ruby-changes:68203
From: Nobuyoshi <ko1@a...>
Date: Sat, 2 Oct 2021 21:22:45 +0900 (JST)
Subject: [ruby-changes:68203] e0ef4899f3 (master): [Win32] Prefer Cryptography Next Generation API
https://git.ruby-lang.org/ruby.git/commit/?id=e0ef4899f3 From e0ef4899f3ef2561ae32275c2c3d11914e7343c7 Mon Sep 17 00:00:00 2001 From: Nobuyoshi Nakada <nobu@r...> Date: Fri, 24 Sep 2021 17:06:10 +0900 Subject: [Win32] Prefer Cryptography Next Generation API [BCryptGenRandom] is available since Windows Vista / Windows Server 2008. Regarding [CryptGenRandom]: > This API is deprecated. New and existing software should start > using Cryptography Next Generation APIs. Microsoft may remove > this API in future releases. [BCryptGenRandom]: https://docs.microsoft.com/en-us/windows/win32/api/bcrypt/nf-bcrypt-bcryptgenrandom [CryptGenRandom]: https://docs.microsoft.com/en-us/windows/win32/api/wincrypt/nf-wincrypt-cryptgenrandom --- configure.ac | 2 +- random.c | 22 +++++++++++++++++++++- win32/Makefile.sub | 2 +- 3 files changed, 23 insertions(+), 3 deletions(-) diff --git a/configure.ac b/configure.ac index b65ccf4b31..fc9a9967f3 100644 --- a/configure.ac +++ b/configure.ac @@ -1115,7 +1115,7 @@ main() https://github.com/ruby/ruby/blob/trunk/configure.ac#L1115 AC_CHECK_FUNCS(cygwin_conv_path) AC_LIBOBJ([langinfo]) ], -[mingw*], [ LIBS="-lshell32 -lws2_32 -liphlpapi -limagehlp -lshlwapi $LIBS" +[mingw*], [ LIBS="-lshell32 -lws2_32 -liphlpapi -limagehlp -lshlwapi -lbcrypt $LIBS" ac_cv_header_pwd_h=no ac_cv_header_utime_h=no ac_cv_header_sys_ioctl_h=no diff --git a/random.c b/random.c index fd9db0cf75..0503436c47 100644 --- a/random.c +++ b/random.c @@ -42,6 +42,7 @@ https://github.com/ruby/ruby/blob/trunk/random.c#L42 # include <winsock2.h> # include <windows.h> # include <wincrypt.h> +# include <bcrypt.h> #endif #if defined(__OpenBSD__) || defined(__FreeBSD__) || defined(__NetBSD__) @@ -544,6 +545,7 @@ fill_random_bytes_syscall(void *buf, size_t size, int unused) https://github.com/ruby/ruby/blob/trunk/random.c#L545 #endif } #elif defined(_WIN32) +# if defined(CRYPT_VERIFYCONTEXT) STATIC_ASSERT(sizeof_HCRYPTPROV, sizeof(HCRYPTPROV) == sizeof(size_t)); /* Although HCRYPTPROV is not a HANDLE, it looks like @@ -561,7 +563,7 @@ release_crypt(void *p) https://github.com/ruby/ruby/blob/trunk/random.c#L563 } static int -fill_random_bytes_syscall(void *seed, size_t size, int unused) +fill_random_bytes_crypt(void *seed, size_t size) { static HCRYPTPROV perm_prov; HCRYPTPROV prov = perm_prov, old_prov; @@ -588,6 +590,24 @@ fill_random_bytes_syscall(void *seed, size_t size, int unused) https://github.com/ruby/ruby/blob/trunk/random.c#L590 CryptGenRandom(prov, size, seed); return 0; } +# else +# define fill_random_bytes_crypt(seed, size) -1 +# endif + +static int +fill_random_bytes_bcrypt(void *seed, size_t size) +{ + if (!BCryptGenRandom(NULL, seed, size, BCRYPT_USE_SYSTEM_PREFERRED_RNG)) + return 0; + return -1; +} + +static int +fill_random_bytes_syscall(void *seed, size_t size, int unused) +{ + if (fill_random_bytes_bcrypt(seed, size) == 0) return 0; + return fill_random_bytes_crypt(seed, size); +} #elif defined HAVE_GETRANDOM static int fill_random_bytes_syscall(void *seed, size_t size, int need_secure) diff --git a/win32/Makefile.sub b/win32/Makefile.sub index a610577603..2aef63985b 100644 --- a/win32/Makefile.sub +++ b/win32/Makefile.sub @@ -277,7 +277,7 @@ LIBS = user32.lib advapi32.lib shell32.lib ws2_32.lib https://github.com/ruby/ruby/blob/trunk/win32/Makefile.sub#L277 !if $(MSC_VER) >= 1400 LIBS = $(LIBS) iphlpapi.lib !endif -LIBS = $(LIBS) imagehlp.lib shlwapi.lib $(EXTLIBS) +LIBS = $(LIBS) imagehlp.lib shlwapi.lib bcrypt.lib $(EXTLIBS) !endif !if !defined(MISSING) MISSING = crypt.obj ffs.obj langinfo.obj lgamma_r.obj strlcat.obj strlcpy.obj win32/win32.obj win32/file.obj setproctitle.obj -- cgit v1.2.1 -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/