diff options
author | Chris Wilson <chris+github@qwirx.com> | 2008-10-08 22:22:00 +0000 |
---|---|---|
committer | Chris Wilson <chris+github@qwirx.com> | 2008-10-08 22:22:00 +0000 |
commit | 146baf7e2035e3e426b6106b381c0c2784e5b281 (patch) | |
tree | 9e713bc1f61fc5b6bad2a55691badeb25aeb427a /lib/server | |
parent | 177146a9191c01ee0108cfc8974a9fc658a8fa17 (diff) |
Use Windows Crypto API to seed the random number generator, and remove
warning that it hasn't been seeded on Windows.
Diffstat (limited to 'lib/server')
-rw-r--r-- | lib/server/SSLLib.cpp | 36 |
1 files changed, 35 insertions, 1 deletions
diff --git a/lib/server/SSLLib.cpp b/lib/server/SSLLib.cpp index 7ae93ee6..71ebb78e 100644 --- a/lib/server/SSLLib.cpp +++ b/lib/server/SSLLib.cpp @@ -14,6 +14,10 @@ #include <openssl/err.h> #include <openssl/rand.h> +#ifdef WIN32 + #include <wincrypt.h> +#endif + #include "SSLLib.h" #include "ServerException.h" @@ -43,7 +47,37 @@ void SSLLib::Initialise() ::SSL_load_error_strings(); // Extra seeding over and above what's already done by the library -#ifdef HAVE_RANDOM_DEVICE +#ifdef WIN32 + HCRYPTPROV provider; + if(!CryptAcquireContext(&provider, NULL, NULL, PROV_RSA_FULL, + CRYPT_VERIFYCONTEXT)) + { + BOX_LOG_WIN_ERROR("Failed to acquire crypto context"); + BOX_WARNING("No random device -- additional seeding of " + "random number generator not performed."); + } + else + { + // must free provider + BYTE buf[1024]; + + if(!CryptGenRandom(provider, sizeof(buf), buf)) + { + BOX_LOG_WIN_ERROR("Failed to get random data"); + BOX_WARNING("No random device -- additional seeding of " + "random number generator not performed."); + } + else + { + RAND_seed(buf, sizeof(buf)); + } + + if(!CryptReleaseContext(provider, 0)) + { + BOX_LOG_WIN_ERROR("Failed to release crypto context"); + } + } +#elif HAVE_RANDOM_DEVICE if(::RAND_load_file(RANDOM_DEVICE, 1024) != 1024) { THROW_EXCEPTION(ServerException, SSLRandomInitFailed) |