diff options
author | Nobuyoshi Nakada <nobu@ruby-lang.org> | 2021-09-24 17:06:10 +0900 |
---|---|---|
committer | Nobuyoshi Nakada <nobu@ruby-lang.org> | 2021-10-02 21:22:33 +0900 |
commit | e0ef4899f3ef2561ae32275c2c3d11914e7343c7 (patch) | |
tree | d8f87e7eccb08b9ebe4a42b0082d1c1cc1a0dcbd /random.c | |
parent | b8327fb8b10615ddb3f5e1978d6d83be465503a9 (diff) |
[Win32] Prefer Cryptography Next Generation API
[BCryptGenRandom] is available since Windows Vista / Windows
Server 2008.
Regarding [CryptGenRandom]:
> This API is deprecated. New and existing software should start
> using Cryptography Next Generation APIs. Microsoft may remove
> this API in future releases.
[BCryptGenRandom]: https://docs.microsoft.com/en-us/windows/win32/api/bcrypt/nf-bcrypt-bcryptgenrandom
[CryptGenRandom]: https://docs.microsoft.com/en-us/windows/win32/api/wincrypt/nf-wincrypt-cryptgenrandom
Notes
Notes:
Merged: https://github.com/ruby/ruby/pull/4924
Diffstat (limited to 'random.c')
-rw-r--r-- | random.c | 22 |
1 files changed, 21 insertions, 1 deletions
@@ -42,6 +42,7 @@ # include <winsock2.h> # include <windows.h> # include <wincrypt.h> +# include <bcrypt.h> #endif #if defined(__OpenBSD__) || defined(__FreeBSD__) || defined(__NetBSD__) @@ -544,6 +545,7 @@ fill_random_bytes_syscall(void *buf, size_t size, int unused) #endif } #elif defined(_WIN32) +# if defined(CRYPT_VERIFYCONTEXT) STATIC_ASSERT(sizeof_HCRYPTPROV, sizeof(HCRYPTPROV) == sizeof(size_t)); /* Although HCRYPTPROV is not a HANDLE, it looks like @@ -561,7 +563,7 @@ release_crypt(void *p) } static int -fill_random_bytes_syscall(void *seed, size_t size, int unused) +fill_random_bytes_crypt(void *seed, size_t size) { static HCRYPTPROV perm_prov; HCRYPTPROV prov = perm_prov, old_prov; @@ -588,6 +590,24 @@ fill_random_bytes_syscall(void *seed, size_t size, int unused) CryptGenRandom(prov, size, seed); return 0; } +# else +# define fill_random_bytes_crypt(seed, size) -1 +# endif + +static int +fill_random_bytes_bcrypt(void *seed, size_t size) +{ + if (!BCryptGenRandom(NULL, seed, size, BCRYPT_USE_SYSTEM_PREFERRED_RNG)) + return 0; + return -1; +} + +static int +fill_random_bytes_syscall(void *seed, size_t size, int unused) +{ + if (fill_random_bytes_bcrypt(seed, size) == 0) return 0; + return fill_random_bytes_crypt(seed, size); +} #elif defined HAVE_GETRANDOM static int fill_random_bytes_syscall(void *seed, size_t size, int need_secure) |