Handle creating the default crypto context if it doesn't already exist

Summary: It's perfectly possible that the default crypto context simply hasn't been created yet, so try to create it if the initial acquisition fails. Reviewed By: yfeldblum Differential Revision: D3673138 fbshipit-source-id: 122955df04055ff4f99513b182375d4388dd0305

Handle creating the default crypto context if it doesn't already exist
Summary: It's perfectly possible that the default crypto context simply hasn't been created yet, so try to create it if the initial acquisition fails. Reviewed By: yfeldblum Differential Revision: D3673138 fbshipit-source-id: 122955df04055ff4f99513b182375d4388dd0305
cf7b6169 · Christopher Dykes · Facebook Github Bot 7 · 86b83461 · cf7b6169
Commit cf7b6169 authored Aug 05, 2016 by Christopher Dykes Committed by Facebook Github Bot 7 Aug 05, 2016
Hide whitespace changes
Inline Side-by-side

Showing with 10 additions and 2 deletions

folly/Random.cpp folly/Random.cpp +10 -2

No files found.
--- a/folly/Random.cpp
+++ b/folly/Random.cpp
@@ -42,8 +42,16 @@ void readRandomDevice(void* data, size_t size) {
  static folly::once_flag flag;
  static HCRYPTPROV cryptoProv;
  folly::call_once(flag, [&] {
-    PCHECK(CryptAcquireContext(&cryptoProv, nullptr, nullptr,
-                               PROV_RSA_FULL, 0));
+    if (!CryptAcquireContext(&cryptoProv, nullptr, nullptr, PROV_RSA_FULL, 0)) {
+      if (GetLastError() == NTE_BAD_KEYSET) {
+        // Mostly likely cause of this is that no key container
+        // exists yet, so try to create one.
+        PCHECK(CryptAcquireContext(
+            &cryptoProv, nullptr, nullptr, PROV_RSA_FULL, CRYPT_NEWKEYSET));
+      } else {
+        LOG(FATAL) << "Failed to acquire the default crypto context.";
+      }
+    }
  });
  CHECK(size <= std::numeric_limits<DWORD>::max());
  PCHECK(CryptGenRandom(cryptoProv, (DWORD)size, (BYTE*)data));