Generating random keys/data using openssl library on Windows

Question

I need to generate random data (for keys, IVs etc.) but I can't seem to find the right way to do it.

Here is the background - I am developing my server in c/c++ on windows using visual studio and am using the openssl1.0.1c library.

I was reading the documentation for random data generation using openssl at http://www.openssl.org/docs/crypto/RAND_add.html# and stumbled onto the following -

"

OpenSSL makes sure that the PRNG state is unique for each thread. On systems that provide /dev/urandom, the randomness device is used to seed the PRNG transparently. However, on all other systems, the application is responsible for seeding the PRNG by calling RAND_add(), RAND_egd(3) or RAND_load_file(3).

RAND_seed() is equivalent to RAND_add() when num == entropy.

RAND_event() collects the entropy from Windows events such as mouse movements and other user interaction. It should be called with the iMsg, wParam and lParam arguments of all messages sent to the window procedure. It will estimate the entropy contained in the event message (if any), and add it to the PRNG. The program can then process the messages as usual.

The RAND_screen() function is available for the convenience of Windows programmers. It adds the current contents of the screen to the PRNG. For applications that can catch Windows events, seeding the PRNG by calling RAND_event() is a significantly better source of randomness. It should be noted that both methods cannot be used on servers that run without user interaction. "

Now, my server does run in an unattended mode so I guess I cannot use the Rand_event() and Rand_screen() methods. How do I securely use the Rand_bytes() method on Windows? I don't already have a file with entropy so RAND_load_file() is out of question and the links on the documentation page for EGD seem to not have an EGD that is supported on Windows. How do I make sure that the openssl random data generator is seeded with enough entropy so that I can then use Rand_bytes() to generate my keys/ivs/salts etc?

Answer 1

You can try EGDW (The Entropy Gathering Daemon for Windows)

Answer 2

You should be able to simply call RAND_bytes without worrying about the initialization. I'm unsure about the meaning in that referenced man page, but I suspect it is a bit out of date. OpenSSL has OS-specific initialization code for RAND_bytes. For example, v1.0.0c calls CryptGenRandom from RAND_poll if it is available.

It probably makes sense, though, to check the return value of RAND_bytes. It will return an error if the initialization code failed to produce enough entropy (it returns 1 to indicate success).