From 3779469192bb285d445d82c252419e657833416f Mon Sep 17 00:00:00 2001 From: =?utf8?q?Ulf=20M=C3=B6ller?= Date: Fri, 21 Jan 2000 23:39:15 +0000 Subject: [PATCH] Use comment from md_rand.c (part 2, as well). --- doc/crypto/rand.pod | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) diff --git a/doc/crypto/rand.pod b/doc/crypto/rand.pod index 588b082e7c..a6dbf516b3 100644 --- a/doc/crypto/rand.pod +++ b/doc/crypto/rand.pod @@ -123,19 +123,20 @@ function and xor). When bytes are extracted from the RNG, the following process is used. For each group of 8 bytes (or less), we do the following, -Input into the hash function, the top 8 bytes from 'md', the byte that -are to be overwritten by the random bytes and bytes from the 'state' +Input into the hash function the top 8 bytes from 'md', the bytes that +are to be overwritten by the random bytes, and bytes from the 'state' (incrementing looping index). From this hash function output (which is kept in 'md'), the top (upto) 8 bytes are returned to the caller and the bottom (upto) 8 bytes are xored into the 'state'. -Finally, after we have finished 'generation' random bytes for the -called, 'count' (which is incremented) and 'md' are fed into the hash -function and the results are kept in 'md'. I believe the above -addressed points 1 (use of SHA-1), 6 (by hashing into the 'state' the -'old' data from the caller that is about to be overwritten) and 7 (by -not using the 8 bytes given to the caller to update the 'state', but -they are used to update 'md'). +Finally, after we have finished 'num' random bytes for the caller, +'count' (which is incremented) and the local and global 'md' are fed +into the hash function and the results are kept in the global 'md'. + +I believe the above addressed points 1 (use of SHA-1), 6 (by hashing +into the 'state' the 'old' data from the caller that is about to be +overwritten) and 7 (by not using the 8 bytes given to the caller to +update the 'state', but they are used to update 'md'). So of the points raised, only 2 is not addressed (but see L). -- 2.25.1