From 3477dd7a9042e04517d79d0eb153f8fe715c3786 Mon Sep 17 00:00:00 2001
From: Liamsi <Liamsi@users.noreply.github.com>
Date: Wed, 9 May 2018 14:30:17 +0100
Subject: [PATCH] safer PRNG seeding: hash concatenation of fresh seedBytes
 with current seedBytes

---
 random.go | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/random.go b/random.go
index 46754219d..66da035a9 100644
--- a/random.go
+++ b/random.go
@@ -4,6 +4,7 @@ import (
 	"crypto/aes"
 	"crypto/cipher"
 	crand "crypto/rand"
+	"crypto/sha256"
 	"encoding/hex"
 	"io"
 	"sync"
@@ -72,8 +73,12 @@ type randInfo struct {
 func (ri *randInfo) MixEntropy(seedBytes []byte) {
 	ri.mtx.Lock()
 	defer ri.mtx.Unlock()
-	// Make new ri.seedBytes
-	hashBytes := Sha256(seedBytes)
+	// Make new ri.seedBytes using passed seedBytes and current ri.seedBytes:
+	// ri.seedBytes = sha256( seedBytes || ri.seedBytes )
+	h := sha256.New()
+	h.Write(seedBytes)
+	h.Write(ri.seedBytes[:])
+	hashBytes := h.Sum(nil)
 	hashBytes32 := [32]byte{}
 	copy(hashBytes32[:], hashBytes)
 	ri.seedBytes = xorBytes32(ri.seedBytes, hashBytes32)