Loading doc/crypto/rand.pod +10 −9 Original line number Original line Diff line number Diff line Loading @@ -123,19 +123,20 @@ function and xor). When bytes are extracted from the RNG, the following process is used. When bytes are extracted from the RNG, the following process is used. For each group of 8 bytes (or less), we do the following, For each group of 8 bytes (or less), we do the following, Input into the hash function, the top 8 bytes from 'md', the byte that Input into the hash function the top 8 bytes from 'md', the bytes that are to be overwritten by the random bytes and bytes from the 'state' are to be overwritten by the random bytes, and bytes from the 'state' (incrementing looping index). From this hash function output (which (incrementing looping index). From this hash function output (which is kept in 'md'), the top (upto) 8 bytes are returned to the caller is kept in 'md'), the top (upto) 8 bytes are returned to the caller and the bottom (upto) 8 bytes are xored into the 'state'. and the bottom (upto) 8 bytes are xored into the 'state'. Finally, after we have finished 'generation' random bytes for the Finally, after we have finished 'num' random bytes for the caller, called, 'count' (which is incremented) and 'md' are fed into the hash 'count' (which is incremented) and the local and global 'md' are fed function and the results are kept in 'md'. I believe the above into the hash function and the results are kept in the global 'md'. addressed points 1 (use of SHA-1), 6 (by hashing into the 'state' the 'old' data from the caller that is about to be overwritten) and 7 (by I believe the above addressed points 1 (use of SHA-1), 6 (by hashing not using the 8 bytes given to the caller to update the 'state', but into the 'state' the 'old' data from the caller that is about to be they are used to update 'md'). overwritten) and 7 (by not using the 8 bytes given to the caller to update the 'state', but they are used to update 'md'). So of the points raised, only 2 is not addressed (but see So of the points raised, only 2 is not addressed (but see L<RAND_add()>). L<RAND_add()>). Loading Loading
doc/crypto/rand.pod +10 −9 Original line number Original line Diff line number Diff line Loading @@ -123,19 +123,20 @@ function and xor). When bytes are extracted from the RNG, the following process is used. When bytes are extracted from the RNG, the following process is used. For each group of 8 bytes (or less), we do the following, For each group of 8 bytes (or less), we do the following, Input into the hash function, the top 8 bytes from 'md', the byte that Input into the hash function the top 8 bytes from 'md', the bytes that are to be overwritten by the random bytes and bytes from the 'state' are to be overwritten by the random bytes, and bytes from the 'state' (incrementing looping index). From this hash function output (which (incrementing looping index). From this hash function output (which is kept in 'md'), the top (upto) 8 bytes are returned to the caller is kept in 'md'), the top (upto) 8 bytes are returned to the caller and the bottom (upto) 8 bytes are xored into the 'state'. and the bottom (upto) 8 bytes are xored into the 'state'. Finally, after we have finished 'generation' random bytes for the Finally, after we have finished 'num' random bytes for the caller, called, 'count' (which is incremented) and 'md' are fed into the hash 'count' (which is incremented) and the local and global 'md' are fed function and the results are kept in 'md'. I believe the above into the hash function and the results are kept in the global 'md'. addressed points 1 (use of SHA-1), 6 (by hashing into the 'state' the 'old' data from the caller that is about to be overwritten) and 7 (by I believe the above addressed points 1 (use of SHA-1), 6 (by hashing not using the 8 bytes given to the caller to update the 'state', but into the 'state' the 'old' data from the caller that is about to be they are used to update 'md'). overwritten) and 7 (by not using the 8 bytes given to the caller to update the 'state', but they are used to update 'md'). So of the points raised, only 2 is not addressed (but see So of the points raised, only 2 is not addressed (but see L<RAND_add()>). L<RAND_add()>). Loading
