diff options
author | wtc%google.com <devnull@localhost> | 2009-03-29 03:45:34 +0000 |
---|---|---|
committer | wtc%google.com <devnull@localhost> | 2009-03-29 03:45:34 +0000 |
commit | 5b884abf0d63de6f5d59ef99b720ae8e83aa667e (patch) | |
tree | d7a2eb9ce7e7ca82ba8e1b8ac19105ccf10417e9 | |
parent | 00afb536bd6a38157b0290a4d6e513bad22c438c (diff) | |
download | nss-hg-5b884abf0d63de6f5d59ef99b720ae8e83aa667e.tar.gz |
Bug 457045: fixed nits. r=nelson.
- typos in comments
- added 'const'
- changed parameter name byte_len/byte_Len to bytes_len to match
the name of the buffer 'bytes'
- formatting
Modified Files:
freebl/blapi.h freebl/drbg.c freebl/loader.c freebl/loader.h
freebl/os2_rand.c freebl/sysrand.c freebl/unix_rand.c
freebl/win_rand.c softoken/fipstest.c
-rw-r--r-- | security/nss/lib/freebl/blapi.h | 8 | ||||
-rw-r--r-- | security/nss/lib/freebl/drbg.c | 104 | ||||
-rw-r--r-- | security/nss/lib/freebl/loader.c | 6 | ||||
-rw-r--r-- | security/nss/lib/freebl/loader.h | 4 | ||||
-rw-r--r-- | security/nss/lib/freebl/os2_rand.c | 7 | ||||
-rw-r--r-- | security/nss/lib/freebl/sysrand.c | 6 | ||||
-rw-r--r-- | security/nss/lib/freebl/unix_rand.c | 13 | ||||
-rw-r--r-- | security/nss/lib/freebl/win_rand.c | 3 | ||||
-rw-r--r-- | security/nss/lib/softoken/fipstest.c | 8 |
9 files changed, 77 insertions, 82 deletions
diff --git a/security/nss/lib/freebl/blapi.h b/security/nss/lib/freebl/blapi.h index e50ef73e7..bb38e36c4 100644 --- a/security/nss/lib/freebl/blapi.h +++ b/security/nss/lib/freebl/blapi.h @@ -1081,8 +1081,8 @@ extern void RNG_SystemInfoForRNG(void); */ /* - * FIPS186Change_GenerateX is now deprecated. It will return SEC_Failure with - * the error set to SEC_ERROR_LIBRARY_FAILURE. + * FIPS186Change_GenerateX is now deprecated. It will return SECFailure with + * the error set to PR_NOT_IMPLEMENTED_ERROR. */ extern SECStatus FIPS186Change_GenerateX(unsigned char *XKEY, @@ -1112,11 +1112,11 @@ PRNGTEST_Instantiate(const PRUint8 *entropy, unsigned int entropy_len, const PRUint8 *personal_string, unsigned int ps_len); extern SECStatus -PRNGTEST_Reseed(PRUint8 *entropy, unsigned int entropy_len, +PRNGTEST_Reseed(const PRUint8 *entropy, unsigned int entropy_len, const PRUint8 *additional, unsigned int additional_len); extern SECStatus -PRNGTEST_Generate(PRUint8 *bytes, unsigned int byte_Len, +PRNGTEST_Generate(PRUint8 *bytes, unsigned int bytes_len, const PRUint8 *additional, unsigned int additional_len); extern SECStatus diff --git a/security/nss/lib/freebl/drbg.c b/security/nss/lib/freebl/drbg.c index e3dbdb222..587d458e3 100644 --- a/security/nss/lib/freebl/drbg.c +++ b/security/nss/lib/freebl/drbg.c @@ -62,18 +62,18 @@ * for SHA-384 and SHA-512 it's 888 bits */ #define PRNG_SEEDLEN (440/PR_BITS_PER_BYTE) static const PRInt64 PRNG_MAX_ADDITIONAL_BYTES = LL_INIT(0x1, 0x0); - /* 3^35 bits or 3^32 bytes */ + /* 2^35 bits or 2^32 bytes */ #define PRNG_MAX_REQUEST_SIZE 0x10000 /* 2^19 bits or 2^16 bytes */ -#define PRNG_ADDITONAL_DATA_CACHE_SIZE (8*1024) /* must be less that +#define PRNG_ADDITONAL_DATA_CACHE_SIZE (8*1024) /* must be less than * PRNG_MAX_ADDITIONAL_BYTES */ -/* PRNG_RESEED_COUNT is how many calls to the prng before we need to reseed +/* RESEED_COUNT is how many calls to the prng before we need to reseed * under normal NIST rules, you must return an error. In the NSS case, we * self-reseed with RNG_SystemRNG(). Count can be a large number. For code - * simplicity, we specify count with 2 components RESEED_BYTE (which is - * the same as LOG256(RESEED_COUNT) and RESEED_VALUE (which is the same as + * simplicity, we specify count