Generating Random Numbers

Now that you have a random seed, you can call B_RandomUpdate. The length argument tells Crypto-C how many bytes from the random seed buffer to use. See “Pseudo-Random Numbers and Seed Generation” on page 92 for a discussion on how many seed bytes to use. In this example, you will use all 256 bytes from the buffer, even though you probably entered fewer than 256 characters at the keyboard. Once again, it is reasonable to pass a NULL_PTR for the surrender context, because B_RandomUpdate is a fast function:

if ((status = B_RandomUpdate (randomAlgorithm, randomSeed, randomSeedLen, (A_SURRENDER_CTX *)NULL_PTR)) != 0)

break;

Call B_RandomUpdate as many times as you wish with different seeds each time to increase the unrepeatability of your random number generator. After each Update, you may want to overwrite and free your seed immediately.

Step 5: Generate

When generating random bytes, you call B_GenerateRandomBytes instead of a Final function. The function prototype in Chapter 4 of the Reference Manual calls for the following arguments: a random algorithm object, an output buffer, the number of bytes to generate, and a surrender context. You need to prepare a buffer before calling B_GenerateRandomBytes:

#define NUMBER_OF_RANDOM_BYTES 64

unsigned char *randomByteBuffer = NULL_PTR;

randomByteBuffer = T_malloc (NUMBER_OF_RANDOM_BYTES); if ((status = (randomByteBuffer == NULL_PTR)) != 0)

break;

Now you can generate some random bytes. Generating 64 bytes is quick, so you are still safe in using a NULL_PTR for the surrender context.

if ((status = B_GenerateRandomBytes

(randomAlgorithm, randomByteBuffer, NUMBER_OF_RANDOM_BYTES, (A_SURRENDER_CTX *)NULL_PTR)) != 0)

break;

C h a p t e r 5 N o n - C r y p t o g r a p h i c O p e r a t i o n s

1 6 9

Page 191
Image 191
RSA Security 5.2.2 manual If status = BGenerateRandomBytes