static void
yarrow_fast_reseed(struct yarrow256_ctx *ctx)
{
quint8 digest[SHA256_DIGEST_SIZE];
unsigned i;
#if YARROW_DEBUG
fprintf(stderr, "yarrow_fast_reseed\n");
#endif
/* We feed two block of output using the current key into the pool
* before emptying it. */
if (ctx->seeded)
{
quint8 blocks[AES_BLOCK_SIZE * 2];
yarrow_generate_block(ctx, blocks);
yarrow_generate_block(ctx, blocks + AES_BLOCK_SIZE);
sha256_update(&ctx->pools[YARROW_FAST],blocks,sizeof(blocks));
}
sha256_finish(&ctx->pools[YARROW_FAST],digest);
/* Iterate */
yarrow_iterate(digest);
aes_encrypt_key256(digest,&ctx->key);
/* Derive new counter value */
memset(ctx->counter, 0, sizeof(ctx->counter));
//aes_encrypt(&ctx->key, sizeof(ctx->counter), ctx->counter, ctx->counter);
aes_ecb_encrypt(ctx->counter,ctx->counter,sizeof(ctx->counter),&ctx->key);
/* Reset estimates. */
for (i = 0; i<ctx->nsources; i++)
ctx->sources[i].estimate[YARROW_FAST] = 0;
/* New seed file. */
/* FIXME: Extract this into a function of its own. */
for (i = 0; i < sizeof(ctx->seed_file); i+= AES_BLOCK_SIZE)
yarrow_generate_block(ctx, ctx->seed_file + i);
yarrow_gate(ctx);
}
void
yarrow256_random(struct yarrow256_ctx *ctx, size_t length, uint8_t *dst)
{
assert(ctx->seeded);
while (length >= AES_BLOCK_SIZE)
{
yarrow_generate_block(ctx, dst);
dst += AES_BLOCK_SIZE;
length -= AES_BLOCK_SIZE;
}
if (length)
{
uint8_t buffer[AES_BLOCK_SIZE];
assert(length < AES_BLOCK_SIZE);
yarrow_generate_block(ctx, buffer);
memcpy(dst, buffer, length);
}
yarrow_gate(ctx);
}
