* yarrow256.c (yarrow_fast_reseed): Generate two block of output

using the old key and feed into the pool.

Rev: src/nettle/yarrow256.c:1.6

diff --git a/yarrow256.c b/yarrow256.c
index 0db7818405ded8f16081489b1f70d161955ed931..3e72278a21977059db56e649aadb8a7719cef5b0 100644 (file)
--- a/yarrow256.c
+++ b/yarrow256.c
@@ -70,10 +70,19 @@ static void
 yarrow_fast_reseed(struct yarrow256_ctx *ctx)
 {
   uint8_t digest[SHA256_DIGEST_SIZE];
-  
   unsigned i;
 
-  /* FIXME: Mixin the current key! */
+  /* We feed two block of output using the current key into the pool
+   * before emptying it. */
+  if (ctx->seeded)
+    {
+      uint8_t blocks[AES_BLOCK_SIZE * 2];
+      
+      yarrow_generate_block(ctx, blocks);
+      yarrow_generate_block(ctx, blocks + AES_BLOCK_SIZE);
+      sha256_update(&ctx->pools[YARROW_FAST], sizeof(blocks), blocks);
+    }
+  
   sha256_final(&ctx->pools[YARROW_FAST]);
   sha256_digest(&ctx->pools[YARROW_FAST], sizeof(digest), digest);
   sha256_init(&ctx->pools[YARROW_FAST]);