sha: support Win32 for SHA256

Adding SHA256 support prompted an overdue refactoring of some of the unnecessary complexity around the CNG/CryptoAPI abstraction.

sha: support Win32 for SHA256
Adding SHA256 support prompted an overdue refactoring of some of the unnecessary complexity around the CNG/CryptoAPI abstraction.
6a7d5d23 · Edward Thomson · 6b4a6faa · 6a7d5d23 · 6a7d5d23 · 6a7d5d23
Commit 6a7d5d23 authored Dec 13, 2021 by Edward Thomson
Expand all Hide whitespace changes
Inline Side-by-side

Showing with 28 additions and 98 deletions

cmake/SelectHashes.cmake
+2 -0

src/features.h.in
+1 -0

src/util/CMakeLists.txt
+2 -0

src/util/hash/win32.c
+0 -0

src/util/hash/win32.h
+23 -98

No files found.
--- a/cmake/SelectHashes.cmake
+++ b/cmake/SelectHashes.cmake
@@ -62,6 +62,8 @@ elseif(USE_SHA256 STREQUAL "CommonCrypto")
 	set(GIT_SHA256_COMMON_CRYPTO 1)
 elseif(USE_SHA256 STREQUAL "mbedTLS")
 	set(GIT_SHA256_MBEDTLS 1)
+elseif(USE_SHA256 STREQUAL "Win32")
+	set(GIT_SHA256_WIN32 1)
 else()
 	message(FATAL_ERROR "Asked for unknown SHA256 backend: ${USE_SHA256}")
 endif()

--- a/src/features.h.in
+++ b/src/features.h.in
@@ -49,6 +49,7 @@
 #cmakedefine GIT_SHA1_MBEDTLS 1
 #cmakedefine GIT_SHA256_BUILTIN 1
+#cmakedefine GIT_SHA256_WIN32 1
 #cmakedefine GIT_SHA256_COMMON_CRYPTO 1
 #cmakedefine GIT_SHA256_OPENSSL 1
 #cmakedefine GIT_SHA256_MBEDTLS 1

--- a/src/util/CMakeLists.txt
+++ b/src/util/CMakeLists.txt
@@ -55,6 +55,8 @@ elseif(USE_SHA256 STREQUAL "CommonCrypto")
 	file(GLOB UTIL_SRC_SHA256 hash/common_crypto.*)
 elseif(USE_SHA256 STREQUAL "mbedTLS")
 	file(GLOB UTIL_SRC_SHA256 hash/mbedtls.*)
+elseif(USE_SHA256 STREQUAL "Win32")
+	file(GLOB UTIL_SRC_SHA256 hash/win32.*)
 else()
 	message(FATAL_ERROR "Asked for unknown SHA256 backend: ${USE_SHA256}")
 endif()

