Drop check for NTE_BAD_KEYSET error

Any error when acquiring the CryptoAPI context should get treated as
bad.  Also, this one can't happen for the arguments we're giving.
Fixes bug 10816; bugfix on 0.0.2pre26.

diff --git a/changes/bug10816 b/changes/bug10816
new file mode 100644 (file)
index 0000000..1185f3c
--- /dev/null
+++ b/changes/bug10816
@@ -0,0 +1,6 @@
+  o Minor bugfixes (windows):
+    - Remove code to special-case handling of NTE_BAD_KEYSET when
+      acquiring windows CryptoAPI context.  This error can't actually
+      occur for the parameters we're providing.  Fixes bug 10816;
+      bugfix on 0.0.2pre26.
+

diff --git a/src/common/crypto.c b/src/common/crypto.c
index a247a87d480d20c131f87b1f00cd6e19ece9fa4a..03a74912dd6388facbe66ad87fd1c765cb9ab80b 100644 (file)
--- a/src/common/crypto.c
+++ b/src/common/crypto.c
@@ -2456,10 +2456,8 @@ crypto_strongest_rand(uint8_t *out, size_t out_len)
   if (!provider_set) {
     if (!CryptAcquireContext(&provider, NULL, NULL, PROV_RSA_FULL,
                              CRYPT_VERIFYCONTEXT)) {
-      if ((unsigned long)GetLastError() != (unsigned long)NTE_BAD_KEYSET) {
-        log_warn(LD_CRYPTO, "Can't get CryptoAPI provider [1]");
-        return -1;
-      }
+      log_warn(LD_CRYPTO, "Can't get CryptoAPI provider [1]");
+      return -1;
     }
     provider_set = 1;
   }