Add Seed for Pseudorandom Number Generator (Qc3AddPRNGSeed) API

Add Seed for Pseudorandom Number Generator (QC3ADDSD, Qc3AddPRNGSeed) API

Required Parameter Group:

1	Seed data	Input	Char(*)
2	Seed data length	Input	Binary(4)
3	Error Code	I/O	Char(*)

  Service Program Name: QC3PRNG

  Default Public Authority: *USE

  Threadsafe: Yes

The Add Seed for Pseudorandom Number Generator (OPM, QC3ADDSD; ILE, Qc3AddPRNGSeed) API allows the user to add seed into the server's pseudorandom number generator system seed digest.

The pseudorandom number generator is composed of two parts: pseudorandom number generation and seed management. Pseudorandom number generation is performed using the FIPS 186-1 algorithm. (See the Generate Pseudorandom Numbers (Qc3GenPRNs) API.) Cryptographically-secure pseudorandom numbers rely on good seed. The FIPS 186-1 key and seed values are obtained from the system seed digest. The server automatically generates seed using data collected from system information or by using the random number generator function on a cryptographic coprocessor, such as a 4758, if one is available. System-generated seed can never be truly unpredictable. If a cryptographic coprocessor is not available, you can use this API to add your own random seed to the system seed digest. This should be done as soon as possible any time the Licensed Internal Code is installed.

Authorities and Locks

All object (*ALLOBJ) special authority is needed to use this API.

User Profile Authority

*ALLOBJ

Required Parameter Group

Seed data

INPUT; CHAR(*)

The input seed data for the system seed digest.

It is important that the seed data be unpredictable and have as much entropy as possible. Entropy is the minimum number of bits needed to represent the information contained in some data. For seeding purposes, entropy is a measure of the amount of uncertainty or unpredictability of the seed. The system seed digest holds a maximum of 160 bits of entropy. You should add at least that much entropy to refresh the system seed digest totally. Possible sources of seed data are coin flipping, keystroke or mouse timings, or a noise source such as the one available on the 4758 Cryptographic Coprocessor.

Seed data length

INPUT; BINARY(4)

The length of the seed data, in bytes. If this length is 0, no seed data is added.

Error code

I/O; CHAR(*)

The structure in which to return error information. For the format of the structure, see Error Code Parameter.

Error Messages

Message ID	Error Message Text
CPF222E E	*ALLOBJ special authority is required.
CPF3C17 E	Error occurred with input data parameter.
CPF3CF1 E	Error code parameter not valid.

Message ID

Error Message Text

CPF222E E

*ALLOBJ special authority is required.

CPF3C17 E

Error occurred with input data parameter.

CPF3CF1 E

Error code parameter not valid.