[PATCH] Win32 use BCryptGenRandom to ensure the CNG FIPS RNG is used
Norman Hamer
NHamer at absolute.com
Fri Oct 14 10:23:54 PDT 2022
diff --git a/src/utils/os_win32.c b/src/utils/os_win32.c
index f9e4b308e..bb6868f27 100644
--- a/src/utils/os_win32.c
+++ b/src/utils/os_win32.c
@@ -131,17 +131,8 @@ void os_daemonize_terminate(const char *pid_file)
int os_get_random(unsigned char *buf, size_t len)
{
- HCRYPTPROV prov;
- BOOL ret;
-
- if (!CryptAcquireContext(&prov, NULL, NULL, PROV_RSA_FULL,
- CRYPT_VERIFYCONTEXT))
- return -1;
-
- ret = CryptGenRandom(prov, len, buf);
- CryptReleaseContext(prov, 0);
-
- return ret ? 0 : -1;
+ NTSTATUS status = BCryptGenRandom(NULL, buf, len, BCRYPT_USE_SYSTEM_PREFERRED_RNG);
+ return status ? -1 : 0;
}
More information about the Hostap
mailing list