[Botan-devel] Win32 entropy collector on NT4

Jack Lloyd lloyd at randombit.net
Mon Nov 28 17:54:09 EST 2005


I'd like to keep the number of dependencies down, however. As far as I know,
the only 'good' and semi-portable sources of entropy on Windows are the
Toolhelp32 functions and CryptGenRandom. If there are others, we can use them
directly with relatively little trouble, and there is no need for an actual RNG
here - all we really need is computational entropy, the PRNGs that are fed the
output should be able to handle the rest.

-J

On Mon, Nov 28, 2005 at 04:47:39PM -0600, Theodore Smith wrote:
> When i was working on the ultramagnetic encrypted Gaim project (
> ultramagnetic.sf.net) we used a small 3rd party library for RNG on all win32
> platforms as it was better than MS'.  I *believe* it came from OpenSSL.
> 
> On 11/28/05, Jack Lloyd <lloyd at randombit.net> wrote:
> >
> >
> > Yes, I saw that bug report as well (I finally realized last night that it
> > would
> > probably make a lot of sense for me to subscribe to the Monotone dev
> > list). If
> > you want to try your hand at a patch, feel free. I don't have a Windows
> > development environment handy at the moment but could probably work
> > something
> > up without much trouble in time for 1.4.10 (which I'm targetting for
> > before the
> > end of the year right now). It was a known problem, but I always figured
> > that
> > nobody was deploying new code on NT4 and I could get away with being lazy
> > about
> > runtime detection.
> >
> > -Jack
> >
> > On Tue, Nov 29, 2005 at 11:37:08AM +1300, Matthew Gregan wrote:
> > > Hello,
> > >
> > > The slow_poll() member function of the Win32_EntropySource entropy
> > collector
> > > does not work on NT4 and earlier versions of NT (but does work on Win95
> > > upwards).  This is because the CreateToolhelp32Snapshot and Heap32* APIs
> > are
> > > not available on these platforms.
> > >
> > > Would you be interested in a patch that expanded the slow_poll()
> > > functionality to detect which APIs are available at runtime, and attempt
> > to
> > > use only those that are?  There are some useful comments in OpenSSL's
> > > implementation of RAND_poll() for Win32 that will be useful in
> > implementing
> > > a patch along these lines.
> > >
> > > Thanks,
> > > -mjg
> > > --
> > > Matthew Gregan                     |/
> > >                                   /|                kinetik at orcon.net.nz
> > > _______________________________________________
> > > botan-devel mailing list
> > > botan-devel at randombit.net
> > > http://www.randombit.net/mailman/listinfo/botan-devel
> > _______________________________________________
> > botan-devel mailing list
> > botan-devel at randombit.net
> > http://www.randombit.net/mailman/listinfo/botan-devel
> >

> _______________________________________________
> botan-devel mailing list
> botan-devel at randombit.net
> http://www.randombit.net/mailman/listinfo/botan-devel




More information about the botan-devel mailing list