summary refs log tree commit diff
path: root/crypto/src
diff options
context:
space:
mode:
authorEdward Ned Harvey <edward.harvey@conceptblossom.com>2014-08-05 11:05:30 -0400
committerEdward Ned Harvey <edward.harvey@conceptblossom.com>2014-08-05 11:05:30 -0400
commit8accb371a1855b54d5da6d05e6d2e26fe86e739d (patch)
tree0d669f029ccd553129fab8aff49e91a38a9049c2 /crypto/src
parentafter seeding, pointlessly threw away the first few bytes. Removed. (diff)
downloadBouncyCastle.NET-ed25519-8accb371a1855b54d5da6d05e6d2e26fe86e739d.tar.xz
use CryptoApiRandomGenerator in addition to other entropy sources
Diffstat (limited to 'crypto/src')
-rw-r--r--crypto/src/security/SecureRandom.cs7


1 files changed, 6 insertions, 1 deletions
diff --git a/crypto/src/security/SecureRandom.cs b/crypto/src/security/SecureRandom.cs

index 6bc019481..ed0193e8d 100644
--- a/crypto/src/security/SecureRandom.cs
+++ b/crypto/src/security/SecureRandom.cs
@@ -28,7 +28,12 @@ namespace Org.BouncyCastle.Security
 
 					// Even though Ticks has at most 8 or 14 bits of entropy, there's no harm in adding it.
 					sr.SetSeed(DateTime.Now.Ticks);
-                    
+					// In addition to Ticks and ThreadedSeedGenerator, also seed from CryptoApiRandomGenerator
+					CryptoApiRandomGenerator systemRNG = new CryptoApiRandomGenerator();
+					byte[] systemSeed = new byte[32];
+					systemRNG.NextBytes(systemSeed);
+					sr.SetSeed(systemSeed);
+					Array.Clear(systemSeed,0,systemSeed.Length);
 					// 32 will be enough when ThreadedSeedGenerator is fixed.  Until then, ThreadedSeedGenerator returns low
 					// entropy, and this is not sufficient to be secure. http://www.bouncycastle.org/csharpdevmailarchive/msg00814.html
 					sr.SetSeed(new ThreadedSeedGenerator().GenerateSeed(32, true));

 

generated by cgit-magenta 1.5.1 (git 2.48.1) at 2025-08-01 23:51:09 +0000