From 3797c6e0f378b1d3639404e12a229350aad3daf1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?C=C5=93ur?= Date: Tue, 4 Nov 2025 17:55:54 +0100 Subject: [PATCH 1/3] Win32: check for BCryptGenRandom --- CMakeLists.txt | 1 + arc4random.c | 20 ++++++++++++++++++++ event-config.h.cmake | 3 +++ 3 files changed, 24 insertions(+) diff --git a/CMakeLists.txt b/CMakeLists.txt index db6053ce87..2d052c3b76 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -533,6 +533,7 @@ if (WIN32) list(APPEND SYMBOLS_TO_CHECK _gmtime64 _gmtime64_s + BCryptGenRandom ) else() list(APPEND SYMBOLS_TO_CHECK diff --git a/arc4random.c b/arc4random.c index 10f3c586f6..3ff6834049 100644 --- a/arc4random.c +++ b/arc4random.c @@ -52,7 +52,11 @@ #ifndef ARC4RANDOM_NO_INCLUDES #include "evconfig-private.h" #ifdef _WIN32 +#ifndef EVENT__HAVE_BCRYPTGENRANDOM +#include +#else #include +#endif #include #include #else @@ -153,9 +157,25 @@ static int arc4_seed_win32(void) { unsigned char buf[ADD_ENTROPY]; +#ifndef EVENT__HAVE_BCRYPTGENRANDOM + /* This is adapted from Tor's crypto_seed_rng() */ + static int provider_set = 0; + static HCRYPTPROV provider; + + if (!provider_set) { + if (!CryptAcquireContext(&provider, NULL, NULL, PROV_RSA_FULL, + CRYPT_VERIFYCONTEXT)) { + if (GetLastError() != (DWORD)NTE_BAD_KEYSET) + return -1; + } + provider_set = 1; + } + if (!CryptGenRandom(provider, sizeof(buf), buf)) +#else if (BCryptGenRandom(NULL, buf, sizeof(buf), BCRYPT_USE_SYSTEM_PREFERRED_RNG)) +#endif return -1; arc4_addrandom(buf, sizeof(buf)); evutil_memclear_(buf, sizeof(buf)); diff --git a/event-config.h.cmake b/event-config.h.cmake index 68c9cc7235..db9a379d24 100644 --- a/event-config.h.cmake +++ b/event-config.h.cmake @@ -285,6 +285,9 @@ /* Define to 1 if you have the `_gmtime64' function. */ #cmakedefine EVENT__HAVE__GMTIME64 1 +/* Define to 1 if you have the `BCryptGenRandom' function. */ +#cmakedefine EVENT__HAVE_BCRYPTGENRANDOM 1 + /* Define to 1 if the system has the type `struct addrinfo'. */ #cmakedefine EVENT__HAVE_STRUCT_ADDRINFO 1 From 8c6f204fec3f36d6a830d208a47c35f7097ae972 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?C=C5=93ur?= Date: Sun, 9 Nov 2025 09:02:44 +0100 Subject: [PATCH 2/3] Condition is bcrypt.lib --- CMakeLists.txt | 1 - arc4random.c | 4 ++-- event-config.h.cmake | 4 ++-- 3 files changed, 4 insertions(+), 5 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 2d052c3b76..db6053ce87 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -533,7 +533,6 @@ if (WIN32) list(APPEND SYMBOLS_TO_CHECK _gmtime64 _gmtime64_s - BCryptGenRandom ) else() list(APPEND SYMBOLS_TO_CHECK diff --git a/arc4random.c b/arc4random.c index 3ff6834049..541c9d3c21 100644 --- a/arc4random.c +++ b/arc4random.c @@ -52,7 +52,7 @@ #ifndef ARC4RANDOM_NO_INCLUDES #include "evconfig-private.h" #ifdef _WIN32 -#ifndef EVENT__HAVE_BCRYPTGENRANDOM +#ifndef EVENT__HAVE_BCRYPT_LIB #include #else #include @@ -157,7 +157,7 @@ static int arc4_seed_win32(void) { unsigned char buf[ADD_ENTROPY]; -#ifndef EVENT__HAVE_BCRYPTGENRANDOM +#ifndef EVENT__HAVE_BCRYPT_LIB /* This is adapted from Tor's crypto_seed_rng() */ static int provider_set = 0; static HCRYPTPROV provider; diff --git a/event-config.h.cmake b/event-config.h.cmake index db9a379d24..ed82030d1e 100644 --- a/event-config.h.cmake +++ b/event-config.h.cmake @@ -285,8 +285,8 @@ /* Define to 1 if you have the `_gmtime64' function. */ #cmakedefine EVENT__HAVE__GMTIME64 1 -/* Define to 1 if you have the `BCryptGenRandom' function. */ -#cmakedefine EVENT__HAVE_BCRYPTGENRANDOM 1 +/* Define to 1 if you link with `bcrypt.lib'. */ +#cmakedefine EVENT__HAVE_BCRYPT_LIB 1 /* Define to 1 if the system has the type `struct addrinfo'. */ #cmakedefine EVENT__HAVE_STRUCT_ADDRINFO 1 From 97a86bf93bc351b2361b982fba5590f7e6d17d45 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?C=C5=93ur?= Date: Wed, 19 Nov 2025 11:25:09 +0100 Subject: [PATCH 3/3] Revert "Condition is bcrypt.lib" This reverts commit 8c6f204fec3f36d6a830d208a47c35f7097ae972. --- CMakeLists.txt | 1 + arc4random.c | 4 ++-- event-config.h.cmake | 4 ++-- 3 files changed, 5 insertions(+), 4 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index db6053ce87..2d052c3b76 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -533,6 +533,7 @@ if (WIN32) list(APPEND SYMBOLS_TO_CHECK _gmtime64 _gmtime64_s + BCryptGenRandom ) else() list(APPEND SYMBOLS_TO_CHECK diff --git a/arc4random.c b/arc4random.c index 541c9d3c21..3ff6834049 100644 --- a/arc4random.c +++ b/arc4random.c @@ -52,7 +52,7 @@ #ifndef ARC4RANDOM_NO_INCLUDES #include "evconfig-private.h" #ifdef _WIN32 -#ifndef EVENT__HAVE_BCRYPT_LIB +#ifndef EVENT__HAVE_BCRYPTGENRANDOM #include #else #include @@ -157,7 +157,7 @@ static int arc4_seed_win32(void) { unsigned char buf[ADD_ENTROPY]; -#ifndef EVENT__HAVE_BCRYPT_LIB +#ifndef EVENT__HAVE_BCRYPTGENRANDOM /* This is adapted from Tor's crypto_seed_rng() */ static int provider_set = 0; static HCRYPTPROV provider; diff --git a/event-config.h.cmake b/event-config.h.cmake index ed82030d1e..db9a379d24 100644 --- a/event-config.h.cmake +++ b/event-config.h.cmake @@ -285,8 +285,8 @@ /* Define to 1 if you have the `_gmtime64' function. */ #cmakedefine EVENT__HAVE__GMTIME64 1 -/* Define to 1 if you link with `bcrypt.lib'. */ -#cmakedefine EVENT__HAVE_BCRYPT_LIB 1 +/* Define to 1 if you have the `BCryptGenRandom' function. */ +#cmakedefine EVENT__HAVE_BCRYPTGENRANDOM 1 /* Define to 1 if the system has the type `struct addrinfo'. */ #cmakedefine EVENT__HAVE_STRUCT_ADDRINFO 1