X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=crypto%2Frand%2Fmd_rand.c;h=34843d04dbe32c39432edd2c4f8a79af5df57e5e;hp=88095b109d68f65e2644847e84be6a7268a7314e;hb=853f757ecea74a271a7c5cdee3f3b5fe0d3ae863;hpb=c88a900fa1348a47d69a13da7bb1205178a3472d

diff --git a/crypto/rand/md_rand.c b/crypto/rand/md_rand.c
index 88095b109d..34843d04db 100644
--- a/crypto/rand/md_rand.c
+++ b/crypto/rand/md_rand.c
@@ -56,7 +56,7 @@
  * [including the GNU Public Licence.]
  */
 
-#define ENTROPY_NEEDED 32  /* require 128 bits of randomness */
+#define ENTROPY_NEEDED 16  /* require 128 bits = 16 bytes of randomness */
 
 #ifndef MD_RAND_DEBUG
 # ifndef NDEBUG
@@ -138,13 +138,13 @@ static int state_num=0,state_index=0;
 static unsigned char state[STATE_SIZE+MD_DIGEST_LENGTH];
 static unsigned char md[MD_DIGEST_LENGTH];
 static long md_count[2]={0,0};
-static unsigned entropy=0;
+static double entropy=0;
 
 const char *RAND_version="RAND" OPENSSL_VERSION_PTEXT;
 
 static void ssleay_rand_cleanup(void);
 static void ssleay_rand_seed(const void *buf, int num);
-static void ssleay_rand_add(const void *buf, int num, int add_entropy);
+static void ssleay_rand_add(const void *buf, int num, double add_entropy);
 static int ssleay_rand_bytes(unsigned char *buf, int num);
 static int ssleay_rand_pseudo_bytes(unsigned char *buf, int num);
 
@@ -172,7 +172,7 @@ static void ssleay_rand_cleanup(void)
 	entropy=0;
 	}
 
-static void ssleay_rand_add(const void *buf, int num, int add)
+static void ssleay_rand_add(const void *buf, int num, double add)
 	{
 	int i,j,k,st_idx;
 	long md_c[2];
@@ -286,7 +286,7 @@ static void ssleay_rand_add(const void *buf, int num, int add)
 #ifndef THREADS	
 	assert(md_c[1] == md_count[1]);
 #endif
-	if (entropy < ENTROPY_NEEDED)
+	if (entropy < ENTROPY_NEEDED) /* stop counting when we have enough */
 	    entropy += add;
 	}
 
@@ -497,12 +497,12 @@ static int ssleay_rand_pseudo_bytes(unsigned char *buf, int num)
  */
 /*
  * I have modified the loading of bytes via RAND_seed() mechanism since
- * the origional would have been very very CPU intensive since RAND_seed()
+ * the original would have been very very CPU intensive since RAND_seed()
  * does an MD5 per 16 bytes of input.  The cost to digest 16 bytes is the same
  * as that to digest 56 bytes.  So under the old system, a screen of
- * 1024*768*256 would have been CPU cost of approximatly 49,000 56 byte MD5
+ * 1024*768*256 would have been CPU cost of approximately 49,000 56 byte MD5
  * digests or digesting 2.7 mbytes.  What I have put in place would
- * be 48 16k MD5 digests, or efectivly 48*16+48 MD5 bytes or 816 kbytes
+ * be 48 16k MD5 digests, or effectively 48*16+48 MD5 bytes or 816 kbytes
  * or about 3.5 times as much.
  * - eric 
  */