Chapter 5 Non-Cryptographic Operations 167
Generating Random Numbers
Refer to “Saving State” on page 120 for a discussion of how to save the state of the
algorithm object for future use.
Step 4: Update
The B_RandomUpdate function mixes in a random seed to the algorithm object. The
function prototype in Chapter 4 of the Reference Manual shows that
B_RandomUpdate
takes four arguments: an algorithm object, a random seed, the length of the random
seed, and a surrender context. So before you can call
B_RandomUpdate, you need to
procure a random seed.
Step 4a: The Random Seed
The purpose of random number generation is to produce an unpredictable and
unrepeatable sequence of bytes. If you do not update a random algorithm object with
a random seed, you will generate a default sequence of pseudo-random bytes. In
addition, if someone else updates their random algorithm object with the same seed
that you used, they will generate the same sequence you did. Because unrepeatability
depends on the random seed, you want an unrepeatable seed.
Generating a seed that cannot be predicted or repeated is especially important in
cryptography. There are a number of sources for unrepeatable seeds. The best source
may be a hardware noise generator. The BSAFE Hardware API (BHAPI) offers a way
to interface with a hardware random number generator. One such implementation
interfaces with Intel’s Random Number Generator; see the RSA BSAFE Crypto-C Intel
Security Hardware User’s Manual for more information. Other seed-gathering methods
involve tracking mouse movement or timing keystrokes, system time, or processor-
elapsed time. There may be other schemes you can devise that do not depend on
someone entering a value from the keyboard.
The seed does not necessarily have to be random, but its value must be difficult to
B_ALGORITHM_METHOD *RANDOM_CHOOSER[] = {
&AM_SHA_RANDOM,
(B_ALGORITHM_METHOD *)NULL_PTR
};
if ((status = B_RandomInit
(randomAlgorithm, RANDOM_CHOOSER,
(A_SURRENDER_CTX *)NULL_PTR)) != 0)
break;
