SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 53

changes.mady.by.user Shannon Haas

Saved on

compared with

New Version 54

changes.mady.by.user Shannon Haas

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migrated to Confluence 4.0

...

Compliant Solution (Windows)

Wiki Markup[{{CryptGenRandom()}}|http://msdn.microsoft.com/en-us/library/aa379942.aspx] does not run the risk of not being properly seeded. The reason for that is that its arguments serve as seeders. From the Microsoft Developer Network {{CryptGenRandom()}} reference \[ [MSDN|https://www.securecoding.cert.org/confluence/display/seccode/AA.+C+References#AA.CReferences-MSDN]\]

The CryptGenRandom() function fills a buffer with cryptographically random bytes.

Syntax
Code Block
BOOL WINAPI CryptGenRandom(
  __in     HCRYPTPROV hProv,
  __in     DWORD dwLen,
  __inout  BYTE *pbBuffer
);
Parameters

Wiki MarkuphProv \ [in\]     Handle of acryptographic service provider ]
    Handle of acryptographic service provider (CSP) created by a call toCryptAcquireContext.
dwLen \ [in\]     Number of bytes of random data to be generated. pbBuffer \[in, out\]     Buffer to receive the returned data. This buffer must be at leastdwLenbytes in length.     Optionally, the application can fill this buffer with data to use as an auxiliary random seed. \\]
    Number of bytes of random data to be generated.
pbBuffer [in, out]
    Buffer to receive the returned data. This buffer must be at leastdwLenbytes in length.
    Optionally, the application can fill this buffer with data to use as an auxiliary random seed.

Code Block
bgColor#ccccff
langc
HCRYPTPROV   hCryptProv;

/* union stores the random number generated by CryptGenRandom() */
union  {
  BYTE bs[sizeof(long int)];
  long int li;
} rand_buf;

/* An example of instantiating the CSP */
if (CryptAcquireContext(&hCryptProv, NULL, NULL, PROV_RSA_FULL, 0)) {
  printf("CryptAcquireContext succeeded.\n");
}
else {
  printf("Error during CryptAcquireContext!\n");
}

for (int i=0; i<10; i++) {
  if (!CryptGenRandom(hCryptProv, sizeof(rand_buf), (BYTE*) &rand_buf)) {
    printf("Error\n");
  }
   else {
     printf("%ld, ", rand_buf.li);
  }
}

output:
1st run: -1597837311, 906130682, -1308031886, 1048837407, -931041900, -658114613, -1709220953, -1019697289, 1802206541, 406505841,
2nd run: 885904119, -687379556, -1782296854, 1443701916, -624291047, 2049692692, -990451563, -142307804, 1257079211, 897185104,
3rd run: 190598304, -1537409464, 1594174739, -424401916, -1975153474, 826912927, 1705549595, -1515331215, 474951399, 1982500583,
...

...

MITRE CWE: CWE-330, "Use of Insufficiently Random Values"

Bibliography

...

\[[C+\+ Reference|https://www.securecoding.cert.org/confluence/display/seccode/AA.+C+References#AA.CReferences-CPPReference] \] Standard C Library Wiki Markup\[

[MSDN|https://www.securecoding.cert.org/confluence/display/seccode/AA.+C+References#AA.CReferences-MSDN]\] "[CryptGenRandom Function|http://msdn.microsoft.com/en-us/library/aa379942.aspx]"

...

MSC31-C. Ensure that return values are compared against the proper type      49. Miscellaneous (MSC)