--- a/src/util/hash/win32.c
+++ b/src/util/hash/win32.c
--- a/src/util/hash/win32.h
+++ b/src/util/hash/win32.h
@@ -11,118 +11,43 @@
 #include "hash/sha.h"
 #include <wincrypt.h>
-#include <strsafe.h>
-enum hash_win32_prov_type {
+typedef enum {
-	INVALID = 0,
+	GIT_HASH_WIN32_INVALID = 0,
-	CRYPTOAPI,
+	GIT_HASH_WIN32_CRYPTOAPI,
-	CNG
+	GIT_HASH_WIN32_CNG
-};
+} git_hash_win32_provider_t;
-/*
- * CryptoAPI is available for hashing on Windows XP and newer.
- */
-struct hash_cryptoapi_prov {
-	HCRYPTPROV handle;
-};
-/*
- * CNG (bcrypt.dll) is significantly more performant than CryptoAPI and is
- * preferred, however it is only available on Windows 2008 and newer and
- * must therefore be dynamically loaded, and we must inline constants that
- * would not exist when building in pre-Windows 2008 environments.
- */
-/* Function declarations for CNG */
-typedef NTSTATUS (WINAPI *hash_win32_cng_open_algorithm_provider_fn)(
-	HANDLE /* BCRYPT_ALG_HANDLE */ *phAlgorithm,
-	LPCWSTR pszAlgId,
-	LPCWSTR pszImplementation,
-	DWORD dwFlags);
-typedef NTSTATUS (WINAPI *hash_win32_cng_get_property_fn)(
-	HANDLE /* BCRYPT_HANDLE */ hObject,
-	LPCWSTR pszProperty,
-	PUCHAR pbOutput,
-	ULONG cbOutput,
-	ULONG *pcbResult,
-	ULONG dwFlags);
-typedef NTSTATUS (WINAPI *hash_win32_cng_create_hash_fn)(
-	HANDLE /* BCRYPT_ALG_HANDLE */ hAlgorithm,
-	HANDLE /* BCRYPT_HASH_HANDLE */ *phHash,
-	PUCHAR pbHashObject, ULONG cbHashObject,
-	PUCHAR pbSecret,
-	ULONG cbSecret,
-	ULONG dwFlags);
-typedef NTSTATUS (WINAPI *hash_win32_cng_finish_hash_fn)(
-	HANDLE /* BCRYPT_HASH_HANDLE */ hHash,
-	PUCHAR pbOutput,
-	ULONG cbOutput,
-	ULONG dwFlags);
-typedef NTSTATUS (WINAPI *hash_win32_cng_hash_data_fn)(
-	HANDLE /* BCRYPT_HASH_HANDLE */ hHash,
-	PUCHAR pbInput,
-	ULONG cbInput,
-	ULONG dwFlags);
-typedef NTSTATUS (WINAPI *hash_win32_cng_destroy_hash_fn)(
-	HANDLE /* BCRYPT_HASH_HANDLE */ hHash);
-typedef NTSTATUS (WINAPI *hash_win32_cng_close_algorithm_provider_fn)(
-	HANDLE /* BCRYPT_ALG_HANDLE */ hAlgorithm,
-	ULONG dwFlags);
-struct hash_cng_prov {
-	/* DLL for CNG */
-	HINSTANCE dll;
-	/* Function pointers for CNG */
+struct git_hash_win32_cryptoapi_ctx {
-	hash_win32_cng_open_algorithm_provider_fn open_algorithm_provider;
-	hash_win32_cng_get_property_fn get_property;
-	hash_win32_cng_create_hash_fn create_hash;
-	hash_win32_cng_finish_hash_fn finish_hash;
-	hash_win32_cng_hash_data_fn hash_data;
-	hash_win32_cng_destroy_hash_fn destroy_hash;
-	hash_win32_cng_close_algorithm_provider_fn close_algorithm_provider;
-	HANDLE /* BCRYPT_ALG_HANDLE */ handle;
-	DWORD hash_object_size;
-};
-typedef struct {
-	enum hash_win32_prov_type type;
-	union {
-		struct hash_cryptoapi_prov cryptoapi;
-		struct hash_cng_prov cng;
-	} prov;
-} git_hash_prov;
-/* Hash contexts */
-struct hash_cryptoapi_ctx {
 	bool valid;
 	HCRYPTHASH hash_handle;
 };
-struct hash_cng_ctx {
+struct git_hash_win32_cng_ctx {
 	bool updated;
 	HANDLE /* BCRYPT_HASH_HANDLE */ hash_handle;
 	PBYTE hash_object;
 };
-struct git_hash_sha1_ctx {
+typedef struct {
-	enum hash_win32_prov_type type;
+	ALG_ID algorithm;
-	git_hash_prov *prov;
 	union {
-		struct hash_cryptoapi_ctx cryptoapi;
+		struct git_hash_win32_cryptoapi_ctx cryptoapi;
-		struct hash_cng_ctx cng;
+		struct git_hash_win32_cng_ctx cng;
 	} ctx;
+} git_hash_win32_ctx;
+#ifdef GIT_SHA1_WIN32
+struct git_hash_sha1_ctx {
+	git_hash_win32_ctx win32;
 };
+#endif
+#ifdef GIT_SHA256_WIN32
+struct git_hash_sha256_ctx {
+	git_hash_win32_ctx win32;
+};
+#endif
 #endif