Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CryptAcquireContextW and CryptGenRandom are deprecated #513

Open
mabuchner opened this issue Nov 15, 2021 · 3 comments
Open

CryptAcquireContextW and CryptGenRandom are deprecated #513

mabuchner opened this issue Nov 15, 2021 · 3 comments

Comments

@mabuchner
Copy link

On Windows libtommath uses CryptAcquireContextW and CryptGenRandom to generate random numbers.

According to the documentation here and here both functions are deprecated.

Important This API is deprecated. New and existing software should start using Cryptography Next Generation APIs. Microsoft may remove this API in future releases.

In fact, I'm opening this issue, because I failed to compile libtommath for UWP where those functions were already removed.

libtomcrypt should probably replace the deprecated functions with the mentioned Cryptography Next Generation API.
@mabuchner
Copy link
Author

mabuchner commented Nov 15, 2021
edited
Loading

I found this code

#include <Windows.h>
#include <bcrypt.h>
#include <stdio.h>
 
#pragma comment(lib, "Bcrypt")
 
void func(void) {
  BCRYPT_ALG_HANDLE Prov;
  int Buffer;
  if (!BCRYPT_SUCCESS(
          BCryptOpenAlgorithmProvider(&Prov, BCRYPT_RNG_ALGORITHM,
                                      NULL, 0))) {
    /* handle error */
  }
  if (!BCRYPT_SUCCESS(BCryptGenRandom(Prov, (PUCHAR) (&Buffer),
                                      sizeof(Buffer), 0))) {
    /* handle error */
  }
  printf("Random number: %d\n", Buffer);
  BCryptCloseAlgorithmProvider(Prov, 0);
}

which uses BCryptOpenAlgorithmProvider and BCryptGenRandom, which are supposedly not deprecated.

The only problem could be, that this functions need at least Windows Vista.

@mabuchner
Copy link
Author

mabuchner commented Nov 19, 2021
edited
Loading

The documentation for BCryptOpenAlgorithmProvider states

Because of the number and type of operations that are required to find, load, and initialize an algorithm provider, the BCryptOpenAlgorithmProvider function is a relatively time intensive function. Because of this, we recommend that you cache any algorithm provider handles that you will use more than once, rather than opening and closing the algorithm providers over and over.

That's probably why the existing implementation stores the CryptAcquireContextW handle in a static variable. Unfortunately, libtommath doesn't provide a way to release this handle and it will just leak.

@sjaeckel
Copy link
Member

sjaeckel commented Dec 7, 2021

btw. feel free to open a PR with the appropriate changes. CI will take care if it builds but I won't have the possibility to test it.

@sjaeckel sjaeckel mentioned this issue Dec 7, 2021
Open
@mabuchner mabuchner mentioned this issue Dec 10, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@sjaeckel @mabuchner