From 8902fef44575ffd958abbe4791d3400f782f41c2 Mon Sep 17 00:00:00 2001
From: Simon Tatham <anakin@pobox.com>
Date: Sat, 20 Jul 2013 08:34:54 +0000
Subject: [PATCH] Been meaning to get round to this for a while: use
 CryptGenRandom to gather extra entropy at Windows PuTTY startup time. (It's
 only used as one of the inputs to PuTTY's internal entropy pool, so nobody is
 required to trust it.)

[originally from svn r9941]
---
 windows/winnoise.c | 33 ++++++++++++++++++++++++++++++---
 1 file changed, 30 insertions(+), 3 deletions(-)

diff --git a/windows/winnoise.c b/windows/winnoise.c
index affb1a52..31364546 100644
--- a/windows/winnoise.c
+++ b/windows/winnoise.c
@@ -9,10 +9,18 @@
 #include "ssh.h"
 #include "storage.h"
 
+#include <wincrypt.h>
+
+DECL_WINDOWS_FUNCTION(static, BOOL, CryptAcquireContextA,
+                      (HCRYPTPROV *, LPCTSTR, LPCTSTR, DWORD, DWORD));
+DECL_WINDOWS_FUNCTION(static, BOOL, CryptGenRandom,
+                      (HCRYPTPROV, DWORD, BYTE *));
+DECL_WINDOWS_FUNCTION(static, BOOL, CryptReleaseContext,
+                      (HCRYPTPROV, DWORD));
+static HMODULE wincrypt_module = NULL;
+
 /*
- * This function is called once, at PuTTY startup, and will do some
- * seriously silly things like listing directories and getting disk
- * free space and a process snapshot.
+ * This function is called once, at PuTTY startup.
  */
 
 void noise_get_heavy(void (*func) (void *, int))
@@ -20,6 +28,7 @@ void noise_get_heavy(void (*func) (void *, int))
     HANDLE srch;
     WIN32_FIND_DATA finddata;
     DWORD pid;
+    HCRYPTPROV crypt_provider;
     char winpath[MAX_PATH + 3];
 
     GetWindowsDirectory(winpath, sizeof(winpath));
@@ -35,6 +44,24 @@ void noise_get_heavy(void (*func) (void *, int))
     pid = GetCurrentProcessId();
     func(&pid, sizeof(pid));
 
+    if (!wincrypt_module) {
+        wincrypt_module = load_system32_dll("advapi32.dll");
+        GET_WINDOWS_FUNCTION(wincrypt_module, CryptAcquireContextA);
+        GET_WINDOWS_FUNCTION(wincrypt_module, CryptGenRandom);
+        GET_WINDOWS_FUNCTION(wincrypt_module, CryptReleaseContext);
+    }
+
+    if (wincrypt_module && p_CryptAcquireContextA &&
+        p_CryptGenRandom && p_CryptReleaseContext &&
+        p_CryptAcquireContextA(&crypt_provider, NULL, NULL, PROV_RSA_FULL,
+                               CRYPT_VERIFYCONTEXT)) {
+        BYTE buf[32];
+        if (p_CryptGenRandom(crypt_provider, 32, buf)) {
+            func(buf, sizeof(buf));
+        }
+        p_CryptReleaseContext(crypt_provider, 0);
+    }
+
     read_random_seed(func);
     /* Update the seed immediately, in case another instance uses it. */
     random_save_seed();
-- 
2.45.2