8 years ago · 9232f2e970
--- a/src/prngs/fortuna.c
+++ b/src/prngs/fortuna.c
@@ -36,7 +36,8 @@ we reseed automatically when len(pool0) >= 64 or every LTC_FORTUNA_WD calls to t
 
				 #endif
			
 
				 
			
 
				 const struct ltc_prng_descriptor fortuna_desc = {
			
 
				-    "fortuna", 1024,
			
 
				+    "fortuna",
			
 
				+    (32 * LTC_FORTUNA_POOLS), /* default: 1024 */
			
 
				     &fortuna_start,
			
 
				     &fortuna_add_entropy,
			
 
				     &fortuna_ready,
			
@@ -331,6 +332,7 @@ int fortuna_export(unsigned char *out, unsigned long *outlen, prng_state *prng)
 
				 {
			
 
				    int         x, err;
			
 
				    hash_state *md;
			
 
				+   unsigned long len = fortuna_desc.export_size;
			
 
				 
			
 
				    LTC_ARGCHK(out    != NULL);
			
 
				    LTC_ARGCHK(outlen != NULL);
			
@@ -344,8 +346,8 @@ int fortuna_export(unsigned char *out, unsigned long *outlen, prng_state *prng)
 
				    }
			
 
				 
			
 
				    /* we'll write bytes for s&g's */
			
 
				-   if (*outlen < 32*LTC_FORTUNA_POOLS) {
			
 
				-      *outlen = 32*LTC_FORTUNA_POOLS;
			
 
				+   if (*outlen < len) {
			
 
				+      *outlen = len;
			
 
				       err = CRYPT_BUFFER_OVERFLOW;
			
 
				       goto LBL_UNLOCK;
			
 
				    }
			
@@ -379,7 +381,7 @@ int fortuna_export(unsigned char *out, unsigned long *outlen, prng_state *prng)
 
				          goto LBL_ERR;
			
 
				       }
			
 
				    }
			
 
				-   *outlen = 32*LTC_FORTUNA_POOLS;
			
 
				+   *outlen = len;
			
 
				    err = CRYPT_OK;
			
 
				 
			
 
				 LBL_ERR:
			
@@ -406,7 +408,7 @@ int fortuna_import(const unsigned char *in, unsigned long inlen, prng_state *prn
 
				    LTC_ARGCHK(in   != NULL);
			
 
				    LTC_ARGCHK(prng != NULL);
			
 
				 
			
 
				-   if (inlen != 32*LTC_FORTUNA_POOLS) {
			
 
				+   if (inlen != (unsigned long)fortuna_desc.export_size) {
			
 
				       return CRYPT_INVALID_ARG;
			
 
				    }
			
 
				 
			
--- a/src/prngs/yarrow.c
+++ b/src/prngs/yarrow.c
@@ -274,22 +274,22 @@ int yarrow_done(prng_state *prng)
 
				 */
			
 
				 int yarrow_export(unsigned char *out, unsigned long *outlen, prng_state *prng)
			
 
				 {
			
 
				+   unsigned long len = yarrow_desc.export_size;
			
 
				+
			
 
				    LTC_ARGCHK(out    != NULL);
			
 
				    LTC_ARGCHK(outlen != NULL);
			
 
				    LTC_ARGCHK(prng   != NULL);
			
 
				-   if (!prng->ready) return CRYPT_ERROR;
			
 
				 
			
 
				-   /* we'll write 64 bytes for s&g's */
			
 
				-   if (*outlen < 64) {
			
 
				-      *outlen = 64;
			
 
				+   if (*outlen < len) {
			
 
				+      *outlen = len;
			
 
				       return CRYPT_BUFFER_OVERFLOW;
			
 
				    }
			
 
				 
			
 
				-   if (yarrow_read(out, 64, prng) != 64) {
			
 
				+   if (yarrow_read(out, len, prng) != len) {
			
 
				       return CRYPT_ERROR_READPRNG;
			
 
				    }
			
 
				 
			
 
				-   *outlen = 64;
			
 
				+   *outlen = len;
			
 
				    return CRYPT_OK;
			
 
				 }
			
 
				 
			
@@ -306,16 +306,10 @@ int yarrow_import(const unsigned char *in, unsigned long inlen, prng_state *prng
 
				 
			
 
				    LTC_ARGCHK(in   != NULL);
			
 
				    LTC_ARGCHK(prng != NULL);
			
 
				+   if (inlen < (unsigned long)yarrow_desc.export_size) return CRYPT_INVALID_ARG;
			
 
				 
			
 
				-   if (inlen != 64) {
			
 
				-      return CRYPT_INVALID_ARG;
			
 
				-   }
			
 
				-   if ((err = yarrow_start(prng)) != CRYPT_OK) {
			
 
				-      return err;
			
 
				-   }
			
 
				-   if ((err = yarrow_add_entropy(in, 64, prng)) != CRYPT_OK) {
			
 
				-      return err;
			
 
				-   }
			
 
				+   if ((err = yarrow_start(prng)) != CRYPT_OK)                  return err;
			
 
				+   if ((err = yarrow_add_entropy(in, inlen, prng)) != CRYPT_OK) return err;
			
 
				    return CRYPT_OK;
			
 
				 }