[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] error: qcrypto_random_bytes() tried to read from /dev/[

From: Daniel P. Berrange
Subject: Re: [Qemu-devel] error: qcrypto_random_bytes() tried to read from /dev/[u]random, even on windows
Date: Mon, 24 Apr 2017 14:57:49 +0100
User-agent: Mutt/1.7.1 (2016-10-04)

On Mon, Apr 24, 2017 at 02:52:30PM +0100, Peter Maydell wrote:
> On 24 April 2017 at 14:36, Daniel P. Berrange <address@hidden> wrote:
> > FYI, both gnutls and openssl use these CryptAcquireContext/CryptGenRandom
> > methods, so I'd prefer to stick with that.
> They probably need the full crypto API anyway, though...
> > It seems we merely need to set CRYPT_SILENT in the flags to prevent any
> > chance of interactive prompts.
> >
> > https://msdn.microsoft.com/en-us/library/windows/desktop/aa379886(v=vs.85).aspx
> How about CRYPT_VERIFYCONTEXT? The docs say "in most cases this flag
> should be set".
> This kind of discussion puts me off the Crypt* APIs though -- they're
> a complicated API that can easily be misused. "Please just fill
> this buffer with randomness" is a simple API that's hard to call
> wrongly...

This is the extent of gnutls's code in this area


Our API has the same usage scenario as this, hence my preference to mirror
what gnutls & other crypto libraries are using.

|: https://berrange.com      -o-    https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org         -o-            https://fstop138.berrange.com :|
|: https://entangle-photo.org    -o-    https://www.instagram.com/dberrange :|

reply via email to

[Prev in Thread] Current Thread [Next in Thread]