From 619e22cae7eec5736df08df4f538aa3a7c0d5733 Mon Sep 17 00:00:00 2001 From: "Dustin L. Howett" Date: Sat, 26 Jul 2025 19:17:28 -0500 Subject: [PATCH] WIP: remove WinCrypt support I am debating whether to remove the checks for bcrypt as well (it is supported on all versions of Windows currently targeted.) fixes https://github.com/libarchive/libarchive/issues/2595 --- CMakeLists.txt | 93 ++++----------------------- configure.ac | 2 +- contrib/android/config/windows_host.h | 3 - libarchive/archive.h | 2 + libarchive/archive_cryptor.c | 4 +- libarchive/archive_cryptor_private.h | 12 +--- libarchive/archive_digest.c | 69 +------------------- libarchive/archive_digest_private.h | 12 +--- libarchive/archive_hmac.c | 2 +- libarchive/archive_hmac_private.h | 2 +- libarchive/archive_random.c | 28 +------- libarchive/archive_util.c | 31 +-------- libarchive/archive_version_details.c | 24 ------- 13 files changed, 24 insertions(+), 260 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index f6651fdb8..571811784 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -778,12 +778,22 @@ IF(ENABLE_CNG) LA_CHECK_INCLUDE_FILE("bcrypt.h" HAVE_BCRYPT_H) IF(HAVE_BCRYPT_H) LIST(APPEND ADDITIONAL_LIBS "bcrypt") + # bcrypt supports these algorithms on all available versions + SET(ARCHIVE_CRYPTO_MD5 1) + SET(ARCHIVE_CRYPTO_MD5_WIN 1) + SET(ARCHIVE_CRYPTO_SHA1 1) + SET(ARCHIVE_CRYPTO_SHA1_WIN 1) + SET(ARCHIVE_CRYPTO_SHA256 1) + SET(ARCHIVE_CRYPTO_SHA256_WIN 1) + SET(ARCHIVE_CRYPTO_SHA384 1) + SET(ARCHIVE_CRYPTO_SHA384_WIN 1) + SET(ARCHIVE_CRYPTO_SHA512 1) + SET(ARCHIVE_CRYPTO_SHA512_WIN 1) ENDIF(HAVE_BCRYPT_H) ELSE(ENABLE_CNG) UNSET(HAVE_BCRYPT_H CACHE) ENDIF(ENABLE_CNG) # Following files need windows.h, so we should test it after windows.h test. -LA_CHECK_INCLUDE_FILE("wincrypt.h" HAVE_WINCRYPT_H) LA_CHECK_INCLUDE_FILE("winioctl.h" HAVE_WINIOCTL_H) # @@ -992,85 +1002,6 @@ main(int argc, char **argv) ENDFOREACH(ALGORITHM ${ALGORITHMS}) ENDMACRO(CHECK_CRYPTO ALGORITHMS IMPLEMENTATION) -# -# CRYPTO functions on Windows is defined at archive_windows.c, thus we do not -# need the test what the functions can be mapped to archive_{crypto name}_init, -# archive_{crypto name}_update and archive_{crypto name}_final. -# The functions on Windows use CALG_{crypto name} macro to create a crypt object -# and then we need to know what CALG_{crypto name} macros is available to show -# ARCHIVE_CRYPTO_{crypto name}_WIN macros because Windows 2000 and earlier version -# of Windows XP do not support SHA256, SHA384 and SHA512. -# -MACRO(CHECK_CRYPTO_WIN CRYPTO_LIST) - IF(WIN32 AND NOT CYGWIN) - FOREACH(CRYPTO ${CRYPTO_LIST}) - IF(NOT ARCHIVE_CRYPTO_${CRYPTO}) - IF(NOT DEFINED ARCHIVE_CRYPTO_${CRYPTO}_WIN) - STRING(TOUPPER "${CRYPTO}" crypto) - SET(ALGID "") - IF ("${CRYPTO}" MATCHES "^MD5$") - SET(ALGID "CALG_MD5") - ENDIF ("${CRYPTO}" MATCHES "^MD5$") - IF ("${CRYPTO}" MATCHES "^SHA1$") - SET(ALGID "CALG_SHA1") - ENDIF ("${CRYPTO}" MATCHES "^SHA1$") - IF ("${CRYPTO}" MATCHES "^SHA256$") - SET(ALGID "CALG_SHA_256") - ENDIF ("${CRYPTO}" MATCHES "^SHA256$") - IF ("${CRYPTO}" MATCHES "^SHA384$") - SET(ALGID "CALG_SHA_384") - ENDIF ("${CRYPTO}" MATCHES "^SHA384$") - IF ("${CRYPTO}" MATCHES "^SHA512$") - SET(ALGID "CALG_SHA_512") - ENDIF ("${CRYPTO}" MATCHES "^SHA512$") - - CONFIGURE_FILE(${CMAKE_CURRENT_SOURCE_DIR}/build/cmake/config.h.in - ${CMAKE_BINARY_DIR}${CMAKE_FILES_DIRECTORY}/CMakeTmp/confdefs.h) - FILE(READ "${CMAKE_BINARY_DIR}${CMAKE_FILES_DIRECTORY}/CMakeTmp/confdefs.h" - CONFDEFS_H) - - SET(SOURCE "${CONFDEFS_H} - -#define ${crypto}_COMPILE_TEST -#include -#include - -int -main(int argc, char **argv) -{ - return ${ALGID}; -} -") - SET(SOURCE_FILE "${CMAKE_BINARY_DIR}${CMAKE_FILES_DIRECTORY}/CMakeTmp/check_crypto_win.c") - - FILE(WRITE "${SOURCE_FILE}" "${SOURCE}") - MESSAGE(STATUS "Checking support for ARCHIVE_CRYPTO_${CRYPTO}_WIN") - - TRY_COMPILE(ARCHIVE_CRYPTO_${CRYPTO}_WIN - ${CMAKE_BINARY_DIR} - ${SOURCE_FILE} - CMAKE_FLAGS "-DINCLUDE_DIRECTORIES:STRING=${CMAKE_BINARY_DIR};${CMAKE_CURRENT_SOURCE_DIR}/libarchive" - OUTPUT_VARIABLE OUTPUT) - - IF (ARCHIVE_CRYPTO_${CRYPTO}_WIN) - MESSAGE(STATUS - "Checking support for ARCHIVE_CRYPTO_${CRYPTO}_WIN -- found") - SET(ARCHIVE_CRYPTO_${CRYPTO} 1) - ELSE (ARCHIVE_CRYPTO_${CRYPTO}_WIN) - MESSAGE(STATUS - "Checking support for ARCHIVE_CRYPTO_${CRYPTO}_WIN -- not found") - FILE(APPEND - ${CMAKE_BINARY_DIR}${CMAKE_FILES_DIRECTORY}/CMakeOutput.log - "Checking support for ARCHIVE_CRYPTO_${CRYPTO}_WIN failed with the following output:\n" - "${OUTPUT}\n" - "Source file was:\n${SOURCE}\n") - ENDIF (ARCHIVE_CRYPTO_${CRYPTO}_WIN) - ENDIF(NOT DEFINED ARCHIVE_CRYPTO_${CRYPTO}_WIN) - ENDIF(NOT ARCHIVE_CRYPTO_${CRYPTO}) - ENDFOREACH(CRYPTO) - ENDIF(WIN32 AND NOT CYGWIN) -ENDMACRO(CHECK_CRYPTO_WIN CRYPTO_LIST) - # # Find iconv # POSIX defines the second arg as const char ** @@ -2179,8 +2110,6 @@ CHECK_CRYPTO("MD5;RMD160;SHA1;SHA256;SHA384;SHA512" OPENSSL) # Libmd has to be probed after OpenSSL. CHECK_CRYPTO("MD5;RMD160;SHA1;SHA256;SHA512" LIBMD) -CHECK_CRYPTO_WIN("MD5;SHA1;SHA256;SHA384;SHA512") - # Check visibility annotations SET(OLD_CMAKE_REQUIRED_FLAGS "${CMAKE_REQUIRED_FLAGS}") SET(CMAKE_REQUIRED_FLAGS "${CMAKE_REQUIRED_FLAGS} -fvisibility=hidden -Werror") diff --git a/configure.ac b/configure.ac index 33e7fee8e..128a11318 100644 --- a/configure.ac +++ b/configure.ac @@ -377,7 +377,7 @@ AC_CHECK_HEADERS([time.h unistd.h utime.h wchar.h wctype.h]) AC_CHECK_TYPE([suseconds_t]) AC_CHECK_HEADERS([windows.h]) # check windows.h first; the other headers require it. -AC_CHECK_HEADERS([wincrypt.h winioctl.h],[],[], +AC_CHECK_HEADERS([winioctl.h],[],[], [[#ifdef HAVE_WINDOWS_H # include #endif diff --git a/contrib/android/config/windows_host.h b/contrib/android/config/windows_host.h index 2e24be1d3..2eb9a8df6 100644 --- a/contrib/android/config/windows_host.h +++ b/contrib/android/config/windows_host.h @@ -899,9 +899,6 @@ /* Define