Test the new SHA256 and SHA512 based password generation options

[openssl.git] / crypto / rand / rand_win.c

diff --git a/crypto/rand/rand_win.c b/crypto/rand/rand_win.c
index 46cbe1494c24f9c39e07ceb35246d2449f0a0705..1be0ed3c9a58b3d1b04f2b41f885416aedefe49a 100644 (file)
--- a/crypto/rand/rand_win.c
+++ b/crypto/rand/rand_win.c
@@ -13,31 +13,47 @@
 
 #if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32)
 # include <windows.h>
-# ifndef _WIN32_WINNT
-#  define _WIN32_WINNT 0x0400
+/* On Windows 7 or higher use BCrypt instead of the legacy CryptoAPI */
+# if defined(_MSC_VER) && defined(_WIN32_WINNT) && _WIN32_WINNT>=0x0601
+#  define RAND_WINDOWS_USE_BCRYPT
 # endif
-# include <wincrypt.h>
 
+# ifdef RAND_WINDOWS_USE_BCRYPT
+#  include <bcrypt.h>
+#  pragma comment(lib, "bcrypt.lib")
+#  ifndef STATUS_SUCCESS
+#   define STATUS_SUCCESS ((NTSTATUS)0x00000000L)
+#  endif
+# else
+#  include <wincrypt.h>
 /*
  * Intel hardware RNG CSP -- available from
  * http://developer.intel.com/design/security/rng/redist_license.htm
  */
-# define PROV_INTEL_SEC 22
-# define INTEL_DEF_PROV L"Intel Hardware Cryptographic Service Provider"
+#  define PROV_INTEL_SEC 22
+#  define INTEL_DEF_PROV L"Intel Hardware Cryptographic Service Provider"
+# endif
 
 static void readtimer(void);
 
 int RAND_poll(void)
 {
     MEMORYSTATUS mst;
-    HCRYPTPROV hProvider = 0;
+# ifndef RAND_WINDOWS_USE_BCRYPT
+    HCRYPTPROV hProvider;
+# endif
     DWORD w;
     BYTE buf[64];
 
+# ifdef RAND_WINDOWS_USE_BCRYPT
+    if (BCryptGenRandom(NULL, buf, (ULONG)sizeof(buf), BCRYPT_USE_SYSTEM_PREFERRED_RNG) == STATUS_SUCCESS) {
+        RAND_add(buf, sizeof(buf), sizeof(buf));
+    }
+# else
     /* poll the CryptoAPI PRNG */
     /* The CryptoAPI returns sizeof(buf) bytes of randomness */
     if (CryptAcquireContextW(&hProvider, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT | CRYPT_SILENT)) {
-        if (CryptGenRandom(hProvider, sizeof(buf), buf) != 0) {
+        if (CryptGenRandom(hProvider, (DWORD)sizeof(buf), buf) != 0) {
             RAND_add(buf, sizeof(buf), sizeof(buf));
         }
         CryptReleaseContext(hProvider, 0);
@@ -45,11 +61,12 @@ int RAND_poll(void)
 
     /* poll the Pentium PRG with CryptoAPI */
     if (CryptAcquireContextW(&hProvider, NULL, INTEL_DEF_PROV, PROV_INTEL_SEC, CRYPT_VERIFYCONTEXT | CRYPT_SILENT)) {
-        if (CryptGenRandom(hProvider, sizeof(buf), buf) != 0) {
+        if (CryptGenRandom(hProvider, (DWORD)sizeof(buf), buf) != 0) {
             RAND_add(buf, sizeof(buf), sizeof(buf));
         }
         CryptReleaseContext(hProvider, 0);
     }
+# endif
 
     /* timer data */
     readtimer();
@@ -65,7 +82,7 @@ int RAND_poll(void)
     return (1);
 }
 
-#if OPENSSL_API_COMPAT < 0x00101000L
+#if OPENSSL_API_COMPAT < 0x10100000L
 int RAND_event(UINT iMsg, WPARAM wParam, LPARAM lParam)
 {
     RAND_poll();