Hai-May, I have an update to an earlier comment and a new comment.
Regards, -Krishna > Hai-May Chao wrote: >> >> I updated my webrev with review comments from Dan and Ferenc. >> The updated webrev is at: >> >> http://cr.opensolaris.org/~haimay/CR6703956-v1/ > ... > > KY-1 T3 lines 33-34, 106, 135 > fips_add160() expects val1 and val2 to be in big-endian > format. I assume the correctness of the operation depends > on that. > > If so, you need to do some conversion for little-endian > case, on lines 106 and 135. Thinking a bit further, I don't see the need for these arguments to be in big-endian format since it does not matter whether a 160-bit random number is reversed for the purpose of a PRNG. Recommend just fixing the comment. > usr/src/uts/common/crypto/api/kcf_random.c > KY-10 T2 lines 667-668 fips_random_inner() overwrites the third argument. This is not what we want here. Recommend passing a local variable instead. Also, bzero it after the call. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mail.opensolaris.org/pipermail/crypto-discuss/attachments/20081023/1055a77d/attachment.html>
