Cryptography Reference
In-Depth Information
In contrast to
/dev/random
, the device file
/dev/urandom
returns values
continuously even when the entropy pool is exhausted. In this case, the device
returns random values determined in the manner described previously (see [Tso]).
The following function uses, depending on platform and availability, both
sources for generating start values. Under Windows, in addition, the 64 result
bytes of the WIN32 function
QueryPerformanceCounter()
are used for collecting
entropy. Moreover, the system time is queried, and optionally, a character string
of the calling function is accepted so that a user entry, such as input from the
keyboard, can be considered in the generation of the start value. The values thus
obtained are once more compressed with the hash function RIPEMD-160 to a
20-byte result, which is returned in this form and also as a large integer in
CLINT
format.
Function:
Generation of entropy for the initialization of pseudorandom
number generators. In addition to an optional user-defined
character string, entropy bytes are read from system-specific
sources:
For Win32: Value from
QueryPerformanceCounter
(64 byte),
values from
CryptGenRandom
.
For Linux: Entropy is read from
/dev/urandom
if this source
is available.
Altogether,
LenRndStr + AddEntropy
bytes go into the result.
This is output as a
CLINT
integer.
Additionally, a hash value is generated from the entropy data.
Syntax:
int
GetEntropy_l (CLINT Seed_l, char *Hashres,
int AddEntropy, char *RndStr, int LenRndStr);
AddEntropy
(number of entropy bytes to be generated)
RndStr
(optional user-defined string,
NULL
is possible)
LenRndStr
(length of
RndStr
in bytes)
Input:
Seed_l
(entropy as
CLINT
integer. If
Seed_l == NULL
,
output is suppressed)
Hashres
(entropy as RIPEMD-160 hash value, length 20 bytes
If
Hashres == NULL
, output suppressed)
Output:
Return:
0 if all O.K.
n>
0
if
n
is less than the required number of entropy bytes
that could be read
E_CLINT_MAL
in case of error in memory location