SEI CERT C++ Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 20

changes.mady.by.user Shannon Haas

Saved on

compared with

New Version 21

changes.mady.by.user Shannon Haas

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migrated to Confluence 4.0

...

Compliant Solution (Windows)

Wiki MarkupThe [{{CryptGenRandom()}}|http://msdn.microsoft.com/en-us/library/aa379942.aspx]does not run the risk of not being properly seeded. The reason for that is that its arguments serve as seeders. From the Microsoft Developer Network {{CryptGenRandom()}} reference \[ [MSDN|https://www.securecoding.cert.org/confluence/display/seccode/AA.+C+References#AA.CReferences-MSDN]\]:

The CryptGenRandom function fills a buffer with cryptographically random bytes.

Syntax

BOOL WINAPI CryptGenRandom(
__in HCRYPTPROV hProv,
__in DWORD dwLen,
__inout BYTE *pbBuffer
);

Parameters

Wiki MarkuphProv \ [in\]     Handle of acryptographic service ]
    Handle of acryptographic service provider(CSP) created by a call toCryptAcquireContext.
dwLen \ [in\]     Number of bytes of random data to be generated. pbBuffer \[in, out\]     Buffer to receive the returned data. This buffer must be at leastdwLenbytes in length.     Optionally, the application can fill this buffer with data to use as an auxiliary random seed. \\]
    Number of bytes of random data to be generated.
pbBuffer [in, out]
    Buffer to receive the returned data. This buffer must be at leastdwLenbytes in length.
    Optionally, the application can fill this buffer with data to use as an auxiliary random seed.

Code Block
bgColor#ccccff
HCRYPTPROV   hCryptProv;

union /* union stores the random number generated by CryptGenRandom() */
{
    BYTE bs[sizeof(long int)];
    long int li;
} rand_buf;

if(CryptAcquireContext(&hCryptProv, NULL, NULL, PROV_RSA_FULL, 0)) /* An example of instantiating the CSP */
{
    cout<<"CryptAcquireContext succeeded."<<endl;
}
else
{
    cerr<<"Error during CryptAcquireContext!"<<endl;
}

for(int i=0;i<10;i++)
{
	if (!CryptGenRandom(hCryptProv, sizeof(rand_buf), (BYTE*) &rand_buf))
	{
		cerr<<"Error during CryptGenRandom"<<endl;
	}
	else
	{
		cout<<rand_buf.li<<", ";
	}
}

output:
1st run: -1597837311, 906130682, -1308031886, 1048837407, -931041900, -658114613, -1709220953, -1019697289, 1802206541, 406505841,
2nd run: 885904119, -687379556, -1782296854, 1443701916, -624291047, 2049692692, -990451563, -142307804, 1257079211, 897185104,
3rd run: 190598304, -1537409464, 1594174739, -424401916, -1975153474, 826912927, 1705549595, -1515331215, 474951399, 1982500583,
...

...

This recommendation appears in the C Secure Coding Standard as MSC32-C. Ensure your random number generator is properly seeded.

Bibliography

...

\[[C+\+ Reference|https://www.securecoding.cert.org/confluence/display/seccode/AA.+C+References#AA.CReferences-CPPReference]\] Standard C Library \[
[MITRE 07|AA.+C+References#MITRE 07]\] [CWE ID 327 |http://cwe.mitre.org/data/definitions/ 327 .html], "Use of a Broken or Risky Cryptographic Algorithm," [CWE ID 330|http://cwe.mitre.org/data/definitions/ 330.html], "Use of Insufficiently Random Values" \[[MSDN|https://www.securecoding.cert.org/confluence/display/seccode/AA.+C+References#AA.CReferences-MSDN]\] "[CryptGenRandom Function|http://msdn.microsoft.com/en-us/library/aa379942.aspx]
[MSDN] "CryptGenRandom Function"

...

MSC31-CPP. Ensure that return values are compared against the proper type      49. Miscellaneous (MSC)      MSC33-CPP. Obey the One Definition Rule