RSA Security 5.2.2 Manual

A SERVICE OF

next previous

Generating Random Numbers

166 RSA BSAFE Crypto-C Developer’s Guide

Step 2: Setting The Algorithm Object

You need to supply an appropriate algorithm info type (AI) and the proper associated

info

to B_SetAlgorithmInfo. For random-number generation, you have a choice

between

AI_MD2Random, AI_MD5Random, AI_X962Random_V0 (also known as

AI_SHA1Random), and AI_X931Random, based on the message digest algorithms MD2,

MD5, and SHA1 described earlier. For this example, choose

AI_X962Random_V0.

Note:

AI_SHA1Random is identical to AI_X962Random_V0; the name AI_SHA1Random is

used in the demo applications. However,

AI_SHA1Random may change in

future versions of Crypto-C. For forward compatibility, we recommend that

you do not use the name

AI_SHA1Random in your applications; use

AI_X962Random_V0 instead.

Recent cryptanalytic work has discovered a collision in MD2’s internal

compression function, and there is some chance that the attack on MD2 may

be extended to the full hash function. The same attack applies to MD. Another

attack has been applied to the compression function on MD5, though this has

yet to be extended to the full MD5. RSA Security recommends that before you

use MD, MD2, or MD5, you should consult the RSA Laboratories Web site to

be sure that their use is consistent with the latest information.

The entry for

AI_SHA1Random in Chapter 2 of the Reference Manual refers you to

AI_X962Random_V0; the entry for this second AI states that the

info

supplied to

B_SetAlgorithmInfo is NULL_PTR. So the proper way to set your random algorithm

object is:

Step 3: Init

Initialize

randomAlgorithm

with B_RandomInit. The prototype of this function in

Chapter 4 of the Reference Manual indicates that it takes three arguments: the

algorithm object, the algorithm chooser, and the surrender context. The first argument

is

randomAlgorithm. For the second argument, build an algorithm chooser that

contains the AMs listed in the Reference Manual Chapter 2 entry for

AI_X962Random_V0.

B_RandomInit is a fast function, so it is reasonable to use a properly cast NULL_PTR for

the surrender context as the third argument.

if ((status = B_SetAlgorithmInfo

(randomAlgorithm, AI_SHA1Random, NULL_PTR)) != 0)

break;