On Fri, Dec 02, 2005 at 01:44:49PM +1100, Steven Reddie wrote: > CryptGenRandom is available on all Windows back to Windows 95. RtlGenRandom > is only available since XP, however CryptGenRandom makes use of it. > Presumably RtlGenRandom has always been around, it's just never been > documented or made generally available until now.
From what I can tell, up until recently the PRNG was embedded into CryptoAPI, and could not be accessed without going through that. I would imagine that what happened is that the PRNG implemented by CryptGenRandom was split off into its own distinct chunk of code starting with XP. Keep in mind that right now it doesn't even have an entry point - you have to get ahold of it dynamically through a DLL load. It seems pretty obvious that RtlGenRandom was supposed to just be used internally, with CryptoAPI being the primary interface. Probably someone at Microsoft finally realized that it might be useful to get random bits without having to pull all of CryptoAPI into the mix. > Why is there a reluctance to deal with CryptoAPI? I've used CryptGenRandom > in my own code and never had a problem with it. I don't have huge issues with it myself (in terms of entropy generation, CryptGenRandom has been fairly painless compared to some other mechanisms), but CryptoAPI is somewhat big, and there are various annoyances, such as the fact that repeatedly initializing and shutting down CryptoAPI causes a large memory leak on some older systems. -J ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
