SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 94

changes.mady.by.user Anirban Gangopadhyay

Saved on

compared with

New Version Current

changes.mady.by.user Swasti Shrivastava

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Compliant Solution (Windows)

The CryptGenRandomThe BCryptGenRandom() function  function does not run the risk of not being properly seeded because its arguments serve as seeders:

Code Block
bgColor#ccccff
langc
#include <stdio.h>
#include <Windows.h>
#include <wincrypt<Bcrypt.h>
#include <Ntstatus.h>
#include <stdio<Wincrypt.h>
 
void func(void) {
  BCRYPT_ALG_HANDLE hAlgorithm HCRYPTPROV= hCryptProvNULL;
  long rand_buf;
  /*PUCHAR ExamplepbBuffer of instantiating the CSP */
  if (CryptAcquireContext(&hCryptProv, NULL, NULL,= (PUCHAR) &rand_buf;
  ULONG cbBuffer                       PROV_RSA_FULL, 0)) {= sizeof(rand_buf);
  ULONG dwFlags printf("CryptAcquireContext succeeded.\n")= BCRYPT_USE_SYSTEM_PREFERRED_RNG;
  } else {
    printf("Error during CryptAcquireContext!\n")NTSTATUS status;
  }

  for (unsigned int i = 0; i < 10; ++i) {
    status if= BCryptGenRandom(!CryptGenRandom(hCryptProvhAlgorithm, sizeof(rand_buf),
  pbBuffer, cbBuffer, dwFlags);
    if (status                 (BYTE *)&rand_buf)== STATUS_SUCCESS) {
      printf("Error\n"%ld, ", rand_buf);
    } else {
      printf("%ld, ", rand_buf);/* Handle Error */
    }
  }
}

The output is as follows:

Code Block
1st run: -1597837311683378946, 9061306821957231690, -13080318861933176011, 1048837407-1745403355, -931041900883473417, -658114613882992405, -1709220953169629816, -10196972891824800038, 1802206541899851668,
         406505841,1702784647, 
2nd run: 885904119-58750553, -6873795561921870721, -17822968541973269161, 14437019161512649964, -624291047673518452, 2049692692234003619, -9904515631622633366, 1312389688, -1423078042125631172, 12570792112067680022,
         897185104,
3rd run: 190598304-189899579, -15374094641220698973, 1594174739752205360, -4244019161826365616, -197515347479310867, 8269129271430950090, 1705549595-283206168, -1515331215941773185, 474951399129633665,
         1982500583, 543448789,

Risk Assessment

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

MSC32-C

Medium

Likely

Low

P18

L1

...

Seeding routine uses a predictable seed making the output predictable

Seeding routine uses a constant seed making the output deterministic

Tool

Version

Checker

Description

Astrée
Include Page
Astrée_V
Astrée_V

Supported, but no explicit checker
Axivion Bauhaus Suite

Include Page
Axivion Bauhaus Suite_V
Axivion Bauhaus Suite_V

CertC-MSC32
CodeSonar
Include Page
CodeSonar_V
CodeSonar_V

HARDCODED.SEED
MISC.CRYPTO.TIMESEED

Hardcoded Seed in PRNG
Predictable Seed in PRNG

Cppcheck Premium

Include Page
Cppcheck Premium_V
Cppcheck Premium_V

premium-cert-msc32-cFully implemented
Helix QAC

Include Page
Helix QAC_V
Helix QAC_V

C5031

C++5036


Klocwork
Include Page
Klocwork_V
Klocwork_V

CERT.MSC.SEED_RANDOM


PC-lint Plus

Include Page
PC-lint Plus_V
PC-lint Plus_V

2460, 2461, 2760

Fully supported

Polyspace Bug Finder

Include Page
Polyspace Bug Finder_V
Polyspace Bug Finder_V

CERT C: Rule MSC32-C


Checks for:

  • Deterministic random output from constant seed
  • Predictable random output from predictable seed

Rule fully covered.

Parasoft C/C++test

Include Page
Parasoft_V
Parasoft_V

SECURITY-02, SECURITY-02_b, SECURITY-28, BD-SECURITY-RANDImplemented PRQA QA-C 9.15031 

CERT_C-MSC32-d

Properly seed pseudorandom number generators

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

...

MSC30-C, MSC32-C and CON33-C are independent, they have no intersections. They each specify distinct errors regarding PRNGs.

Bibliography

[MSDN]

"

CryptGenRandom

BCryptGenRandom() Function"


...