g)); + HASH(&hc, r->k.k, RAND_KEYSZ); HASH(&hc, r->pool, RAND_POOLSZ); HASH(&hc, r->buf, RAND_BUFSZ); HASH_DONE(&hc, h); -- 2.11.0