You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
166 lines
3.0 KiB
166 lines
3.0 KiB
/*++
|
|
|
|
Copyright (c) 1994-1998 Microsoft Corporation
|
|
|
|
Module Name:
|
|
|
|
tssec.c
|
|
|
|
Abstract:
|
|
|
|
Contains code that generates random keys.
|
|
|
|
Author:
|
|
|
|
Madan Appiah (madana) 1-Jan-1998
|
|
Modified by Nadim Abdo 31-Aug-2001 to use system RNG
|
|
|
|
Environment:
|
|
|
|
User Mode - Win32
|
|
|
|
Revision History:
|
|
|
|
--*/
|
|
|
|
#include <seccom.h>
|
|
#include <stdlib.h>
|
|
|
|
#ifdef OS_WINCE
|
|
#include <rng.h>
|
|
#endif
|
|
|
|
#ifndef OS_WINCE
|
|
#include <randlib.h>
|
|
#endif
|
|
|
|
VOID
|
|
TSRNG_Initialize(
|
|
)
|
|
{
|
|
#ifndef OS_WINCE
|
|
InitializeRNG(NULL);
|
|
#else
|
|
TSInitializeRNG();
|
|
#endif
|
|
}
|
|
|
|
|
|
VOID
|
|
TSRNG_Shutdown(
|
|
)
|
|
{
|
|
#ifndef OS_WINCE
|
|
ShutdownRNG(NULL);
|
|
#endif
|
|
}
|
|
|
|
|
|
|
|
//
|
|
// function definitions
|
|
//
|
|
|
|
BOOL
|
|
TSRNG_GenerateRandomBits(
|
|
LPBYTE pbRandomBits,
|
|
DWORD cbLen
|
|
)
|
|
/*++
|
|
|
|
Routine Description:
|
|
|
|
This function returns random bits
|
|
|
|
Arguments:
|
|
|
|
pbRandomBits - pointer to a buffer where a random key is returned.
|
|
|
|
cbLen - length of the random key required.
|
|
|
|
Return Value:
|
|
|
|
TRUE - if a random key is generated successfully.
|
|
FALSE - otherwise.
|
|
|
|
--*/
|
|
{
|
|
#ifndef OS_WINCE
|
|
BOOL fRet;
|
|
|
|
fRet = NewGenRandom(NULL, NULL, pbRandomBits, cbLen);
|
|
|
|
return fRet;
|
|
#else
|
|
GenerateRandomBits(pbRandomBits, cbLen);
|
|
return( TRUE );
|
|
#endif
|
|
}
|
|
|
|
|
|
BOOL
|
|
TSCAPI_GenerateRandomBits(
|
|
LPBYTE pbRandomBits,
|
|
DWORD cbLen
|
|
)
|
|
/*++
|
|
|
|
Routine Description:
|
|
|
|
This function generates random number using CAPI in user mode
|
|
|
|
Arguments:
|
|
|
|
pbRandomBits - pointer to a buffer where a random key is returned.
|
|
|
|
cbLen - length of the random key required.
|
|
|
|
Return Value:
|
|
|
|
TRUE - if a random number is generated successfully.
|
|
FALSE - otherwise.
|
|
|
|
--*/
|
|
{
|
|
HCRYPTPROV hProv;
|
|
BOOL rc = FALSE;
|
|
DWORD dwExtraFlags = CRYPT_VERIFYCONTEXT;
|
|
DWORD dwError;
|
|
|
|
// Get handle to the default provider.
|
|
if(!CryptAcquireContext(&hProv, NULL, 0, PROV_RSA_FULL, dwExtraFlags)) {
|
|
|
|
// Could not acquire a crypt context, get the reason of failure
|
|
dwError = GetLastError();
|
|
|
|
// If we get this error, it means the caller is impersonating a user (in Remote Assistance)
|
|
// we revert back to the old way of generating random bits
|
|
if (dwError == ERROR_FILE_NOT_FOUND) {
|
|
rc = TSRNG_GenerateRandomBits(pbRandomBits, cbLen);
|
|
goto done;
|
|
}
|
|
|
|
// Since default keyset should always exist, we can't hit this code path
|
|
if (dwError == NTE_BAD_KEYSET) {
|
|
//
|
|
//create a new keyset
|
|
//
|
|
if(!CryptAcquireContext(&hProv, NULL, 0, PROV_RSA_FULL, dwExtraFlags | CRYPT_NEWKEYSET)) {
|
|
//printf("Error %x during CryptAcquireContext!\n", GetLastError());
|
|
goto done;
|
|
}
|
|
}
|
|
else {
|
|
goto done;
|
|
}
|
|
}
|
|
|
|
if (CryptGenRandom(hProv, cbLen, pbRandomBits)) {
|
|
rc = TRUE;
|
|
}
|
|
|
|
CryptReleaseContext(hProv, 0);
|
|
|
|
done:
|
|
return rc;
|
|
}
|