This updates the getentropy implementation for Windows to use the newer "Cryptography Next Generation APIs", replacing CryptGenRandom, which already has been removed from applications built for the Windows Store.
Tested with libressl-portable, it passes all regression tests. Details of the API are in the comment link below. Noted by Stephan Vedder (feliwir on github) and others. Any objections to gettin this in? diff --git a/src/lib/libcrypto/arc4random/getentropy_win.c b/src/lib/libcrypto/arc4random/getentropy_win.c index 2abeb27bc..0a014f3b0 100644 --- a/src/lib/libcrypto/arc4random/getentropy_win.c +++ b/src/lib/libcrypto/arc4random/getentropy_win.c @@ -21,39 +21,30 @@ */ #include <windows.h> +#include <bcrypt.h> #include <errno.h> #include <stdint.h> #include <sys/types.h> -#include <wincrypt.h> -#include <process.h> int getentropy(void *buf, size_t len); /* - * On Windows, CryptGenRandom is supposed to be a well-seeded - * cryptographically strong random number generator. + * On Windows, BCryptGenRandom with BCRYPT_USE_SYSTEM_PREFERRED_RNG is supposed + * to be a well-seeded, cryptographically strong random number generator. + * https://docs.microsoft.com/en-us/windows/win32/api/bcrypt/nf-bcrypt-bcryptgenrandom */ int getentropy(void *buf, size_t len) { - HCRYPTPROV provider; - if (len > 256) { errno = EIO; return (-1); } - if (CryptAcquireContext(&provider, NULL, NULL, PROV_RSA_FULL, - CRYPT_VERIFYCONTEXT) == 0) - goto fail; - if (CryptGenRandom(provider, len, buf) == 0) { - CryptReleaseContext(provider, 0); - goto fail; + if (FAILED(BCryptGenRandom(NULL, buf, len, BCRYPT_USE_SYSTEM_PREFERRED_RNG))) { + errno = EIO; + return (-1); } - CryptReleaseContext(provider, 0); + return (0); - -fail: - errno = EIO; - return (-1); }
