Projection Television User Manual
Chapter 6 Symmetric-Key Operations 187
Block Ciphers
Use a random number generator to come up with 24 bytes.
It is a good idea to zeroize any sensitive data after leaving the
do-while. In fact, you
may want to zeroize the memory and free it up immediately after setting the key. To
do so, first free the memory using
T_free, then reset
rc2KeyItem.data
to NULL_PTR,
duplicating the following sequence after the
do-while. If there is an error inside the
do-while, you will still zeroize and free sensitive data; if there is no error, you have
reset to
NULL_PTR, and the code after the do-while will not create havoc.
typedef struct {
unsigned char *data;
unsigned int len;
} ITEM;
ITEM rc2KeyItem;
rc2KeyItem.len = 24;
rc2KeyItem.data = T_malloc (rc2KeyItem.len);
if ((status = (rc2KeyItem.data == NULL_PTR)) != 0)
break;
/* Complete steps 1 - 4 of Generating Random Numbers, then
call B_GenerateRandomBytes. */
if ((status = B_GenerateRandomBytes
(randomAlgorithm, rc2KeyItem.data, rc2KeyItem.len,
(A_SURRENDER_CTX *)NULL_PTR)) != 0)
break;
if ((status = B_SetKeyInfo
(rc2Key, KI_Item, (POINTER)&rc2KeyItem)) != 0)
break;
if (rc2KeyItem.data != NULL_PTR) {
T_memset (rc2KeyItem.data, 0, rc2KeyItem.len);
T_free (rc2KeyItem.data);
rc2KeyItem.data = NULL_PTR;
rc2KeyItem.len = 0;
}