Baseline: 0.9.5a
The new generation of Pentiums coming out on the market have a genuine (hardware) RNG
built into them.
On Windows, at least, let the CryptoAPI initialize the random number generator. TODO:
when the new Pentiums are widespread, they should be used in place of md_rand for RNG in
all cases...
*** md_rand.c.orig Sat Jul 1 19:48:43 2000
--- md_rand.c Sat Jul 1 19:36:50 2000
***************
*** 181,186 ****
--- 181,193 ----
#define MD(a,b,c) MD2(a,b,c)
#endif
+ #ifdef WIN32
+ /* use the wincrypt API. On a newer pentium, this gives us a hardware RNG */
+ #define _WIN32_WINNT 0x400 /* oddly missing??? */
+ #include <windows.h>
+ #include <wincrypt.h>
+ #endif
+
#include <openssl/rand.h>
#ifdef BN_DEBUG
***************
*** 401,406 ****
--- 408,435 ----
memset(tmpbuf,0,n);
}
#endif
+ #ifdef WIN32
+ {
+ HCRYPTPROV hProv;
+ unsigned char tmpbuf[ENTROPY_NEEDED];
+
+ if (CryptAcquireContext(&hProv, NULL, NULL, PROV_RSA_FULL,
+ CRYPT_VERIFYCONTEXT|CRYPT_NEWKEYSET) == 0) {
+ fprintf(stderr, "CryptAcquireContext failed: %0x\n",
+ GetLastError());
+ return;
+ }
+ if (CryptGenRandom(hProv, sizeof tmpbuf, tmpbuf) == 0) {
+ fprintf(stderr, "CryptGenRandom failed: %0x\n",
+ GetLastError());
+ return;
+ }
+ /* TODO: if it really is a hardware RNG, use it all the time */
+ RAND_add(tmpbuf,sizeof tmpbuf, sizeof tmpbuf);
+ memset(tmpbuf,0, sizeof tmpbuf);
+ CryptReleaseContext(hProv, 0);
+ }
+ #endif /* WIN32 */
#ifdef PURIFY
memset(state,0,STATE_SIZE);
memset(md,0,MD_DIGEST_LENGTH);
