sshprng.c: remove pointless pending_output buffer.

In an early draft of the new PRNG, before I decided to get rid of random_byte() and replace it with random_read(), it was important after generating a hash-worth of PRNG output to buffer it so as to return it a byte at a time. So the PRNG data structure itself had to keep a hash-sized buffer of pending output, and be able to return the next byte from it on every random_byte() call. But when random_read() came in, there was no need to do that any more, because at the end of a read, the generator is re-seeded and the remains of any generated data is deliberately thrown away. So the pending_output buffer has no need to live in the persistent prng object; it can be relegated to a local variable inside random_read (and a couple of other functions that used the same buffer since it was conveniently there). A side effect of this is that we're no longer yielding the bytes of each hash in reverse order, because only the previous silly code structure made it convenient. Fortunately, of course, nothing is depending on that - except the cryptsuite tests, which I've updated.
2025-07-01 11:32:48 -05:00 · 2020-01-26 10:58:27 +00:00
parent 213723a718
commit 404f558705
2 changed files with 23 additions and 31 deletions
--- a/test/cryptsuite.py
+++ b/test/cryptsuite.py
@ -1197,7 +1197,6 @@ class crypt(MyTestBase):
        hashalg = 'sha256'
        seed = b"hello, world"
        entropy = b'1234567890' * 100
-        rev = lambda s: valbytes(reversed(bytevals(s)))

        # Replicate the generation of some random numbers. to ensure
        # they really are the hashes of what they're supposed to be.
@ -1212,21 +1211,21 @@ class crypt(MyTestBase):

        key1 = hash_str(hashalg, b'R' + seed)
        expected_data1 = b''.join(
-            rev(hash_str(hashalg, key1 + b'G' + ssh2_mpint(counter)))
+            hash_str(hashalg, key1 + b'G' + ssh2_mpint(counter))
            for counter in range(4))
        # After prng_read finishes, we expect the PRNG to have
        # automatically reseeded itself, so that if its internal state
        # is revealed then the previous output can't be reconstructed.
        key2 = hash_str(hashalg, key1 + b'R')
        expected_data2 = b''.join(
-            rev(hash_str(hashalg, key2 + b'G' + ssh2_mpint(counter)))
+            hash_str(hashalg, key2 + b'G' + ssh2_mpint(counter))
            for counter in range(4,8))
        # There will have been another reseed after the second
        # prng_read, and then another due to the entropy.
        key3 = hash_str(hashalg, key2 + b'R')
        key4 = hash_str(hashalg, key3 + b'R' + hash_str(hashalg, entropy))
        expected_data3 = b''.join(
-            rev(hash_str(hashalg, key4 + b'G' + ssh2_mpint(counter)))
+            hash_str(hashalg, key4 + b'G' + ssh2_mpint(counter))
            for counter in range(8,12))

        self.assertEqualBin(data1, expected_data1)