diff options
author | Edward Ned Harvey <edward.harvey@conceptblossom.com> | 2014-08-05 11:05:30 -0400 |
---|---|---|
committer | Edward Ned Harvey <edward.harvey@conceptblossom.com> | 2014-08-05 11:05:30 -0400 |
commit | 8accb371a1855b54d5da6d05e6d2e26fe86e739d (patch) | |
tree | 0d669f029ccd553129fab8aff49e91a38a9049c2 /crypto/src/security/SecureRandom.cs | |
parent | after seeding, pointlessly threw away the first few bytes. Removed. (diff) | |
download | BouncyCastle.NET-ed25519-8accb371a1855b54d5da6d05e6d2e26fe86e739d.tar.xz |
use CryptoApiRandomGenerator in addition to other entropy sources
Diffstat (limited to 'crypto/src/security/SecureRandom.cs')
-rw-r--r-- | crypto/src/security/SecureRandom.cs | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/crypto/src/security/SecureRandom.cs b/crypto/src/security/SecureRandom.cs index 6bc019481..ed0193e8d 100644 --- a/crypto/src/security/SecureRandom.cs +++ b/crypto/src/security/SecureRandom.cs @@ -28,7 +28,12 @@ namespace Org.BouncyCastle.Security // Even though Ticks has at most 8 or 14 bits of entropy, there's no harm in adding it. sr.SetSeed(DateTime.Now.Ticks); - + // In addition to Ticks and ThreadedSeedGenerator, also seed from CryptoApiRandomGenerator + CryptoApiRandomGenerator systemRNG = new CryptoApiRandomGenerator(); + byte[] systemSeed = new byte[32]; + systemRNG.NextBytes(systemSeed); + sr.SetSeed(systemSeed); + Array.Clear(systemSeed,0,systemSeed.Length); // 32 will be enough when ThreadedSeedGenerator is fixed. Until then, ThreadedSeedGenerator returns low // entropy, and this is not sufficient to be secure. http://www.bouncycastle.org/csharpdevmailarchive/msg00814.html sr.SetSeed(new ThreadedSeedGenerator().GenerateSeed(32, true)); |