with 2 components: RESEED_BYTE (which is + * the same as LOG256(RESEED_COUNT)) and RESEED_VALUE (which is the same as * RESEED_COUNT / (256 ^ RESEED_BYTE)). Another way to look at this is * RESEED_COUNT = RESEED_VALUE * (256 ^ RESEED_BYTE). For Hash based DRBG * we use the maximum count value, 2^48, or RESEED_BYTE=6 and RESEED_VALUE=1 @@ -81,19 +81,19 @@ static const PRInt64 PRNG_MAX_ADDITIONAL_BYTES = LL_INIT(0x1, 0x0); #define RESEED_BYTE 6 #define RESEED_VALUE 1 -#define PRNG_RESET_SEED_COUNT(rng) \ +#define PRNG_RESET_RESEED_COUNT(rng) \ PORT_Memset((rng)->reseed_counter, 0, sizeof (rng)->reseed_counter); \ (rng)->reseed_counter[RESEED_BYTE] = 1; /* - * The actual values of this enum is specified in SP 800-90, 10.1.1.* + * The actual values of this enum are specified in SP 800-90, 10.1.1.* * The spec does not name the types, it only uses bare values */ typedef enum { prngCGenerateType = 0, /* used when creating a new 'C' */ prngReseedType = 1, /* used in reseeding */ - prngAdditionalDataType = 2, /* used in mixing Additional data */ + prngAdditionalDataType = 2, /* used in mixing additional data */ prngGenerateByteType = 3 /* used when mixing internal state while * generating bytes */ } prngVTypes; @@ -104,11 +104,11 @@ typedef enum { struct RNGContextStr { PZLock *lock; /* Lock to serialize access to global rng */ /* - * NOTE, a number of steps in the drbg algorithm needs to hash - * V_type || V. The code, therefore, depends The V array following - * immediately after V_type. to avoid extra copies. To accomplish this + * NOTE, a number of steps in the drbg algorithm need to hash + * V_type || V. The code, therefore, depends on the V array following + * immediately after V_type to avoid extra copies. To accomplish this * in a way that compiliers can't perturb, we declare V_type and V - * as a V_data array and reference them by macros */ + * as a V_Data array and reference them by macros */ PRUint8 V_Data[PRNG_SEEDLEN+1]; /* internal state variables */ #define V_type V_Data[0] #define V(rng) (((rng)->V_Data)+1) @@ -118,15 +118,15 @@ struct RNGContextStr { /* If we get calls for the PRNG to return less than the length of our * hash, we extend the request for a full hash (since we'll be doing * the full hash anyway). Future requests for random numbers are fulfilled - * from the remainder of the bytes we generated. Requests for bytes - * longer than a the hash size fulfilled directly from the HashGen function + * from the remainder of the bytes we generated. Requests for bytes longer + * than the hash size are fulfilled directly from the HashGen function * of the random number generator. */ PRUint8 reseed_counter[RESEED_BYTE+1]; /* number of requests since the * last reseed. Need only be * big enough to hold the whole * reseed count */ PRUint8 data[SHA256_LENGTH]; /* when we request less than a block - * save the rest of the rng for + * save the rest of the rng output for * another partial block */ PRUint8 dataAvail; /* # bytes of output available in our cache, * [0...SHA256_LENGTH] */ @@ -150,14 +150,14 @@ static RNGContext theGlobalRng; /* * Hash Derive function defined in NISP SP 800-90 Section 10.4.1. - * This function is used in the Instantiate and Reseed function. + * This function is used in the Instantiate and Reseed functions. * - * NOTE: requested_bits cannot overlap with input_string_1 or input_string_2. + * NOTE: requested_bytes cannot overlap with input_string_1 or input_string_2. * input_string_1 and input_string_2 are logically concatentated. -* input_string_1 must be supplied. + * input_string_1 must be supplied. * if