Merge bitcoin/bitcoin#32400: random: Use modern Windows randomness functions

6b4bcc1 random: Use modern Windows randomness functions (David Gumberg)

Pull request description:

  This change resolves #32391 and is a follow-up to #14089.

  The old randomness API has been deprecated and will be removed at some point according to Microsoft.[^1] This PR removes all uses of that API from Bitcoin Core code, but the deprecated API is still invoked in Bitcoin Core binaries compiled after this PR because of upstream use, see this comment: bitcoin/bitcoin#32400 (comment).

  For reference on `BCryptGenRandom`, see: https://learn.microsoft.com/en-us/windows/win32/api/bcrypt/nf-bcrypt-bcryptgenrandom.

  [`STATUS_SUCCESS`](https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-erref/596a1078-e883-4972-9bbc-49e60bebca55) gets defined here since including `ntstatus.h` is [more trouble](https://github.com/bitcoin-core/secp256k1/blob/70f149b9a1bf4ed3266f97774d0ae9577534bf40/examples/examples_util.h#L19-L28) than it's worth.

  [^1]: https://learn.microsoft.com/en-us/windows/win32/api/wincrypt/nf-wincrypt-cryptacquirecontextw & https://learn.microsoft.com/en-us/windows/win32/api/wincrypt/nf-wincrypt-cryptgenrandom

ACKs for top commit:
  laanwj:
    re-ACK 6b4bcc1
  fanquake:
    ACK 6b4bcc1

Tree-SHA512: ddd9093669dfd6ff0eee7e5e6a9c7dce798d03dd9a81dcc2e668e9b84779b7adab3105a7f0c8038e54accf28f19fe211628e13b3fc2200caa5b423f766725e37

Author: fanquake

contrib/guix/symbol-check.py

@@ -153,7 +153,8 @@
 }
 
 PE_ALLOWED_LIBRARIES = {
-'ADVAPI32.dll', # security & registry
+'ADVAPI32.dll', # legacy security & registry
+'bcrypt.dll', # newer security and identity API
 'IPHLPAPI.DLL', # IP helper API
 'KERNEL32.dll', # win32 base APIs
 'msvcrt.dll', # C standard library for MSVC

src/kernel/CMakeLists.txt

@@ -87,6 +87,7 @@ target_link_libraries(bitcoinkernel
     bitcoin_crypto
     leveldb
     secp256k1
+    $<$<PLATFORM_ID:Windows>:bcrypt>
     $<TARGET_NAME_IF_EXISTS:USDT::headers>
   PUBLIC
     Boost::headers

src/random.cpp

@@ -27,8 +27,7 @@
 #include <thread>
 
 #ifdef WIN32
-#include <windows.h>
-#include <wincrypt.h>
+#include <bcrypt.h>
 #else
 #include <fcntl.h>
 #include <sys/time.h>
@@ -287,16 +286,15 @@ void Strengthen(const unsigned char (&seed)[32], SteadyClock::duration dur, CSHA
 void GetOSRand(unsigned char *ent32)
 {
 #if defined(WIN32)
-    HCRYPTPROV hProvider;
-    int ret = CryptAcquireContextW(&hProvider, nullptr, nullptr, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT);
-    if (!ret) {
-        RandFailure();
-    }
-    ret = CryptGenRandom(hProvider, NUM_OS_RANDOM_BYTES, ent32);
-    if (!ret) {
+    constexpr uint32_t STATUS_SUCCESS{0x00000000};
+    NTSTATUS status = BCryptGenRandom(/*hAlgorithm=*/NULL,
+                                      /*pbBuffer=*/ent32,
+                                      /*cbBuffer=*/NUM_OS_RANDOM_BYTES,
+                                      /*dwFlags=*/BCRYPT_USE_SYSTEM_PREFERRED_RNG);
+
+    if (status != STATUS_SUCCESS) {
         RandFailure();
     }
-    CryptReleaseContext(hProvider, 0);
 #elif defined(HAVE_GETRANDOM)
     /* Linux. From the getrandom(2) man page:
      * "If the urandom source has been initialized, reads of up to 256 bytes

src/util/CMakeLists.txt

@@ -43,4 +43,5 @@ target_link_libraries(bitcoin_util
     bitcoin_crypto
     $<$<PLATFORM_ID:Windows>:ws2_32>
     $<$<PLATFORM_ID:Windows>:iphlpapi>
+    $<$<PLATFORM_ID:Windows>:bcrypt>
 )