[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] error: qcrypto_random_bytes() tried to read from /dev/[
From: |
Daniel P. Berrange |
Subject: |
Re: [Qemu-devel] error: qcrypto_random_bytes() tried to read from /dev/[u]random, even on windows |
Date: |
Mon, 24 Apr 2017 14:57:49 +0100 |
User-agent: |
Mutt/1.7.1 (2016-10-04) |
On Mon, Apr 24, 2017 at 02:52:30PM +0100, Peter Maydell wrote:
> On 24 April 2017 at 14:36, Daniel P. Berrange <address@hidden> wrote:
> > FYI, both gnutls and openssl use these CryptAcquireContext/CryptGenRandom
> > methods, so I'd prefer to stick with that.
>
> They probably need the full crypto API anyway, though...
>
> > It seems we merely need to set CRYPT_SILENT in the flags to prevent any
> > chance of interactive prompts.
> >
> > https://msdn.microsoft.com/en-us/library/windows/desktop/aa379886(v=vs.85).aspx
>
> How about CRYPT_VERIFYCONTEXT? The docs say "in most cases this flag
> should be set".
>
> This kind of discussion puts me off the Crypt* APIs though -- they're
> a complicated API that can easily be misused. "Please just fill
> this buffer with randomness" is a simple API that's hard to call
> wrongly...
This is the extent of gnutls's code in this area
https://gitlab.com/gnutls/gnutls/blob/master/lib/nettle/sysrng-windows.c
Our API has the same usage scenario as this, hence my preference to mirror
what gnutls & other crypto libraries are using.
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
- [Qemu-devel] error: qcrypto_random_bytes() tried to read from /dev/[u]random, even on windows, GM . Ijewski, 2017/04/24
- Re: [Qemu-devel] error: qcrypto_random_bytes() tried to read from /dev/[u]random, even on windows, Daniel P. Berrange, 2017/04/24
- Re: [Qemu-devel] error: qcrypto_random_bytes() tried to read from /dev/[u]random, even on windows, Peter Maydell, 2017/04/24
- Re: [Qemu-devel] error: qcrypto_random_bytes() tried to read from /dev/[u]random, even on windows, Daniel P. Berrange, 2017/04/24
- Re: [Qemu-devel] error: qcrypto_random_bytes() tried to read from /dev/[u]random, even on windows, Peter Maydell, 2017/04/24
- Re: [Qemu-devel] error: qcrypto_random_bytes() tried to read from /dev/[u]random, even on windows,
Daniel P. Berrange <=
- Re: [Qemu-devel] error: qcrypto_random_bytes() tried to read from /dev/[u]random, even on windows, Peter Maydell, 2017/04/24
- Re: [Qemu-devel] error: qcrypto_random_bytes() tried to read from /dev/[u]random, even on windows, Daniel P. Berrange, 2017/04/24
- Re: [Qemu-devel] error: qcrypto_random_bytes() tried to read from /dev/[u]random, even on windows, Peter Maydell, 2017/04/24
- Re: [Qemu-devel] error: qcrypto_random_bytes() tried to read from /dev/[u]random, even on windows, Daniel P. Berrange, 2017/04/24
- Re: [Qemu-devel] error: qcrypto_random_bytes() tried to read from /dev/[u]random, even on windows, Geert Martin Ijewski, 2017/04/24
- Re: [Qemu-devel] error: qcrypto_random_bytes() tried to read from /dev/[u]random, even on windows, Daniel P. Berrange, 2017/04/24