input_string_2 is not supplied, NULL should be passed for this parameter. */ -static SECStatus +static void prng_Hash_df(PRUint8 *requested_bytes, unsigned int no_of_bytes_to_return, const PRUint8 *input_string_1, unsigned int input_string_1_len, const PRUint8 *input_string_2, unsigned int input_string_2_len) @@ -182,14 +182,13 @@ prng_Hash_df(PRUint8 *requested_bytes, unsigned int no_of_bytes_to_return, requested_bytes += hash_return_len; no_of_bytes_to_return -= hash_return_len; } - return SECSuccess; } /* - * Hash_DRB Instantiate NIST SP 800-80 10.1.1.2 + * Hash_DRBG Instantiate NIST SP 800-80 10.1.1.2 * - * NOTE: byte & len are entropy || nonce || personalization_string. In + * NOTE: bytes & len are entropy || nonce || personalization_string. In * normal operation, NSS calculates them all together in a single call. */ static SECStatus @@ -198,7 +197,7 @@ prng_instantiate(RNGContext *rng, PRUint8 *bytes, unsigned int len) prng_Hash_df(V(rng), VSize(rng), bytes, len, NULL, 0); rng->V_type = prngCGenerateType; prng_Hash_df(rng->C,sizeof rng->C,rng->V_Data,sizeof rng->V_Data,NULL,0); - PRNG_RESET_SEED_COUNT(rng) + PRNG_RESET_RESEED_COUNT(rng) return SECSuccess; } @@ -209,8 +208,6 @@ prng_instantiate(RNGContext *rng, PRUint8 *bytes, unsigned int len) * section 10.1.1.3 * * If entropy is NULL, it is fetched from the noise generator. - * - * Update */ static SECStatus @@ -220,7 +217,7 @@ prng_reseed(RNGContext *rng, const PRUint8 *entropy, unsigned int entropy_len, PRUint8 noiseData[(sizeof rng->V_Data)+PRNG_SEEDLEN]; PRUint8 *noise = &noiseData[0]; - /* if entropy wasn't supplied, fetch it. (normal operationg case) */ + /* if entropy wasn't supplied, fetch it. (normal operation case) */ if (entropy == NULL) { entropy_len = (unsigned int) RNG_SystemRNG( &noiseData[sizeof rng->V_Data], PRNG_SEEDLEN); @@ -240,11 +237,11 @@ prng_reseed(RNGContext *rng, const PRUint8 *entropy, unsigned int entropy_len, PORT_Memcpy(noise, rng->V_Data, sizeof rng->V_Data); prng_Hash_df(V(rng), VSize(rng), noise, (sizeof rng->V_Data) + entropy_len, additional_input, additional_input_len); - /* clear potential CPS */ + /* clear potential CSP */ PORT_Memset(noise, 0, (sizeof rng->V_Data) + entropy_len); rng->V_type = prngCGenerateType; prng_Hash_df(rng->C,sizeof rng->C,rng->V_Data,sizeof rng->V_Data,NULL,0); - PRNG_RESET_SEED_COUNT(rng) + PRNG_RESET_RESEED_COUNT(rng) if (noise != &noiseData[0]) { PORT_Free(noise); @@ -262,7 +259,7 @@ prng_reseed(RNGContext *rng, const PRUint8 *entropy, unsigned int entropy_len, } /* - * NOTE: Dest must be an array for the following to work. + * NOTE: dest must be an array for the following to work. */ #define PRNG_ADD_BITS(dest, dest_len, add, len) \ carry = 0; \ @@ -270,7 +267,7 @@ prng_reseed(RNGContext *rng, const PRUint8 *entropy, unsigned int entropy_len, carry += dest[k1]+ add[k2]; \ dest[k1] = (PRUint8) carry; \ carry >>= 8; \ - } \ + } #define PRNG_ADD_BITS_AND_CARRY(dest, dest_len, add, len) \ PRNG_ADD_BITS(dest, dest_len, add, len) \ @@ -321,7 +318,7 @@ prng_generateNewBytes(RNGContext *rng, unsigned int additional_input_len) { PRUint8 H[SHA256_LENGTH]; /* both H and w since they - * aren't used concurrently */ + * aren't used concurrently */ unsigned int carry; int k1, k2; @@ -334,7 +331,7 @@ prng_generateNewBytes(RNGContext *rng, if (additional_input){ SHA256Context ctx; /* NIST SP 800-90 defines two temporaries in their calculations, - * w, and H. These temporaries are the same lengths, and used + * w and H. These temporaries are the same lengths, and used * at different times, so we use the following macro to collapse * them