[Box Backup-commit] COMMIT r2343 - box/trunk/lib/server

boxbackup-dev at boxbackup.org boxbackup-dev at boxbackup.org
Wed Oct 8 23:22:01 BST 2008


Author: chris
Date: 2008-10-08 23:22:00 +0100 (Wed, 08 Oct 2008)
New Revision: 2343

Modified:
   box/trunk/lib/server/SSLLib.cpp
Log:
Use Windows Crypto API to seed the random number generator, and remove
warning that it hasn't been seeded on Windows.


Modified: box/trunk/lib/server/SSLLib.cpp
===================================================================
--- box/trunk/lib/server/SSLLib.cpp	2008-10-08 20:42:52 UTC (rev 2342)
+++ box/trunk/lib/server/SSLLib.cpp	2008-10-08 22:22:00 UTC (rev 2343)
@@ -14,6 +14,10 @@
 #include <openssl/err.h>
 #include <openssl/rand.h>
 
+#ifdef WIN32
+	#include <wincrypt.h>
+#endif
+
 #include "SSLLib.h"
 #include "ServerException.h"
 
@@ -43,7 +47,37 @@
 	::SSL_load_error_strings();
 
 	// Extra seeding over and above what's already done by the library
-#ifdef HAVE_RANDOM_DEVICE
+#ifdef WIN32
+	HCRYPTPROV provider;
+	if(!CryptAcquireContext(&provider, NULL, NULL, PROV_RSA_FULL,
+		CRYPT_VERIFYCONTEXT))
+	{
+		BOX_LOG_WIN_ERROR("Failed to acquire crypto context");
+		BOX_WARNING("No random device -- additional seeding of "
+			"random number generator not performed.");
+	}
+	else
+	{
+		// must free provider
+		BYTE buf[1024];
+
+		if(!CryptGenRandom(provider, sizeof(buf), buf))
+		{
+			BOX_LOG_WIN_ERROR("Failed to get random data");
+			BOX_WARNING("No random device -- additional seeding of "
+				"random number generator not performed.");
+		}
+		else
+		{
+			RAND_seed(buf, sizeof(buf));
+		}
+		
+		if(!CryptReleaseContext(provider, 0))
+		{
+			BOX_LOG_WIN_ERROR("Failed to release crypto context");
+		}
+	}
+#elif HAVE_RANDOM_DEVICE
 	if(::RAND_load_file(RANDOM_DEVICE, 1024) != 1024)
 	{
 		THROW_EXCEPTION(ServerException, SSLRandomInitFailed)




More information about the Boxbackup-commit mailing list