Generating Random Numbers

Step 2: Setting The Algorithm Object

You need to supply an appropriate algorithm info type (AI) and the proper associated info to B_SetAlgorithmInfo. For random-number generation, you have a choice between AI_MD2Random, AI_MD5Random, AI_X962Random_V0 (also known as AI_SHA1Random), and AI_X931Random, based on the message digest algorithms MD2, MD5, and SHA1 described earlier. For this example, choose AI_X962Random_V0.

Note: AI_SHA1Random is identical to AI_X962Random_V0; the name AI_SHA1Random is

used in the demo applications. However, AI_SHA1Random may change in future versions of Crypto-C. For forward compatibility, we recommend that you do not use the name AI_SHA1Random in your applications; use AI_X962Random_V0 instead.

Recent cryptanalytic work has discovered a collision in MD2’s internal compression function, and there is some chance that the attack on MD2 may be extended to the full hash function. The same attack applies to MD. Another attack has been applied to the compression function on MD5, though this has yet to be extended to the full MD5. RSA Security recommends that before you use MD, MD2, or MD5, you should consult the RSA Laboratories Web site to be sure that their use is consistent with the latest information.

The entry for AI_SHA1Random in Chapter 2 of the Reference Manual refers you to AI_X962Random_V0; the entry for this second AI states that the info supplied to B_SetAlgorithmInfo is NULL_PTR. So the proper way to set your random algorithm object is:

if ((status = B_SetAlgorithmInfo (randomAlgorithm, AI_SHA1Random, NULL_PTR)) != 0)

break;

Step 3: Init

Initialize randomAlgorithm with B_RandomInit. The prototype of this function in Chapter 4 of the Reference Manual indicates that it takes three arguments: the algorithm object, the algorithm chooser, and the surrender context. The first argument is randomAlgorithm. For the second argument, build an algorithm chooser that contains the AMs listed in the Reference Manual Chapter 2 entry for AI_X962Random_V0. B_RandomInit is a fast function, so it is reasonable to use a properly cast NULL_PTR for the surrender context as the third argument.

1 6 6

R S A B S A F E C r y p t o - C D e v e l o p e r ’s G u i d e

Page 188
Image 188
RSA Security 5.2.2 manual Setting The Algorithm Object