Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Make unpredictableSeed use CryptGenRandom (CryptoAPI) on Windows #10624

Draft
wants to merge 1 commit into
base: master
Choose a base branch
from
Draft

Make unpredictableSeed use CryptGenRandom (CryptoAPI) on Windows #10624

wants to merge 1 commit into from

Conversation

0xEAB
Copy link
Member

@0xEAB 0xEAB commented Jan 19, 2025

This patch changes unpredictableSeed to call CryptGenRandom on Windows.
Analogous to #10623 (Linux).

On the one hand, the legacy CryptoAPI might be deprecated, on the other hand using it does not introduce a new DLL dependency. advapi32 is already required by std.registry and Phobos is linked against as seen in the current Makefile.
Using the more modern CNG (BCryptGenRandom) would not only introduce a new dependency, but also require us to add the corresponding bindings to druntime. I figured that wouldn’t be worth the effort for now.

@dlang-bot
Copy link
Contributor

Thanks for your pull request, @0xEAB!

Bugzilla references

Your PR doesn't reference any Bugzilla issue.

If your PR contains non-trivial changes, please reference a Bugzilla issue or create a manual changelog.

Testing this PR locally

If you don't have a local development environment setup, you can use Digger to test this PR:

dub run digger -- build "master + phobos#10624"

@0xEAB 0xEAB added Severity:Enhancement OS:Windows Issues Specific to Windows labels Jan 19, 2025
@0xEAB 0xEAB force-pushed the unpredictable-seed-loss32 branch 5 times, most recently from a3b6342 to 499bfa0 Compare January 19, 2025 04:16
@0xEAB 0xEAB force-pushed the unpredictable-seed-loss32 branch 4 times, most recently from 20c2a61 to 345d936 Compare January 19, 2025 04:50
0xEAB
0xEAB commented Jan 19, 2025
View reviewed changes
std/random.d Outdated
Comment on lines 1782 to 1789
import core.sys.windows.wincrypt :
CryptAcquireContext,
CryptGenRandom,
CryptReleaseContext,
CRYPT_VERIFYCONTEXT,
MS_STRONG_PROV,
PROV_RSA_FULL;
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Blame D-Scanner for this monstrosity :)

@0xEAB 0xEAB force-pushed the unpredictable-seed-loss32 branch from 345d936 to 9a3cdea Compare January 19, 2025 04:55
@ichordev
Copy link
Contributor

On the one hand, the legacy CryptoAPI might be deprecated, on the other hand using it does not introduce a new DLL dependency. advapi32 is already required by std.registry and Phobos is linked against as seen in the current Makefile. Using the more modern CNG (BCryptGenRandom) would not only introduce a new dependency, but also require us to add the corresponding bindings to druntime. I figured that wouldn’t be worth the effort for now.

I was pretty surprised that DRuntime didn't already have BCrypt bindings. It shouldn't be much work for me to add them. What do you think?

@thewilsonator
Copy link
Contributor

What do you think?

Yes please.

@ichordev
Copy link
Contributor

ichordev commented Jan 19, 2025
edited
Loading

Yes please.

Will do.
Does anyone know where Microsoft are hiding their header files? All I managed to find is a bunch of SDK downloads which don't contain any headers upon extraction. In fact all they seem to contain is obfuscated nonsense.

EDIT: found it

@ichordev ichordev mentioned this pull request Jan 19, 2025
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@LightBender LightBender

Labels
OS:Windows Issues Specific to Windows Severity:Enhancement
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@0xEAB @dlang-bot @ichordev @thewilsonator @LightBender