apr-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Mladen Turk" <mt...@mappingsoft.com>
Subject RE: [PATCH] apr_generate_random_bytes - WIN32
Date Mon, 29 Oct 2001 19:47:39 GMT


> -----Original Message-----
> From: Sander Striker [mailto:striker@apache.org]
> Sent: Monday, October 29, 2001 7:50 PM
> To: Mladen Turk; APR Dev List
> Subject: RE: [PATCH] apr_generate_random_bytes - WIN32
>
>
> > +        if (CryptAcquireContext(&hProv,NULL,NULL,PROV_RSA_FULL,
>                ^^^^
> Seems you have reversed the logic here.  Or was it wrong in the
> first place?

Ooops! It should be:
if (!CryptAcquireContext(&hProv,NULL,NULL,PROV_RSA_FULL,


Well, the all thing is very strange...
Once you create the  key container, the 'default' CryptAcquireContext passes
even after reboot.
All that is per-user basis, so if you switch the user you'll need to call
the CryptAcquireContext with the CRYPT_NEWKEYSET param because it returns
the NTE_BAD_KEYSET otherwise.
It seems that the key container doesn't exist when the user is created, and
that the CRYPT_NEWKEYSET needs to be called only once.

Here is the corrected one :)

MT.

Index: rand.c
===================================================================
RCS file: /home/cvspublic/apr/misc/win32/rand.c,v
retrieving revision 1.10
diff -u -r1.10 rand.c
--- rand.c	2001/02/16 04:15:58	1.10
+++ rand.c	2001/10/29 19:24:55
@@ -63,7 +63,12 @@
     apr_status_t res = APR_SUCCESS;

     if (!CryptAcquireContext(&hProv,NULL,NULL,PROV_RSA_FULL,0)) {
-	return apr_get_os_error();
+        /* Try to create the new key container */
+        if ((GetLastError() == NTE_BAD_KEYSET) &&
+            !CryptAcquireContext(&hProv,NULL,NULL,PROV_RSA_FULL,
+                                CRYPT_NEWKEYSET)) {
+        	return apr_get_os_error();
+        }
     }
     if (!CryptGenRandom(hProv,length,buf)) {
     	res = apr_get_os_error();


Mime
View raw message