CryptGenRandom()是线程安全的吗? [英] Is CryptGenRandom() thread-safe?
问题描述
CryptGenRandom()具有单个全局程序范围的HCRYPTPROV实例是线程安全的吗?
Is CryptGenRandom() thread-safe with a single global program-wide HCRYPTPROV instance?
MSDN似乎缺少有关此的任何信息: https://msdn.microsoft.com/zh-cn/library/windows/desktop/aa379942(v = vs.85).aspx
MSDN appears to lack any info on this: https://msdn.microsoft.com/en-us/library/windows/desktop/aa379942(v=vs.85).aspx
为每个线程创建一个单独的HCRYPTPROV并再次销毁它会极大地使事情复杂化(并且也冒着与我有关的更多与安全性有关的错误的风险),因此了解这一点真的很有用.当然,共享一个全局HCRYPTPROV会容易得多.
Creating a separate HCRYPTPROV per thread and destroying it again would significantly complicate matters (and also risk more security-relevant bugs on my side), so this would be really useful to know. Sharing one global HCRYPTPROV would be a lot easier for sure.
那么这里有人知道CryptGenRandom()的线程安全性吗,特别是对于单个HCRYPTPROV实例?
So does anyone here know about the thread-safety of CryptGenRandom(), particularly with a single HCRYPTPROV instance?
推荐答案
为每个线程创建一个单独的 HCRYPTPROV 没有多大意义.这是所有当前实现中堆中的内存块的指针,主要是保存到(用于调用实际的提供程序实现)(在本例中为 CPGenRandom ).引用本身不包含 CSP 的状态,不同于例如 HCRYPTKEY 包含实际键状态的状态.因此,即使您为每个线程创建一个单独的 HCRYPTPROV -这也不会改变.
Creating a separate HCRYPTPROV per thread doesn't make much sense. This is pointer to memory block from heap in all current implementations, primarily saved pointers to CSP entry points which used to call actual provider implementation (CPGenRandom in our case). The references themselves do not contain state of the CSP, unlike for example HCRYPTKEY which containing actual key state. So even if you create a separate HCRYPTPROV for every thread - this changes nothing.
在此调用期间, CSP 内部可能会使用一些全局变量/数据;但是,这是未知的,因为这些将是实现细节.当然,我们可以在代码中序列化对 CryptGenRandom 的调用.但是,我们无法控制进程中的其他dll也同时调用 CryptGenRandom .因此,将所有对 CryptGenRandom 的调用序列化也是不可能的.
There may be some global variables / data used by CSP internally during this call; this is however unknown as these would be implementation details. Of course we can serialize calls to CryptGenRandom in the code. However we cannot control that some other dll in our process also call CryptGenRandom concurrently. So serializing all calls to CryptGenRandom also impossible.
因此,我认为 CPGenRandom 必须设计为线程安全的.这是我使用知名的Microsoft CSP进行的测试,这是真的.当需要访问全局数据并且多个线程同时调用 CPGenRandom 时,将在函数中使用内部同步.每个线程都会接收唯一的随机数据.
As result I think the CPGenRandom must be design to be thread-safe. and it my tests with a well known Microsoft CSP this is true. Internal synchronization is used in function, when need access global data and if multiple threads call CPGenRandom concurrently; every thread receives unique random data.
所以我的结论- CryptGenRandom 是线程安全的,至少对于所有
So my conclusion - CryptGenRandom is thread-safe, at least for all Microsoft CSP
这篇关于CryptGenRandom()是线程安全的吗?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