to the same variable, but keeping their unique names for * easy comparison to the spec */ @@ -487,20 +484,20 @@ RNG_RandomUpdate(const void *data, size_t bytes) * spec. The spec says it must be less than 2^32 bytes (2^35 bits). * This can only happen if size_t is greater than 32 bits (i.e. on * most 64 bit platforms). The 90% case (perhaps 100% case), size_t - * is less then equal to 32 bits if the platform is not 64 bits, and + * is less than or equal to 32 bits if the platform is not 64 bits, and * greater than 32 bits if it is a 64 bit platform. The corner * cases are handled with explicit defines NS_PTR_GT_32 and NS_PTR_LE_32. * * In general, neither NS_PTR_GT_32 nor NS_PTR_LE_32 will need to be * defined. If you trip over the next two size ASSERTS at compile time, - * you will need to define them for your platform.. + * you will need to define them for your platform. * - * if 'sizeof(size_t) > 4' is triggered It means that we were expecting + * if 'sizeof(size_t) > 4' is triggered it means that we were expecting * sizeof(size_t) to be greater than 4, but it wasn't. Setting * NS_PTR_LE_32 will correct that mistake. * * if 'sizeof(size_t) <= 4' is triggered, it means that we were expecting - * sizeof(size_t) to be less than or equal 4, but it wasn't. Setting + * sizeof(size_t) to be less than or equal to 4, but it wasn't. Setting * NS_PTR_GT_32 will correct that mistake. */ @@ -514,11 +511,11 @@ RNG_RandomUpdate(const void *data, size_t bytes) #endif PZ_Lock(globalrng->lock); - /* if we're passed more than our additionalCache, simply + /* if we're passed more than our additionalDataCache, simply * call reseed with that data */ if (bytes > sizeof (globalrng->additionalDataCache)) { rv = prng_reseed(globalrng, NULL, 0, data, (unsigned int) bytes); - /* if we aren't going to overflow the buffer, just cache it */ + /* if we aren't going to fill or overflow the buffer, just cache it */ } else if (bytes < ((sizeof globalrng->additionalDataCache) - globalrng->additionalAvail)) { PORT_Memcpy(globalrng->additionalDataCache+globalrng->additionalAvail, @@ -526,8 +523,8 @@ RNG_RandomUpdate(const void *data, size_t bytes) globalrng->additionalAvail += (PRUint32) bytes; rv = SECSuccess; } else { - /* we are going to overflow the buffer. In this case we will fill - * the entropy buffer, reseed with it, start a new buffer with the + /* we are going to fill or overflow the buffer. In this case we will + * fill the entropy buffer, reseed with it, start a new buffer with the * remainder. We know the remainder will fit in the buffer because * we already handled the case where bytes > the size of the buffer. */ @@ -657,7 +654,7 @@ RNG_RNGShutdown(void) * were implemented without it. They are re-implemented below for use * with DSA. * - * Is this coded needed now that we have the Hash_DRBG function? + * Is this code needed now that we have the Hash_DRBG function? * */ #define FIPS_DSA_Q 160 @@ -741,7 +738,7 @@ DSA_GenerateGlobalRandomBytes(void *dest, size_t len, const PRUint8 *q) /* * The core of Algorithm 1 of FIPS 186-2 Change Notice 1, * we no longer support FIPS 186-2. This function was exported - * for power-on self tests and FIPS tests. Keep this stub which fails + * for power-on self tests and FIPS tests. Keep this stub, which fails, * to prevent crashes, but also to signal to test code that * FIPS-186 is no longer supported. */ @@ -749,30 +746,31 @@ SECStatus FIPS186Change_GenerateX(PRUint8 *XKEY, const PRUint8 *XSEEDj, PRUint8 *x_j) { + PORT_SetError(PR_NOT_IMPLEMENTED_ERROR); return SECFailure; } /* - * Test Case interface. used by fips testing and