Merge bitcoin/bitcoin#32400: random: Use modern Windows randomness functions

6b4bcc1623 random: Use modern Windows randomness functions (David Gumberg) Pull request description: This change resolves #32391 and is a follow-up to #14089. The old randomness API has been deprecated and will be removed at some point according to Microsoft.[^1] This PR removes all uses of that API from Bitcoin Core code, but the deprecated API is still invoked in Bitcoin Core binaries compiled after this PR because of upstream use, see this comment: https://github.com/bitcoin/bitcoin/pull/32400#issuecomment-2846972614. For reference on `BCryptGenRandom`, see: https://learn.microsoft.com/en-us/windows/win32/api/bcrypt/nf-bcrypt-bcryptgenrandom. [`STATUS_SUCCESS`](https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-erref/596a1078-e883-4972-9bbc-49e60bebca55) gets defined here since including `ntstatus.h` is [more trouble](70f149b9a1/examples/examples_util.h (L19-L28)) than it's worth. [^1]: https://learn.microsoft.com/en-us/windows/win32/api/wincrypt/nf-wincrypt-cryptacquirecontextw & https://learn.microsoft.com/en-us/windows/win32/api/wincrypt/nf-wincrypt-cryptgenrandom ACKs for top commit: laanwj: re-ACK 6b4bcc1623 fanquake: ACK 6b4bcc1623 Tree-SHA512: ddd9093669dfd6ff0eee7e5e6a9c7dce798d03dd9a81dcc2e668e9b84779b7adab3105a7f0c8038e54accf28f19fe211628e13b3fc2200caa5b423f766725e37
2026-01-20 15:19:07 +01:00 · 2025-05-22 12:12:57 +01:00
parent a42faa25d8 6b4bcc1623
commit 35bf3f8839
4 changed files with 12 additions and 11 deletions
--- a/contrib/guix/symbol-check.py
+++ b/contrib/guix/symbol-check.py
@@ -153,7 +153,8 @@ MACHO_ALLOWED_LIBRARIES = {
 }

 PE_ALLOWED_LIBRARIES = {
-'ADVAPI32.dll', # security & registry
+'ADVAPI32.dll', # legacy security & registry
+'bcrypt.dll', # newer security and identity API
 'IPHLPAPI.DLL', # IP helper API
 'KERNEL32.dll', # win32 base APIs
 'msvcrt.dll', # C standard library for MSVC
--- a/src/kernel/CMakeLists.txt
+++ b/src/kernel/CMakeLists.txt
@@ -87,6 +87,7 @@ target_link_libraries(bitcoinkernel
    bitcoin_crypto
    leveldb
    secp256k1
+    $<$<PLATFORM_ID:Windows>:bcrypt>
    $<TARGET_NAME_IF_EXISTS:USDT::headers>
  PUBLIC
    Boost::headers
--- a/src/random.cpp
+++ b/src/random.cpp
@@ -27,8 +27,7 @@
 #include <thread>

 #ifdef WIN32
-#include <windows.h>
-#include <wincrypt.h>
+#include <bcrypt.h>
 #else
 #include <fcntl.h>
 #include <sys/time.h>
@@ -287,16 +286,15 @@ void Strengthen(const unsigned char (&seed)[32], SteadyClock::duration dur, CSHA
 void GetOSRand(unsigned char *ent32)
 {
 #if defined(WIN32)
-    HCRYPTPROV hProvider;
-    int ret = CryptAcquireContextW(&hProvider, nullptr, nullptr, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT);
-    if (!ret) {
+    constexpr uint32_t STATUS_SUCCESS{0x00000000};
+    NTSTATUS status = BCryptGenRandom(/*hAlgorithm=*/NULL,
+                                      /*pbBuffer=*/ent32,
+                                      /*cbBuffer=*/NUM_OS_RANDOM_BYTES,
+                                      /*dwFlags=*/BCRYPT_USE_SYSTEM_PREFERRED_RNG);
+
+    if (status != STATUS_SUCCESS) {
        RandFailure();
    }
-    ret = CryptGenRandom(hProvider, NUM_OS_RANDOM_BYTES, ent32);
-    if (!ret) {
-        RandFailure();
-    }
-    CryptReleaseContext(hProvider, 0);
 #elif defined(HAVE_GETRANDOM)
    /* Linux. From the getrandom(2) man page:
     * "If the urandom source has been initialized, reads of up to 256 bytes
--- a/src/util/CMakeLists.txt
+++ b/src/util/CMakeLists.txt
@@ -43,4 +43,5 @@ target_link_libraries(bitcoin_util
    bitcoin_crypto
    $<$<PLATFORM_ID:Windows>:ws2_32>
    $<$<PLATFORM_ID:Windows>:iphlpapi>
+    $<$<PLATFORM_ID:Windows>:bcrypt>
 )