BE_ALGORITHM_INFO

Generating Random Numbers

For this example, you will specify six streams of randomness, and provide a seed stored in an ITEM structure, randomSeed. The amount of seed data passed in the A_X931_RANDOM_PARAMS structure must greater than or equal to 20 * (number of streams) bytes and less than or equal to 64 * (number of streams) bytes. With six streams, this means the seed size must be between 120 bytes and 384 bytes. If the amount of seed data is outside this range, Crypto-C will return a

error.

In addition, Crypto-C checks the seed value for the amount of entropy. For example, a constant seed (all zeros or all ones) will return an error.

ITEM randomSeed;

A_X931_RANDOM_PARAMS x931Params;

x931Params.numberOfStreams = 6; x931Params.seed.data = randomSeed.data; x931Params.seed.len = randomSeed.len;

if ((status = B_SetAlgorithmInfo

(randomAlgorithm, AI_X931Random, (POINTER)&x931Params)) != 0) break;

Step 3: Init

Once the structure has been passed in, the Init is essentially the same as in the previous example. The only difference is that AM_X931_RANDOM appears in the chooser.

B_ALGORITHM_METHOD *RANDOM_CHOOSER[] = { &AM_X931_RANDOM, (B_ALGORITHM_METHOD *)NULL_PTR

};

if ((status = B_RandomInit (randomAlgorithm, RANDOM_CHOOSER, (A_SURRENDER_CTX *)NULL_PTR)) != 0)

break;

Steps 4, 5, 6

These steps are identical to the previous example.

C h a p t e r 5 N o n - C r y p t o g r a p h i c O p e r a t i o n s

1 7 1

Page 193
Image 193
RSA Security 5.2.2 manual Steps 4, 5, These steps are identical to the previous example