Use 2 * output length for seed size

2 files changed, 3 insertions, 3 deletions

diff --git a/crypto/src/security/SecureRandom.cs b/crypto/src/security/SecureRandom.cs

index 03552c38f..7eeba6f24 100644
--- a/crypto/src/security/SecureRandom.cs
+++ b/crypto/src/security/SecureRandom.cs
@@ -28,7 +28,7 @@ namespace Org.BouncyCastle.Security
             DigestRandomGenerator prng = new DigestRandomGenerator(digest);
             if (autoSeed)
             {
-                AutoSeed(prng, digest.GetByteLength());
+                AutoSeed(prng, 2 * digest.GetDigestSize());
             }
             return prng;
         }
diff --git a/crypto/src/tls/crypto/impl/bc/BcTlsCrypto.cs b/crypto/src/tls/crypto/impl/bc/BcTlsCrypto.cs

index 81a29fb08..0cad3e10d 100644
--- a/crypto/src/tls/crypto/impl/bc/BcTlsCrypto.cs
+++ b/crypto/src/tls/crypto/impl/bc/BcTlsCrypto.cs
@@ -162,7 +162,7 @@ namespace Org.BouncyCastle.Tls.Crypto.Impl.BC
             int cryptoHashAlgorithm = CryptoHashAlgorithm.sha256;
             IDigest digest = CreateDigest(cryptoHashAlgorithm);
 
-            int seedLength = TlsCryptoUtilities.GetHashInternalSize(cryptoHashAlgorithm);
+            int seedLength = 2 * TlsCryptoUtilities.GetHashOutputSize(cryptoHashAlgorithm);
             byte[] seed = new byte[seedLength];
             SecureRandom.NextBytes(seed);
 
@@ -180,7 +180,7 @@ namespace Org.BouncyCastle.Tls.Crypto.Impl.BC
             int cryptoHashAlgorithm = CryptoHashAlgorithm.sha256;
             IDigest digest = CreateDigest(cryptoHashAlgorithm);
 
-            int seedLength = TlsCryptoUtilities.GetHashInternalSize(cryptoHashAlgorithm);
+            int seedLength = 2 * TlsCryptoUtilities.GetHashOutputSize(cryptoHashAlgorithm);
             Span<byte> seed = seedLength <= 128
                 ? stackalloc byte[seedLength]
                 : new byte[seedLength];