power on self test + * Test case interface. used by fips testing and power on self test */ /* make sure the test context is separate from the global context, This - * allows us to test the internal random number generator without loosing + * allows us to test the internal random number generator without losing * entropy we may have previously collected. */ RNGContext testContext; /* - * Test vector API. USE NIST SP 800-90 general interface so one of the - * other NIST SP 800 algorithms may used in the future. + * Test vector API. Use NIST SP 800-90 general interface so one of the + * other NIST SP 800-90 algorithms may be used in the future. */ SECStatus PRNGTEST_Instantiate(const PRUint8 *entropy, unsigned int entropy_len, const PRUint8 *nonce, unsigned int nonce_len, const PRUint8 *personal_string, unsigned int ps_len) { - int byte_len = entropy_len + nonce_len + ps_len; - PRUint8 *bytes = PORT_Alloc(byte_len); + int bytes_len = entropy_len + nonce_len + ps_len; + PRUint8 *bytes = PORT_Alloc(bytes_len); if (bytes == NULL) { return SECFailure; @@ -790,14 +788,14 @@ PRNGTEST_Instantiate(const PRUint8 *entropy, unsigned int entropy_len, } else { PORT_Assert(ps_len == 0); } - prng_instantiate(&testContext, bytes, byte_len); + prng_instantiate(&testContext, bytes, bytes_len); testContext.isValid = PR_TRUE; - PORT_ZFree(bytes, byte_len); + PORT_ZFree(bytes, bytes_len); return SECSuccess; } SECStatus -PRNGTEST_Reseed(PRUint8 *entropy, unsigned int entropy_len, +PRNGTEST_Reseed(const PRUint8 *entropy, unsigned int entropy_len, const PRUint8 *additional, unsigned int additional_len) { if (!testContext.isValid) { @@ -810,14 +808,14 @@ PRNGTEST_Reseed(PRUint8 *entropy, unsigned int entropy_len, } SECStatus -PRNGTEST_Generate(PRUint8 *bytes, unsigned int byte_len, +PRNGTEST_Generate(PRUint8 *bytes, unsigned int bytes_len, const PRUint8 *additional, unsigned int additional_len) { if (!testContext.isValid) { PORT_SetError(SEC_ERROR_LIBRARY_FAILURE); return SECFailure; } - return prng_generateNewBytes(&testContext, bytes, byte_len, + return prng_generateNewBytes(&testContext, bytes, bytes_len, additional, additional_len); } diff --git a/security/nss/lib/freebl/loader.c b/security/nss/lib/freebl/loader.c index af01dc6a7..00d220dd0 100644 --- a/security/nss/lib/freebl/loader.c +++ b/security/nss/lib/freebl/loader.c @@ -1669,7 +1669,7 @@ PRNGTEST_Instantiate(const PRUint8 *entropy, unsigned int entropy_len, } SECStatus -PRNGTEST_Reseed(PRUint8 *entropy, unsigned int entropy_len, +PRNGTEST_Reseed(const PRUint8 *entropy, unsigned int entropy_len, const PRUint8 *additional, unsigned int additional_len) { if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) @@ -1679,12 +1679,12 @@ PRNGTEST_Reseed(PRUint8 *entropy, unsigned int entropy_len, } SECStatus -PRNGTEST_Generate(PRUint8 *bytes, unsigned int byte_Len, +PRNGTEST_Generate(PRUint8 *bytes, unsigned int bytes_len, const PRUint8 *additional, unsigned int additional_len) { if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) return SECFailure; - return (vector->p_PRNGTEST_Generate)(bytes, byte_Len, + return (vector->p_PRNGTEST_Generate)(bytes, bytes_len, additional, additional_len); } diff --git a/security/nss/lib/freebl/loader.h b/security/nss/lib/freebl/loader.h index 4356e46f2..2339c534b 100644 --- a/security/nss/lib/freebl/loader.h +++ b/security/nss/lib/freebl/loader.h @@ -528,13 +528,13 @@ struct FREEBLVectorStr { const PRUint8 *personal_string, unsigned int ps_len); - SECStatus (* p_PRNGTEST_Reseed)(PRUint8 *entropy, + SECStatus (* p_PRNGTEST_Reseed)(const PRUint8 *entropy, unsigned int