提交 37794691 编写于 作者: U Ulf Möller

Use comment from md_rand.c (part 2, as well).

上级 0b5cfe32
......@@ -123,19 +123,20 @@ function and xor).
When bytes are extracted from the RNG, the following process is used.
For each group of 8 bytes (or less), we do the following,
Input into the hash function, the top 8 bytes from 'md', the byte that
are to be overwritten by the random bytes and bytes from the 'state'
Input into the hash function the top 8 bytes from 'md', the bytes that
are to be overwritten by the random bytes, and bytes from the 'state'
(incrementing looping index). From this hash function output (which
is kept in 'md'), the top (upto) 8 bytes are returned to the caller
and the bottom (upto) 8 bytes are xored into the 'state'.
Finally, after we have finished 'generation' random bytes for the
called, 'count' (which is incremented) and 'md' are fed into the hash
function and the results are kept in 'md'. I believe the above
addressed points 1 (use of SHA-1), 6 (by hashing into the 'state' the
'old' data from the caller that is about to be overwritten) and 7 (by
not using the 8 bytes given to the caller to update the 'state', but
they are used to update 'md').
Finally, after we have finished 'num' random bytes for the caller,
'count' (which is incremented) and the local and global 'md' are fed
into the hash function and the results are kept in the global 'md'.
I believe the above addressed points 1 (use of SHA-1), 6 (by hashing
into the 'state' the 'old' data from the caller that is about to be
overwritten) and 7 (by not using the 8 bytes given to the caller to
update the 'state', but they are used to update 'md').
So of the points raised, only 2 is not addressed (but see
L<RAND_add()>).
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册