Skip to content

GitLab

Closed
Created by cypherpunks@cypherpunks

Don't exclude NTE_BAD_KEYSET error for windows

  if (!provider_set) {
    if (!CryptAcquireContext(&provider, NULL, NULL, PROV_RSA_FULL,
                             CRYPT_VERIFYCONTEXT)) {
      if ((unsigned long)GetLastError() != (unsigned long)NTE_BAD_KEYSET) {
        log_warn(LD_CRYPTO, "Can't get CryptoAPI provider [1]");
        return -1;
      }
    }
    provider_set = 1;
  }

According to http://msdn.microsoft.com/en-us/library/windows/desktop/aa379886%28v=vs.85%29.aspx NTE_BAD_KEYSET is

The key container could not be opened. A common cause of this error is that the key container does not exist. To create a key container, call CryptAcquireContext using the CRYPT_NEWKEYSET flag. This error code can also indicate that access to an existing key container is denied. Access rights to the container can be granted by the key set creator by using CryptSetProvParam.

Such error code can't be returned for used parametrs, but if something gone wrong in system then current processing this code blocks any next tries to get random data and hides real reason for any next CryptGenRandom failures.

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information