Loading doc/crypto/rand.pod +10 −9 Original line number Diff line number Diff line Loading @@ -123,19 +123,20 @@ function and xor). When bytes are extracted from the RNG, the following process is used. For each group of 8 bytes (or less), we do the following, Input into the hash function, the top 8 bytes from 'md', the byte that are to be overwritten by the random bytes and bytes from the 'state' Input into the hash function the top 8 bytes from 'md', the bytes that are to be overwritten by the random bytes, and bytes from the 'state' (incrementing looping index). From this hash function output (which is kept in 'md'), the top (upto) 8 bytes are returned to the caller and the bottom (upto) 8 bytes are xored into the 'state'. Finally, after we have finished 'generation' random bytes for the called, 'count' (which is incremented) and 'md' are fed into the hash function and the results are kept in 'md'. I believe the above addressed points 1 (use of SHA-1), 6 (by hashing into the 'state' the 'old' data from the caller that is about to be overwritten) and 7 (by not using the 8 bytes given to the caller to update the 'state', but they are used to update 'md'). Finally, after we have finished 'num' random bytes for the caller, 'count' (which is incremented) and the local and global 'md' are fed into the hash function and the results are kept in the global 'md'. I believe the above addressed points 1 (use of SHA-1), 6 (by hashing into the 'state' the 'old' data from the caller that is about to be overwritten) and 7 (by not using the 8 bytes given to the caller to update the 'state', but they are used to update 'md'). So of the points raised, only 2 is not addressed (but see L<RAND_add()>). Loading Loading
doc/crypto/rand.pod +10 −9 Original line number Diff line number Diff line Loading @@ -123,19 +123,20 @@ function and xor). When bytes are extracted from the RNG, the following process is used. For each group of 8 bytes (or less), we do the following, Input into the hash function, the top 8 bytes from 'md', the byte that are to be overwritten by the random bytes and bytes from the 'state' Input into the hash function the top 8 bytes from 'md', the bytes that are to be overwritten by the random bytes, and bytes from the 'state' (incrementing looping index). From this hash function output (which is kept in 'md'), the top (upto) 8 bytes are returned to the caller and the bottom (upto) 8 bytes are xored into the 'state'. Finally, after we have finished 'generation' random bytes for the called, 'count' (which is incremented) and 'md' are fed into the hash function and the results are kept in 'md'. I believe the above addressed points 1 (use of SHA-1), 6 (by hashing into the 'state' the 'old' data from the caller that is about to be overwritten) and 7 (by not using the 8 bytes given to the caller to update the 'state', but they are used to update 'md'). Finally, after we have finished 'num' random bytes for the caller, 'count' (which is incremented) and the local and global 'md' are fed into the hash function and the results are kept in the global 'md'. I believe the above addressed points 1 (use of SHA-1), 6 (by hashing into the 'state' the 'old' data from the caller that is about to be overwritten) and 7 (by not using the 8 bytes given to the caller to update the 'state', but they are used to update 'md'). So of the points raised, only 2 is not addressed (but see L<RAND_add()>). Loading
