[Windows] Secure random generator

[Nemirtingas]

vcpkg comment: microsoft/vcpkg#13703 (comment)

Missing library for

libjuice/src/random.c

Lines 49 to 62 in 5d3e8b3

	static int random_bytes(void *buf, size_t size) {
	HCRYPTPROV prov;
	if (!CryptAcquireContext(&prov, NULL, NULL, PROV_RSA_FULL,
	CRYPT_VERIFYCONTEXT | CRYPT_SILENT)) {
	JLOG_WARN("Win32: CryptAcquireContext failed");
	return -1;
	}
	BOOL success = CryptGenRandom(prov, (DWORD)size, (BYTE *)buf);
	if (!success) {
	JLOG_WARN("Win32: CryptGenRandom failed");
	}
	CryptReleaseContext(prov, 0);
	return success ? 0 : -1;
	}

From the vcpkg auto-build:

LNK4075: ignoring '/INCREMENTAL' due to '/OPT:ICF' specification [D:\buildtrees\libjuice\x64-uwp-dbg\juice.vcxproj]
            Creating library D:/buildtrees/libjuice/x64-uwp-dbg/Debug/juice.lib and object D:/buildtrees/libjuice/x64-uwp-dbg/Debug/juice.exp
     4>random.obj : error LNK2019: unresolved external symbol CryptAcquireContext referenced in function random_bytes [D:\buildtrees\libjuice\x64-uwp-dbg\juice.vcxproj]
     4>D:\buildtrees\libjuice\x64-uwp-dbg\Debug\juice.dll : fatal error LNK1120: 1 unresolved externals [D:\buildtrees\libjuice\x64-uwp-dbg\juice.vcxproj]
     4>Done Building Project "D:\buildtrees\libjuice\x64-uwp-dbg\juice.vcxproj" (default targets) -- FAILED.
     3>Done Building Project "D:\buildtrees\libjuice\x64-uwp-dbg\ALL_BUILD.vcxproj" (default targets) -- FAILED.
     1>Done Building Project "D:\buildtrees\libjuice\x64-uwp-dbg\install.vcxproj" (default targets) -- FAILED.

Do you want to support WinXP ? If not, you could switch to

#include <bcrypt.h>
#pragma comment(lib, bcrypt)
BCryptGenRandom(NULL, (PUCHAR)buf, (ULONG)size, BCRYPT_USE_SYSTEM_PREFERRED_RNG);

The OpenSSL library seems to use it for its random number generator: https://github.com/openssl/openssl/blob/f64f26220442db3c6913188e6014e5bc5bc34653/crypto/rand/rand_win.c#L70

[paullouisageneau]

This method actually excludes Windows XP and Windows Vista because the flag BCRYPT_USE_SYSTEM_PREFERRED_RNG is not supported on Vista, so the function can't be used like this.

However, the official support for both has ended for some time now so I'll follow your suggestion, I don't see a reason to support them here.

[Nemirtingas]

This method actually excludes Windows XP and Windows Vista because the flag BCRYPT_USE_SYSTEM_PREFERRED_RNG is not supported on Vista, so the function can't be used like this.

However, the official support for both has ended for some time now so I'll follow your suggestion, I don't see a reason to support them here.

Or add the check on the win ver ? Should online add 3 lines of code (#if .. #else ... #endif)
From some OpenSSL issue, Windows Vista SP2 is supported with this method.

[paullouisageneau]

Or add the check on the win ver ? Should online add 3 lines of code (#if .. #else ... #endif)

A check at compile time is not really useful as it won't be compiled on Windows Vista, only it might be run on it. On Vista it will fail and fallback with a warning, I think it's good enough.

From some OpenSSL issue, Windows Vista SP2 is supported with this method.

I can't really test right now but it's even better if that's true.

[Nemirtingas]

FYI: openssl/openssl#8644 (comment)

[Nemirtingas]

With that new random generator, I guess libjuice will be supported by vcpkg.

[paullouisageneau]

Great, thanks!