From ed34e2b97ce1be68ad62f3e97c931e4eceb2244c Mon Sep 17 00:00:00 2001 From: Chris H-C Date: Thu, 16 Feb 2023 15:10:04 -0500 Subject: [PATCH] Add in a RtlGenRandom fallback for non-UWP Windows In some instances BCryptRandom will fail when RtlGenRandom will work. On UWP, we might be unable to actually use RtlGenRandom. Thread the needle and use RtlGenRandom when we have to, when we're able. See also rust-lang/rust#108060 Fixes #314 --- src/windows.rs | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/src/windows.rs b/src/windows.rs index e5a626c0..adef6a23 100644 --- a/src/windows.rs +++ b/src/windows.rs @@ -21,6 +21,14 @@ extern "system" { ) -> u32; } +// Forbidden when targetting UWP +#[cfg(not(target_vendor = "uwp"))] +#[link(name = "advapi32")] +extern "system" { + #[link_name = "SystemFunction036"] + fn RtlGenRandom(RandomBuffer: *mut c_void, RandomBufferLength: u32) -> u8; +} + pub fn getrandom_inner(dest: &mut [MaybeUninit]) -> Result<(), Error> { // Prevent overflow of u32 for chunk in dest.chunks_mut(u32::max_value() as usize) { @@ -35,6 +43,11 @@ pub fn getrandom_inner(dest: &mut [MaybeUninit]) -> Result<(), Error> { }; // NTSTATUS codes use the two highest bits for severity status. if ret >> 30 == 0b11 { + // Failed. Try RtlGenRandom as a fallback. + #[cfg(not(target_vendor = "uwp"))] + if unsafe { RtlGenRandom(chunk.as_mut_ptr() as *mut c_void, chunk.len() as u32) } != 0 { + continue; + } // We zeroize the highest bit, so the error code will reside // inside the range designated for OS codes. let code = ret ^ (1 << 31);