hash_win32.c 8.2 KB
Newer Older
1
/*
Edward Thomson committed
2
 * Copyright (C) the libgit2 contributors. All rights reserved.
3 4 5 6 7 8 9 10 11 12 13 14 15
 *
 * This file is part of libgit2, distributed under the GNU GPL v2 with
 * a Linking Exception. For full terms see the included COPYING file.
 */

#include "common.h"
#include "global.h"
#include "hash.h"
#include "hash/hash_win32.h"

#include <wincrypt.h>
#include <strsafe.h>

16 17 18 19
static struct git_hash_prov hash_prov = {0};

/* Hash initialization */

20
/* Initialize CNG, if available */
21
GIT_INLINE(int) hash_cng_prov_init(void)
22 23 24 25 26 27 28
{
	OSVERSIONINFOEX version_test = {0};
	DWORD version_test_mask;
	DWORDLONG version_condition_mask = 0;
	char dll_path[MAX_PATH];
	DWORD dll_path_len, size_len;

29 30
	return -1;

31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51
	/* Only use CNG on Windows 2008 / Vista SP1  or better (Windows 6.0 SP1) */
	version_test.dwOSVersionInfoSize = sizeof(OSVERSIONINFOEX);
	version_test.dwMajorVersion = 6;
	version_test.dwMinorVersion = 0;
	version_test.wServicePackMajor = 1;
	version_test.wServicePackMinor = 0;

	version_test_mask = (VER_MAJORVERSION | VER_MINORVERSION | VER_SERVICEPACKMAJOR | VER_SERVICEPACKMINOR);

	VER_SET_CONDITION(version_condition_mask, VER_MAJORVERSION, VER_GREATER_EQUAL);
	VER_SET_CONDITION(version_condition_mask, VER_MINORVERSION, VER_GREATER_EQUAL);
	VER_SET_CONDITION(version_condition_mask, VER_SERVICEPACKMAJOR, VER_GREATER_EQUAL);
	VER_SET_CONDITION(version_condition_mask, VER_SERVICEPACKMINOR, VER_GREATER_EQUAL);

	if (!VerifyVersionInfo(&version_test, version_test_mask, version_condition_mask))
		return -1;

	/* Load bcrypt.dll explicitly from the system directory */
	if ((dll_path_len = GetSystemDirectory(dll_path, MAX_PATH)) == 0 || dll_path_len > MAX_PATH ||
		StringCchCat(dll_path, MAX_PATH, "\\") < 0 ||
		StringCchCat(dll_path, MAX_PATH, GIT_HASH_CNG_DLL_NAME) < 0 ||
52
		(hash_prov.prov.cng.dll = LoadLibrary(dll_path)) == NULL)
53 54 55
		return -1;

	/* Load the function addresses */
56 57 58 59 60 61 62 63
	if ((hash_prov.prov.cng.open_algorithm_provider = (hash_win32_cng_open_algorithm_provider_fn)GetProcAddress(hash_prov.prov.cng.dll, "BCryptOpenAlgorithmProvider")) == NULL ||
		(hash_prov.prov.cng.get_property = (hash_win32_cng_get_property_fn)GetProcAddress(hash_prov.prov.cng.dll, "BCryptGetProperty")) == NULL ||
		(hash_prov.prov.cng.create_hash = (hash_win32_cng_create_hash_fn)GetProcAddress(hash_prov.prov.cng.dll, "BCryptCreateHash")) == NULL ||
		(hash_prov.prov.cng.finish_hash = (hash_win32_cng_finish_hash_fn)GetProcAddress(hash_prov.prov.cng.dll, "BCryptFinishHash")) == NULL ||
		(hash_prov.prov.cng.hash_data = (hash_win32_cng_hash_data_fn)GetProcAddress(hash_prov.prov.cng.dll, "BCryptHashData")) == NULL ||
		(hash_prov.prov.cng.destroy_hash = (hash_win32_cng_destroy_hash_fn)GetProcAddress(hash_prov.prov.cng.dll, "BCryptDestroyHash")) == NULL ||
		(hash_prov.prov.cng.close_algorithm_provider = (hash_win32_cng_close_algorithm_provider_fn)GetProcAddress(hash_prov.prov.cng.dll, "BCryptCloseAlgorithmProvider")) == NULL) {
		FreeLibrary(hash_prov.prov.cng.dll);
64 65 66 67
		return -1;
	}

