	RSA BSAFE Crypto-C	Cryptographic Components for C
		Search

AI_X931Random

Generates random numbers for RSA key generation in conformance with X9.31. It can be used to supply multiple independent streams of randomness.

: It is intended for use with AI_RSAStrongKeyGen only. The SHA-1 based PRNG, G(sha1) is available as AI_X962Random_V0. If the X9.31 DSA signatures are not required, but the G(sha1) hash function is, use AI_X962Random_V0 and not AI_X931Random.

info Format

B_SetAlgorithmInfo() NULL_PTR, indicates that there is only one stream and no additional seeding is desired, or a pointer to A_X931_RANDOM_PARAMS.
When AI_X931Random is used with AI_RSAStrongKeyGen, the numberOfStreams field must always be equal to 6.

B_GetAlgorithmInfo() Returns a NULL_PTR if set with NULL_PTR. Otherwise returns a pointer to A_X931_RANDOM_PARAMS.

AI_X931Random Information

Functions to use B_RandomInit(), B_RandomUpdate() and B_GenerateRandomBytes(), and as the randomAlgorithm argument to other procedures.

AMs to include AM_X931_RANDOM

Internal to this implementation, for numberOfStreams = 6, the entropy is divided as follows (for the purpose of this explanation, bits of entropy are bits that are unpredictable):

Seeds 1, 2, 4, and 5 need only 101 bits, or 13 Bytes, of entropy.
Seeds 3 and 6 need one-half times the modulus length of entropy. Therefore, for example, for a modulus of 1024 bits, 64 Bytes of entropy are necessary. For a modulus size of 1536 bits, 92 Bytes of entropy are necessary, and for a modulus size of 2048 bits, 128 Bytes of entropy are necessary.

Although Crypto-C does some basic error checking, the quality of the application's entropy is not measured fully by AI_X931Random, and it may be that no error is returned even if seed entropy is poor or if insufficient random streams are provided. The proper implementation of sufficient entropy sources is the responsibility of the application and not of Crypto-C. A hardware RNG such as the Intel RNG, if available, is a good source for a random seed. See Hardware Management for more information on using Crypto-C with the Intel RNG.

B_SetAlgorithmInfo()	`NULL_PTR`, indicates that there is only one stream and no additional seeding is desired, or a pointer to A_X931_RANDOM_PARAMS. When AI_X931Random is used with AI_RSAStrongKeyGen, the `numberOfStreams` field must always be equal to 6.
B_GetAlgorithmInfo()	Returns a `NULL_PTR` if set with `NULL_PTR`. Otherwise returns a pointer to A_X931_RANDOM_PARAMS.

Functions to use	B_RandomInit(), B_RandomUpdate() and B_GenerateRandomBytes(), and as the randomAlgorithm argument to other procedures.
AMs to include	`AM_X931_RANDOM`