2
* Make sure that there is a good source of random characters
3
* so that OpenSSL can work properly and securely.
6
/* Skip asynch rpc inclusion */
16
unsigned int getrandom_chars(int desired, unsigned char *buf, int lenbuf);
17
BOOL create_random_file(char *filename);
26
/* See if the environmental variable RANDFILE is defined
29
randfile = getenv("RANDFILE");
30
if (randfile != NULL) {
31
rf = fopen(randfile, "rb");
37
/* The environmental variable exists but not the file */
38
return (create_random_file(randfile));
42
* If the RANDFILE environmental variable does not exist,
43
* see if the HOME enviromental variable exists and
44
* a .rnd file is in there.
46
homedir = getenv("HOME");
47
if (homedir != NULL) {
49
strcat(tmp, "\\.rnd");
50
rf = fopen(tmp, "rb");
56
/* The HOME environmental variable exists but not the file */
57
return (create_random_file(tmp));
61
* Final try. Look for it on the C:\ directory
62
* NOTE: This is a really bad place for it security-wise
63
* However, OpenSSL looks for it there if it can't find it elsewhere
65
rf = fopen("C:\\.rnd", "rb");
70
/* The file does not exist */
71
return (create_random_file("C:\\.rnd"));
74
* Routine to create the random file with 1024 random characters
77
create_random_file(char *filename) {
80
unsigned char buf[1025];
82
nchars = getrandom_chars(1024, buf, sizeof(buf));
83
rf = fopen(filename, "wb");
86
fwrite(buf, sizeof(unsigned char), nchars, rf);
92
getrandom_chars(int desired, unsigned char *buf, int lenbuf) {
93
HCRYPTPROV hcryptprov;
96
if (buf == NULL || lenbuf <= 0 || desired > lenbuf)
99
* The first time we just try to acquire the context
101
err = CryptAcquireContext(&hcryptprov, NULL, NULL, PROV_RSA_FULL,
102
CRYPT_VERIFYCONTEXT);
106
if (!CryptGenRandom(hcryptprov, desired, buf)) {
107
CryptReleaseContext(hcryptprov, 0);
111
CryptReleaseContext(hcryptprov, 0);