random: Use modern Windows randomness functions

davidgumberg · davidgumberg · commit 6b4bcc162345 · 2025-05-14T22:55:10.000-07:00
The old randomness API has been deprecated and may be removed soon.[^1] For reference on `BCryptGenRandom`, see: https://learn.microsoft.com/en-us/windows/win32/api/bcrypt/nf-bcrypt-bcryptgenrandom. `STATUS_SUCCESS`[^2] gets defined here since including `ntstatus.h` is more trouble than it's worth. [^3] [^1]: https://learn.microsoft.com/en-us/windows/win32/api/wincrypt/nf-wincrypt-cryptacquirecontextw & https://learn.microsoft.com/en-us/windows/win32/api/wincrypt/nf-wincrypt-cryptgenrandom [^2]: https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-erref/596a1078-e883-4972-9bbc-49e60bebca55 [^3]: See https://github.com/bitcoin-core/secp256k1/blob/70f149b9a1bf4ed3266f97774d0ae9577534bf40/examples/examples_util.h#L19-L28
diff --git a/contrib/guix/symbol-check.py b/contrib/guix/symbol-check.py
@@ -153,7 +153,8 @@
 }
 
 PE_ALLOWED_LIBRARIES = {
-'ADVAPI32.dll', # security & registry
+'ADVAPI32.dll', # legacy security & registry
+'bcrypt.dll', # newer security and identity API
 'IPHLPAPI.DLL', # IP helper API
 'KERNEL32.dll', # win32 base APIs
 'msvcrt.dll', # C standard library for MSVC
diff --git a/src/kernel/CMakeLists.txt b/src/kernel/CMakeLists.txt
@@ -87,6 +87,7 @@ target_link_libraries(bitcoinkernel
     bitcoin_crypto
     leveldb
     secp256k1
+    $<$<PLATFORM_ID:Windows>:bcrypt>
     $<TARGET_NAME_IF_EXISTS:USDT::headers>
   PUBLIC
     Boost::headers
diff --git a/src/random.cpp b/src/random.cpp
@@ -27,8 +27,7 @@
 #include <thread>
 
 #ifdef WIN32
-#include <windows.h>
-#include <wincrypt.h>
+#include <bcrypt.h>
 #else
 #include <fcntl.h>
 #include <sys/time.h>
@@ -287,16 +286,15 @@ void Strengthen(const unsigned char (&seed)[32], SteadyClock::duration dur, CSHA
 void GetOSRand(unsigned char *ent32)
 {
 #if defined(WIN32)
-    HCRYPTPROV hProvider;
-    int ret = CryptAcquireContextW(&hProvider, nullptr, nullptr, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT);
-    if (!ret) {
-        RandFailure();
-    }
-    ret = CryptGenRandom(hProvider, NUM_OS_RANDOM_BYTES, ent32);
-    if (!ret) {
+    constexpr uint32_t STATUS_SUCCESS{0x00000000};
+    NTSTATUS status = BCryptGenRandom(/*hAlgorithm=*/NULL,
+                                      /*pbBuffer=*/ent32,
+                                      /*cbBuffer=*/NUM_OS_RANDOM_BYTES,
+                                      /*dwFlags=*/BCRYPT_USE_SYSTEM_PREFERRED_RNG);
+
+    if (status != STATUS_SUCCESS) {
         RandFailure();
     }
-    CryptReleaseContext(hProvider, 0);
 #elif defined(HAVE_GETRANDOM)
     /* Linux. From the getrandom(2) man page:
      * "If the urandom source has been initialized, reads of up to 256 bytes
diff --git a/src/util/CMakeLists.txt b/src/util/CMakeLists.txt
@@ -43,4 +43,5 @@ target_link_libraries(bitcoin_util
     bitcoin_crypto
     $<$<PLATFORM_ID:Windows>:ws2_32>
     $<$<PLATFORM_ID:Windows>:iphlpapi>
+    $<$<PLATFORM_ID:Windows>:bcrypt>
 )

Original file line number	Diff line number	Diff line change
`@@ -153,7 +153,8 @@`
`153`	`153`	`}`
`154`	`154`
`155`	`155`	`PE_ALLOWED_LIBRARIES = {`
`156`		`-'ADVAPI32.dll', # security & registry`
	`156`	`+'ADVAPI32.dll', # legacy security & registry`
	`157`	`+'bcrypt.dll', # newer security and identity API`
`157`	`158`	`'IPHLPAPI.DLL', # IP helper API`
`158`	`159`	`'KERNEL32.dll', # win32 base APIs`
`159`	`160`	`'msvcrt.dll', # C standard library for MSVC`
Original file line number	Diff line number	Diff line change
`@@ -43,4 +43,5 @@ target_link_libraries(bitcoin_util`
`43`	`43`	`bitcoin_crypto`
`44`	`44`	`$<$<PLATFORM_ID:Windows>:ws2_32>`
`45`	`45`	`$<$<PLATFORM_ID:Windows>:iphlpapi>`
	`46`	`+ $<$<PLATFORM_ID:Windows>:bcrypt>`
`46`	`47`	`)`