RE: RE: Issue getting enough entropy on Windows NT 4.0 system

Fri, 10 Oct 2008 07:00:02 -0700 

Thanks for the suggestionb but the RAND_poll function already
pulls from the system right after the big #if 0 block as described
below in the stetup for the calls.....

        if (advapi)
                {
                /*
                 * If it's available, then it's available in both ANSI
                 * and UNICODE flavors even in Win9x, documentation
says.
                 * We favor Unicode...
                 */
                acquire = (CRYPTACQUIRECONTEXTW) GetProcAddress(advapi,
                        "CryptAcquireContextW");
                gen = (CRYPTGENRANDOM) GetProcAddress(advapi,
                        "CryptGenRandom");
                release = (CRYPTRELEASECONTEXT) GetProcAddress(advapi,
                        "CryptReleaseContext");
                }

So, still looking for other suggestions.

I also tried finding an EGD for Win NT 4.0 and the only one that looked
promising was EGADS which is no longer available.

Thanks Again for any suggestions,
Ray


> Hello,
> Why not grab some entropy from the system entropy provider?
>
> #include <wincrypt.h>
> bool GetSysEntropy(void *ptr, int len)
> {
>  char namebuf[512];
>  HCRYPTPROV handle;
>  DWORD count=500;
> 
>  if(!CryptGetDefaultProvider(PROV_RSA_FULL, NULL,
CRYPT_MACHINE_DEFAULT,
>   namebuf, &count)) return false;
> 
>  if(!CryptAcquireContext(&handle, NULL, namebuf, PROV_RSA_FULL,
>   CRYPT_VERIFYCONTEXT|CRYPT_SILENT)) return false;
> 
>  if(!CrytpGenRandom(handle, len (BYTE *) ptr))
>  {
>   CryptReleaseContext(handle, 0);
>   return false;
>  }
> 
>  CryptReleaseContext(handle, 0);
>  return true;
> }
> 
>       DS
> 
> > 
> > The Windows NT 4.0 system has the workstation service stopped.
> > 
> > This causes the following snippet from rand_win.c to return 0
> > 
> >             if (netstatget(NULL, L"LanmanWorkstation", 0, 0,
> > &outbuf) == 0)
> >                     {
> >                     RAND_add(outbuf, sizeof(STAT_WORKSTATION_0),
> > 45);
> >                     netfree(outbuf);
> >                     }
> > 
> > Add to this a large section of calls are #if 0 out due to a reported
> > problem
> > by Wolfgang Marczy and there isn't many places this function gets
> > entropy
> > from.
> > 
> > Any suggestions?
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to