entropy_len, const PRUint8 *additional, unsigned int additional_len); SECStatus (* p_PRNGTEST_Generate)(PRUint8 *bytes, - unsigned int byte_Len, + unsigned int bytes_len, const PRUint8 *additional, unsigned int additional_len); diff --git a/security/nss/lib/freebl/os2_rand.c b/security/nss/lib/freebl/os2_rand.c index 4c9f1eac5..c10104c92 100644 --- a/security/nss/lib/freebl/os2_rand.c +++ b/security/nss/lib/freebl/os2_rand.c @@ -177,17 +177,16 @@ ReadFiles(const char *file) dwNumFiles++; } -void +static void ReadSingleFile(const char *filename) { unsigned char buffer[1024]; FILE *file; file = fopen((char *)filename, "rb"); - if (file != NULL) - { + if (file != NULL) { while (fread(buffer, 1, sizeof(buffer), file) > 0) - ; + ; fclose(file); } } diff --git a/security/nss/lib/freebl/sysrand.c b/security/nss/lib/freebl/sysrand.c index c5b239270..8494eaf31 100644 --- a/security/nss/lib/freebl/sysrand.c +++ b/security/nss/lib/freebl/sysrand.c @@ -53,7 +53,7 @@ static size_t rng_systemFromNoise(unsigned char *dest, size_t maxLen); #endif /* - * Normal RNG_SystemRNG() isn't available, use the system Noise to collect + * Normal RNG_SystemRNG() isn't available, use the system noise to collect * the required amount of entropy. */ static size_t @@ -69,8 +69,8 @@ rng_systemFromNoise(unsigned char *dest, size_t maxLen) dest += nbytes; maxLen -= nbytes; - /* some hw op to try to introduce more entropy into the next GetNoise - * call */ + /* some hw op to try to introduce more entropy into the next + * RNG_GetNoise call */ rng_systemJitter(); } return retBytes; diff --git a/security/nss/lib/freebl/unix_rand.c b/security/nss/lib/freebl/unix_rand.c index 6ef7fa790..28b523759 100644 --- a/security/nss/lib/freebl/unix_rand.c +++ b/security/nss/lib/freebl/unix_rand.c @@ -892,12 +892,6 @@ safe_pclose(FILE *fp) */ #define DO_NETSTAT 1 -#if defined(BSDI) - static char netstat_ni_cmd[] = "netstat -nis"; -#else - static char netstat_ni_cmd[] = "netstat -ni"; -#endif - void RNG_SystemInfoForRNG(void) { FILE *fp; @@ -930,6 +924,11 @@ void RNG_SystemInfoForRNG(void) }; #endif +#if defined(BSDI) + static char netstat_ni_cmd[] = "netstat -nis"; +#else + static char netstat_ni_cmd[] = "netstat -ni"; +#endif GiveSystemInfo(); @@ -1145,8 +1144,6 @@ void ReadSingleFile(const char *fileName) ; fclose(file); } - - return; } #define _POSIX_PTHREAD_SEMANTICS diff --git a/security/nss/lib/freebl/win_rand.c b/security/nss/lib/freebl/win_rand.c index 763a7938c..c24af0a11 100644 --- a/security/nss/lib/freebl/win_rand.c +++ b/security/nss/lib/freebl/win_rand.c @@ -360,7 +360,8 @@ void RNG_SystemInfoForRNG(void) RNG_RandomUpdate(buffer, nBytes); } -static void rng_systemJitter(void) { +static void rng_systemJitter(void) +{ dwNumFiles = 0; EnumSystemFiles(ReadOneFile); dwFileToRead++; diff --git a/security/nss/lib/softoken/fipstest.c b/security/nss/lib/softoken/fipstest.c index 2a67d2c9a..8dddbc667 100644 --- a/security/nss/lib/softoken/fipstest.c +++ b/security/nss/lib/softoken/fipstest.c @@ -1901,11 +1901,11 @@ sftk_fips_RNG_PowerUpSelfTest( void ) PRUint8 result[sizeof(rng_known_result)]; PRUint8 DSAX[FIPS_DSA_SUBPRIME_LENGTH]; - /*******************************************************/ - /* Generate random bytes with a known seed. */ - /*******************************************/ + /********************************************/ + /* Generate random bytes with a known seed. */ + /********************************************/ rng_status = PRNGTEST_Instantiate(entropy, sizeof entropy, - NULL, 0, NULL, 0); + NULL, 0, NULL, 0); if (rng_status != SECSuccess) { return ( CKR_DEVICE_ERROR ); } |