[PATCH] Win32 use BCryptGenRandom to ensure the CNG FIPS RNG is used
NHamer at absolute.com
Mon Oct 31 11:30:15 PDT 2022
From: Jouni Malinen <j at w1.fi>
Sent: Sunday, October 30, 2022 1:32 AM
To: Norman Hamer <NHamer at absolute.com>
Cc: hostap at lists.infradead.org
Subject: Re: [PATCH] Win32 use BCryptGenRandom to ensure the CNG FIPS RNG is used
On Fri, Oct 14, 2022 at 05:23:54PM +0000, Norman Hamer wrote:
> + NTSTATUS status = BCryptGenRandom(NULL, buf, len, BCRYPT_USE_SYSTEM_PREFERRED_RNG);
> + return status ? -1 : 0;
Is this available on all Windows versions that someone might care about nowadays? It looks like BCryptGenRandom was added after Windows XP which was the version used when os_get_random() was implemented in this manner. I guess no one should really be using Windows XP more, but I don't really know what to expect about the use cases for the Windows builds of wpa_supplicant.
Yes. Microsoft ended all security patches/support for XP in 2014.
More information about the Hostap