RSA Security 4.3 manual Initialize the Random Algorithm, Seed the Random Object

Generating Random Numbers

Step 3: Initialize the Random Algorithm

To initialize the random algorithm, you must pass the algorithm object, the algorithm chooser, and a surrender context. As mentioned before, the algorithm chooser does not need to be a session chooser; a simple software chooser will suffice, so this call is also identical to a software implementation.

B_ALGORITHM_METHOD *RANDOM_CHOOSER[] = { &AM_SHA_RANDOM, (B_ALGORITHM_METHOD *)NULL_PTR

};

if ((status = B_RandomInit (randomAlgorithm, RANDOM_CHOOSER, (A_SURRENDER_CTX *)NULL_PTR)) != 0)

break;

Step 4: Seed the Random Object

In this step, you will seed the random object using the seed generated by the Intel RNG. If the RNG cannot be found, or fails during processing, you can ask the user to enter a seed value.

Note: If the Intel RNG is not working at start-up, and there are no seed bits available from hardware randomness, then a very high-security application might want to inform the user and exit.

First, acquire the random seed. To do this you must supply a function, GenerateSeed, to retrieve the random seed from hardware. An example of the GenerateSeed function is shown in the previous section, “Obtaining a Random Seed from Hardware” on page 16:

#define BYTES_TO_GENERATE = 128

randomSeedLen = BYTES_TO_GENERATE;

randomSeed = (unsigned char *)T_malloc (randomSeedLen); GenerateSeed (randomSeed, randomSeedLen);

Once you have the random seed and its length, pass both into B_RandomUpdate. This