	/* Load the SHA1 algorithm */
68 69
	if (hash_prov.prov.cng.open_algorithm_provider(&hash_prov.prov.cng.handle, GIT_HASH_CNG_HASH_TYPE, NULL, GIT_HASH_CNG_HASH_REUSABLE) < 0) {
		FreeLibrary(hash_prov.prov.cng.dll);
70 71 72 73
		return -1;
	}

	/* Get storage space for the hash object */
74 75 76
	if (hash_prov.prov.cng.get_property(hash_prov.prov.cng.handle, GIT_HASH_CNG_HASH_OBJECT_LEN, (PBYTE)&hash_prov.prov.cng.hash_object_size, sizeof(DWORD), &size_len, 0) < 0) {
		hash_prov.prov.cng.close_algorithm_provider(hash_prov.prov.cng.handle, 0);
		FreeLibrary(hash_prov.prov.cng.dll);
77 78 79
		return -1;
	}

80
	hash_prov.type = CNG;
81 82 83
	return 0;
}

84 85 86 87 88 89 90 91
GIT_INLINE(void) hash_cng_prov_shutdown(void)
{
	hash_prov.prov.cng.close_algorithm_provider(hash_prov.prov.cng.handle, 0);
	FreeLibrary(hash_prov.prov.cng.dll);

	hash_prov.type = INVALID;
}

92
/* Initialize CryptoAPI */
93
GIT_INLINE(int) hash_cryptoapi_prov_init()
94
{
95
	if (!CryptAcquireContext(&hash_prov.prov.cryptoapi.handle, NULL, 0, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT))
96 97
		return -1;

98
	hash_prov.type = CRYPTOAPI;
99 100 101
	return 0;
}

102 103 104 105 106 107 108
GIT_INLINE(void) hash_cryptoapi_prov_shutdown(void)
{
	CryptReleaseContext(hash_prov.prov.cryptoapi.handle, 0);

	hash_prov.type = INVALID;
}

109
int git_hash_global_init()
110 111 112
{
	int error = 0;

113 114
	if (hash_prov.type != INVALID)
		return 0;
115

116 117
	if ((error = hash_cng_prov_init()) < 0)
		error = hash_cryptoapi_prov_init();
118

119
	return error;	
120 121
}

122 123 124 125 126 127 128 129
void git_hash_global_shutdown()
{
	if (hash_prov.type == CNG)
		hash_cng_prov_shutdown();
	else if(hash_prov.type == CRYPTOAPI)
		hash_cryptoapi_prov_shutdown();
}

130 131
/* CryptoAPI: available in Windows XP and newer */

132
GIT_INLINE(int) hash_ctx_cryptoapi_init(git_hash_ctx *ctx)
133 134
{
	ctx->type = CRYPTOAPI;
135
	ctx->prov = &hash_prov;
136

137
	return git_hash_init(ctx);
138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157
}

GIT_INLINE(int) hash_cryptoapi_init(git_hash_ctx *ctx)
{
	if (ctx->ctx.cryptoapi.valid)
		CryptDestroyHash(ctx->ctx.cryptoapi.hash_handle);

	if (!CryptCreateHash(ctx->prov->prov.cryptoapi.handle, CALG_SHA1, 0, 0, &ctx->ctx.cryptoapi.hash_handle)) {
		ctx->ctx.cryptoapi.valid = 0;
		return -1;
	}

	ctx->ctx.cryptoapi.valid = 1;
	return 0;
}

GIT_INLINE(int) hash_cryptoapi_update(git_hash_ctx *ctx, const void *data, size_t len)
{
	assert(ctx->ctx.cryptoapi.valid);

158
	if (!CryptHashData(ctx->ctx.cryptoapi.hash_handle, (const BYTE *)data, (DWORD)len, 0))
159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179
		return -1;

	return 0;
}

GIT_INLINE(int) hash_cryptoapi_final(git_oid *out, git_hash_ctx *ctx)
{
	DWORD len = 20;
	int error = 0;

	assert(ctx->ctx.cryptoapi.valid);

	if (!CryptGetHashParam(ctx->ctx.cryptoapi.hash_handle, HP_HASHVAL, out->id, &len, 0))
		error = -1;

	CryptDestroyHash(ctx->ctx.cryptoapi.hash_handle);
	ctx->ctx.cryptoapi.valid = 0;

	return error;
}

180
GIT_INLINE(void) hash_ctx_cryptoapi_cleanup(git_hash_ctx *ctx)
181 182 183 184 185 186 187
{
	if (ctx->ctx.cryptoapi.valid)
		CryptDestroyHash(ctx->ctx.cryptoapi.hash_handle);
}

