...
Compliant Solution (Windows)
The CryptGenRandomThe BCryptGenRandom() function function does not run the risk of not being properly seeded because its arguments serve as seeders:
| Code Block | ||||
|---|---|---|---|---|
| ||||
#include <stdio.h> #include <Windows.h> #include <wincrypt<Bcrypt.h> #include <Ntstatus.h> #include <stdio<Wincrypt.h> void func(void) { HCRYPTPROV hCryptProvBCRYPT_ALG_HANDLE hAlgorithm = NULL; long rand_buf; /*PUCHAR ExamplepbBuffer of= instantiating the CSP */ if (CryptAcquireContext(&hCryptProv, NULL, NULL,(PUCHAR) &rand_buf; ULONG cbBuffer PROV_RSA_FULL, 0)) {= sizeof(rand_buf); ULONG dwFlags printf("CryptAcquireContext succeeded.\n")= BCRYPT_USE_SYSTEM_PREFERRED_RNG; } else { printf("Error during CryptAcquireContext!\n")NTSTATUS status; } for (unsigned int i = 0; i < 10; ++i) { ifstatus = BCryptGenRandom(!CryptGenRandom(hCryptProvhAlgorithm, sizeof(rand_buf), pbBuffer, cbBuffer, dwFlags); if (status (BYTE *)&rand_buf))== STATUS_SUCCESS) { printf("Error\n"%ld, ", rand_buf); } else { printf("%ld, ", rand_buf);/* Handle Error */ } } } |
The output is as follows:
| Code Block |
|---|
1st run: -1597837311683378946, 9061306821957231690, -13080318861933176011, 1048837407-1745403355, -931041900883473417, -658114613882992405, -1709220953169629816, -10196972891824800038, 1802206541899851668, 406505841,1702784647, 2nd run: 885904119-58750553, -6873795561921870721, -17822968541973269161, 14437019161512649964, -624291047673518452, 2049692692234003619, -9904515631622633366, 1312389688, -1423078042125631172, 12570792112067680022, 897185104, 3rd run: 190598304-189899579, -15374094641220698973, 1594174739752205360, -4244019161826365616, -197515347479310867, 8269129271430950090, 1705549595-283206168, -1515331215941773185, 474951399129633665, 1982500583,543448789, |
Risk Assessment
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
MSC32-C | Medium | Likely | Low | P18 | L1 |
...
Tool | Version | Checker | Description | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Astrée |
| Supported, but no explicit checker | ||||||||||||||||
| Axivion Bauhaus Suite |
| CertC-MSC32 | ||||||||||||||||
| CodeSonar |
| HARDCODED.SEED | Hardcoded Seed in PRNG | |||||||||||||||
| Cppcheck Premium |
| premium-cert-msc32-c | Fully implemented | |||||||||||||||
| Helix QAC |
| C5031 C++5036 | ||||||||||||||||
| Klocwork |
| CERT.MSC.SEED_RANDOM | ||||||||||||||||
| PC-lint Plus |
| 2460, 2461, 2760 | Fully supported | |||||||||||||||
| Polyspace Bug Finder |
| Checks for:
| Rule fully covered. | |||||||||||||||
| Parasoft C/C++test |
| CERT_C-MSC32-aCERT_C-MSC32 | -b- | MSC32-cd | Avoid functions which use random numbers from standard C libraryStandard random number generators should not be used to generate randomness for security reasons | Properly seed pseudorandom number generators | PRQA QA-C | 9.15031 |
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
...
MSC30-C, MSC32-C and CON33-C are independent, they have no intersections. They each specify distinct errors regarding PRNGs.
Bibliography
| [MSDN] | " CryptGenRandom |
...