New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CryptGenRandom is deprecated #14089
CryptGenRandom is deprecated #14089
Conversation
src/random.cpp
Outdated
@@ -9,8 +9,16 @@ | |||
#include <support/cleanse.h> | |||
#ifdef WIN32 | |||
#include <compat.h> // for Windows API | |||
#include <wincrypt.h> | |||
#if defined(_MSC_VER) && defined(_WIN32_WINNT) && _WIN32_WINNT>=0x0601 | |||
#include <bcrypt.h> |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
so with this, it will still use the deprecated function with mingw?
(which is used for the distributed binaries)
src/random.cpp
Outdated
#include <wincrypt.h> | ||
#if defined(_MSC_VER) && defined(_WIN32_WINNT) && _WIN32_WINNT>=0x0601 | ||
#include <bcrypt.h> | ||
#pragma comment(lib, "bcrypt.lib") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You should add this into build_msvc/*/*.vcxproj
and configure.ac
instead of adding random library into source code. Once you update configure.ac
, the #if defined(_MSC_VER)..#endif
thing could be removed.
src/random.cpp
Outdated
@@ -9,8 +9,16 @@ | |||
#include <support/cleanse.h> | |||
#ifdef WIN32 | |||
#include <compat.h> // for Windows API | |||
#include <wincrypt.h> | |||
#if defined(_MSC_VER) && defined(_WIN32_WINNT) && _WIN32_WINNT>=0x0601 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
checking _WIN32_WINNT
is not necessary. The min version required to run Bitcoin Core is Vista which is the same as the required min version of BCryptGenRandom
a235c05
to
b3142a4
Compare
thankyou, now the minimum system is windows vista |
Concept ACK |
utACK on superficial code changes however, as random generation is critical to wallet security, someone with actual knowledge of windows random APIs should review this |
I would be inclined to NACK, new version of .NET still depend on advapi32.dll |
Extract from .NET 4.7.2 released in march 2018, still using |
Windows Vista: The random number generator is based on the hash-based random number generator specified in the FIPS 186-2 standard. ok, maybe switch to bcrypt after many years? |
Could do both? |
bitcoin random source: OpenSSL's RNG already append CryptGenRandom(Compile Target < Win7) |
We will in the near future probably remove OpenSSL as a randomness source. |
Remove randomness source must be very carefull. |
No, we're still relying on some of its features that need to be implemented differently first. I'm just pointing out that OpenSSL using some API already is not a reason to not also use it ourselves. |
Add both os source now? Or wait for Microsoft's new API to accept more tests |
2a77bb5
to
cb5d5d8
Compare
cb5d5d8
to
1e8f80d
Compare
I'm closing this for now. |
ok, please read 14116 |
CryptGenRandom is deprecated
https://docs.microsoft.com/en-us/windows/desktop/api/wincrypt/nf-wincrypt-cryptgenrandom