/* CNG: Available in Windows Server 2008 and newer */

188
GIT_INLINE(int) hash_ctx_cng_init(git_hash_ctx *ctx)
189
{
190
	if ((ctx->ctx.cng.hash_object = git__malloc(hash_prov.prov.cng.hash_object_size)) == NULL)
191
		return -1;
192

193
	if (hash_prov.prov.cng.create_hash(hash_prov.prov.cng.handle, &ctx->ctx.cng.hash_handle, ctx->ctx.cng.hash_object, hash_prov.prov.cng.hash_object_size, NULL, 0, 0) < 0) {
194
		git__free(ctx->ctx.cng.hash_object);
195
		return -1;
196 197 198
	}

	ctx->type = CNG;
199
	ctx->prov = &hash_prov;
200

201
	return 0;
202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221
}

GIT_INLINE(int) hash_cng_init(git_hash_ctx *ctx)
{
	BYTE hash[GIT_OID_RAWSZ];

	if (!ctx->ctx.cng.updated)
		return 0;

	/* CNG needs to be finished to restart */
	if (ctx->prov->prov.cng.finish_hash(ctx->ctx.cng.hash_handle, hash, GIT_OID_RAWSZ, 0) < 0)
		return -1;

	ctx->ctx.cng.updated = 0;

	return 0;
}

GIT_INLINE(int) hash_cng_update(git_hash_ctx *ctx, const void *data, size_t len)
{
222
	if (ctx->prov->prov.cng.hash_data(ctx->ctx.cng.hash_handle, (PBYTE)data, (ULONG)len, 0) < 0)
223 224 225 226 227 228 229 230 231 232 233 234 235 236 237
		return -1;

	return 0;
}

GIT_INLINE(int) hash_cng_final(git_oid *out, git_hash_ctx *ctx)
{
	if (ctx->prov->prov.cng.finish_hash(ctx->ctx.cng.hash_handle, out->id, GIT_OID_RAWSZ, 0) < 0)
		return -1;

	ctx->ctx.cng.updated = 0;

	return 0;
}

238
GIT_INLINE(void) hash_ctx_cng_cleanup(git_hash_ctx *ctx)
239 240 241 242 243 244 245
{
	ctx->prov->prov.cng.destroy_hash(ctx->ctx.cng.hash_handle);
	git__free(ctx->ctx.cng.hash_object);
}

/* Indirection between CryptoAPI and CNG */

246
int git_hash_ctx_init(git_hash_ctx *ctx)
247
{
248
	int error = 0;
249

250
	assert(ctx);
251

252 253 254 255 256 257 258
	/*
	 * When compiled with GIT_THREADS, the global hash_prov data is
	 * initialized with git_threads_init.  Otherwise, it must be initialized
	 * at first use.
	 */
	if (hash_prov.type == INVALID && (error = git_hash_global_init()) < 0)
		return error;
259

260
	memset(ctx, 0x0, sizeof(git_hash_ctx));
261

262
	return (hash_prov.type == CNG) ? hash_ctx_cng_init(ctx) : hash_ctx_cryptoapi_init(ctx);
263 264
}

265
int git_hash_init(git_hash_ctx *ctx)
266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282
{
	assert(ctx && ctx->type);
	return (ctx->type == CNG) ? hash_cng_init(ctx) : hash_cryptoapi_init(ctx);
}

int git_hash_update(git_hash_ctx *ctx, const void *data, size_t len)
{
	assert(ctx && ctx->type);
	return (ctx->type == CNG) ? hash_cng_update(ctx, data, len) : hash_cryptoapi_update(ctx, data, len);
}

int git_hash_final(git_oid *out, git_hash_ctx *ctx)
{
	assert(ctx && ctx->type);
	return (ctx->type == CNG) ? hash_cng_final(out, ctx) : hash_cryptoapi_final(out, ctx);
}

283
void git_hash_ctx_cleanup(git_hash_ctx *ctx)
284
{
285
	assert(ctx);
286 287

	if (ctx->type == CNG)
288 289 290
		hash_ctx_cng_cleanup(ctx);
	else if(ctx->type == CRYPTOAPI)
		hash_ctx_cryptoapi_cleanup(ctx);
291
}