to 1 if you have the header file. */ #define HAVE_WCTYPE_H 1 -/* Define to 1 if you have the header file. */ -#define HAVE_WINCRYPT_H 1 - /* Define to 1 if you have the header file. */ #define HAVE_WINDOWS_H 1 diff --git a/libarchive/archive.h b/libarchive/archive.h index dceb5558f..9a1d5ade0 100644 --- a/libarchive/archive.h +++ b/libarchive/archive.h @@ -210,7 +210,9 @@ __LA_DECL const char * archive_openssl_version(void); __LA_DECL const char * archive_libmd_version(void); __LA_DECL const char * archive_commoncrypto_version(void); __LA_DECL const char * archive_cng_version(void); +#if ARCHIVE_VERSION_NUMBER < 4000000 __LA_DECL const char * archive_wincrypt_version(void); +#endif __LA_DECL const char * archive_librichacl_version(void); __LA_DECL const char * archive_libacl_version(void); __LA_DECL const char * archive_libattr_version(void); diff --git a/libarchive/archive_cryptor.c b/libarchive/archive_cryptor.c index 9f03f9ca6..33ee0d2b6 100644 --- a/libarchive/archive_cryptor.c +++ b/libarchive/archive_cryptor.c @@ -57,7 +57,7 @@ pbkdf2_sha1(const char *pw, size_t pw_len, const uint8_t *salt, return 0; } -#elif defined(_WIN32) && !defined(__CYGWIN__) && defined(HAVE_BCRYPT_H) && _WIN32_WINNT >= _WIN32_WINNT_VISTA +#elif defined(_WIN32) && !defined(__CYGWIN__) && defined(HAVE_BCRYPT_H) #ifdef _MSC_VER #pragma comment(lib, "Bcrypt.lib") #endif @@ -197,7 +197,7 @@ aes_ctr_release(archive_crypto_ctx *ctx) return 0; } -#elif defined(_WIN32) && !defined(__CYGWIN__) && defined(HAVE_BCRYPT_H) && _WIN32_WINNT >= _WIN32_WINNT_VISTA +#elif defined(_WIN32) && !defined(__CYGWIN__) && defined(HAVE_BCRYPT_H) static int aes_ctr_init(archive_crypto_ctx *ctx, const uint8_t *key, size_t key_len) diff --git a/libarchive/archive_cryptor_private.h b/libarchive/archive_cryptor_private.h index 1dbc5c17a..3ba36e608 100644 --- a/libarchive/archive_cryptor_private.h +++ b/libarchive/archive_cryptor_private.h @@ -62,7 +62,7 @@ typedef struct { unsigned encr_pos; } archive_crypto_ctx; -#elif defined(_WIN32) && !defined(__CYGWIN__) && defined(HAVE_BCRYPT_H) && _WIN32_WINNT >= _WIN32_WINNT_VISTA +#elif defined(_WIN32) && !defined(__CYGWIN__) && defined(HAVE_BCRYPT_H) #include #define ARCHIVE_CRYPTOR_USE_CNG 1 @@ -144,16 +144,6 @@ typedef struct { #else -#if defined(ARCHIVE_CRYPTO_MD5_WIN) ||\ - defined(ARCHIVE_CRYPTO_SHA1_WIN) ||\ - defined(ARCHIVE_CRYPTO_SHA256_WIN) ||\ - defined(ARCHIVE_CRYPTO_SHA384_WIN) ||\ - defined(ARCHIVE_CRYPTO_SHA512_WIN) -#if defined(_WIN32) && !defined(__CYGWIN__) && !(defined(HAVE_BCRYPT_H) && _WIN32_WINNT >= _WIN32_WINNT_VISTA) -#define ARCHIVE_CRYPTOR_USE_WINCRYPT 1 -#endif -#endif - #define AES_BLOCK_SIZE 16 #define AES_MAX_KEY_SIZE 32 typedef int archive_crypto_ctx; diff --git a/libarchive/archive_digest.c b/libarchive/archive_digest.c index 45fc36af1..ab6db12be 100644 --- a/libarchive/archive_digest.c +++ b/libarchive/archive_digest.c @@ -44,16 +44,11 @@ /* * Message digest functions for Windows platform. */ -#if defined(ARCHIVE_CRYPTO_MD5_WIN) ||\ - defined(ARCHIVE_CRYPTO_SHA1_WIN) ||\ - defined(ARCHIVE_CRYPTO_SHA256_WIN) ||\ - defined(ARCHIVE_CRYPTO_SHA384_WIN) ||\ - defined(ARCHIVE_CRYPTO_SHA512_WIN) +#if defined(HAVE_BCRYPT_H) /* * Initialize a Message digest. */ -#if defined(HAVE_BCRYPT_H) && _WIN32_WINNT >= _WIN32_WINNT_VISTA static int win_crypto_init(Digest_CTX *ctx, const WCHAR *algo) { @@ -72,30 +67,6 @@ win_crypto_init(Digest_CTX *ctx, const WCHAR *algo) ctx->valid = 1; return (ARCHIVE_OK); } -#else -static int -win_crypto_init(Digest_CTX *ctx, DWORD prov, ALG_ID algId) -{ - - ctx->valid = 0; - if (!CryptAcquireContext(&ctx->cryptProv, NULL, NULL, - prov, CRYPT_VERIFYCONTEXT)) { - if (GetLastError() != (DWORD)NTE_BAD_KEYSET) - return (ARCHIVE_FAILED); - if (!CryptAcquireContext(&ctx->cryptProv, NULL, NULL, - prov, CRYPT_NEWKEYSET)) - return (ARCHIVE_FAILED); - } - - if (!CryptCreateHash(ctx->cryptProv, algId, 0, 0, &ctx->hash)) { - CryptReleaseContext(ctx->cryptProv, 0); - return (ARCHIVE_FAILED); - } - - ctx->valid = 1; - return (ARCHIVE_OK); -} -#endif /* * Update a Message digest. @@ -107,42 +78,26 @@ win_crypto_Update(Digest_CTX *ctx, const unsigned char *buf, size_t len) if (!ctx->valid) return (ARCHIVE_FAILED); -#if defined(HAVE_BCRYPT_H) && _WIN32_WINNT >= _WIN32_WINNT_VISTA BCryptHashData(ctx->hHash, (PUCHAR)(uintptr_t)buf, (ULONG)len, 0); -#else - CryptHashData(ctx->hash, - (unsigned char *)(uintptr_t)buf, - (DWORD)len, 0); -#endif return (ARCHIVE_OK); } static int win_crypto_Final(unsigned char *buf, size_t bufsize, Digest_CTX *ctx) { -#if !(defined(HAVE_BCRYPT_H) && _WIN32_WINNT >= _WIN32_WINNT_VISTA) - DWORD siglen = (DWORD)bufsize; -#endif - if (!ctx->valid) return (ARCHIVE_FAILED); -#if defined(HAVE_BCRYPT_H) && _WIN32_WINNT >= _WIN32_WINNT_VISTA BCryptFinishHash(ctx->hHash, buf, (ULONG)bufsize, 0); BCryptDestroyHash(ctx->hHash); BCryptCloseAlgorithmProvider(ctx->hAlg, 0); -#else - CryptGetHashParam(ctx->hash, HP_HASHVAL, buf, &siglen, 0); - CryptDestroyHash(ctx->hash); - CryptReleaseContext(ctx->cryptProv, 0); -#endif ctx->valid = 0; return (ARCHIVE_OK); } -#endif /* defined(ARCHIVE_CRYPTO_*_WIN) */ +#endif /* defined(HAVE_BCRYPT_H) */ /* MD5 implementations */ @@ -234,11 +189,7 @@ __archive_md5final(archive_md5_ctx *ctx, void *md) static int __archive_md5init(archive_md5_ctx *ctx) { -#if defined(HAVE_BCRYPT_H) && _WIN32_WINNT >= _WIN32_WINNT_VISTA return (win_crypto_init(ctx, BCRYPT_MD5_ALGORITHM)); -#else - return (win_crypto_init(ctx, PROV_RSA_FULL, CALG_MD5)); -#endif } static int @@ -645,11 +596,7 @@ __archive_sha1final(archive_sha1_ctx *ctx, void *md) static int __archive_sha1init(archive_sha1_ctx *ctx) { -#if defined(HAVE_BCRYPT_H) && _WIN32_WINNT >= _WIN32_WINNT_VISTA return (win_crypto_init(ctx, BCRYPT_SHA1_ALGORITHM)); -#else - return (win_crypto_init(ctx, PROV_RSA_FULL, CALG_SHA1)); -#endif } static int @@ -925,11 +872,7 @@ __archive_sha256final(archive_sha256_ctx *ctx, void *md) static int __archive_sha256init(archive_sha256_ctx *ctx) { -#if defined(HAVE_BCRYPT_H) && _WIN32_WINNT >= _WIN32_WINNT_VISTA return (win_crypto_init(ctx, BCRYPT_SHA256_ALGORITHM)); -#else - return (win_crypto_init(ctx, PROV_RSA_AES, CALG_SHA_256)); -#endif } static int @@ -1177,11 +1120,7 @@ __archive_sha384final(archive_sha384_ctx *ctx, void *md) static int __archive_sha384init(archive_sha384_ctx *ctx) { -#if defined(HAVE_BCRYPT_H) && _WIN32_WINNT >= _WIN32_WINNT_VISTA return (win_crypto_init(ctx, BCRYPT_SHA384_ALGORITHM)); -#else - return (win_crypto_init(ctx, PROV_RSA_AES, CALG_SHA_384)); -#endif } static int @@ -1453,11 +1392,7 @@ __archive_sha512final(archive_sha512_ctx *ctx, void *md) static int __archive_sha512init(archive_sha512_ctx *ctx) { -#if defined(HAVE_BCRYPT_H) && _WIN32_WINNT >= _WIN32_WINNT_VISTA return (win_crypto_init(ctx, BCRYPT_SHA512_ALGORITHM)); -#else - return (win_crypto_init(ctx, PROV_RSA_AES, CALG_SHA_512)); -#endif } static int diff --git a/libarchive/archive_digest_private.h b/libarchive/archive_digest_private.h index deb134e4f..7db999450 100644 --- a/libarchive/archive_digest_private.h +++ b/libarchive/archive_digest_private.h @@ -165,8 +165,7 @@ defined(ARCHIVE_CRYPTO_SHA256_WIN) ||\ defined(ARCHIVE_CRYPTO_SHA384_WIN) ||\ defined(ARCHIVE_CRYPTO_SHA512_WIN) -#if defined(HAVE_BCRYPT_H) && _WIN32_WINNT >= _WIN32_WINNT_VISTA -/* don't use bcrypt when XP needs to be supported */ +#if defined(HAVE_BCRYPT_H) #include #define ARCHIVE_CRYPTO_CNG 1 typedef struct { @@ -174,15 +173,6 @@ typedef struct { BCRYPT_ALG_HANDLE hAlg; BCRYPT_HASH_HANDLE hHash; } Digest_CTX; -#else -#include -#include -#define ARCHIVE_CRYPTO_WINCRYPT 1 -typedef struct { - int valid; - HCRYPTPROV cryptProv; - HCRYPTHASH hash; -} Digest_CTX; #endif #endif diff --git a/libarchive/archive_hmac.c b/libarchive/archive_hmac.c index 210cca707..edb3bf5ab 100644 --- a/libarchive/archive_hmac.c +++ b/libarchive/archive_hmac.c @@ -74,7 +74,7 @@ __hmac_sha1_cleanup(archive_hmac_sha1_ctx *ctx) memset(ctx, 0, sizeof(*ctx)); } -#elif defined(_WIN32) && !defined(__CYGWIN__) && defined(HAVE_BCRYPT_H) && _WIN32_WINNT >= _WIN32_WINNT_VISTA +#elif defined(_WIN32) && !defined(__CYGWIN__) && defined(HAVE_BCRYPT_H) #ifndef BCRYPT_HASH_REUSABLE_FLAG # define BCRYPT_HASH_REUSABLE_FLAG 0x00000020 diff --git a/libarchive/archive_hmac_private.h b/libarchive/archive_hmac_private.h index 36b8e3320..af00beadb 100644 --- a/libarchive/archive_hmac_private.h +++ b/libarchive/archive_hmac_private.h @@ -52,7 +52,7 @@ int __libarchive_hmac_build_hack(void); typedef CCHmacContext archive_hmac_sha1_ctx; -#elif defined(_WIN32) && !defined(__CYGWIN__) && defined(HAVE_BCRYPT_H) && _WIN32_WINNT >= _WIN32_WINNT_VISTA +#elif defined(_WIN32) && !defined(__CYGWIN__) && defined(HAVE_BCRYPT_H) #include typedef struct { diff --git a/libarchive/archive_random.c b/libarchive/archive_random.c index 8c48d2d3b..cf7adc829 100644 --- a/libarchive/archive_random.c +++ b/libarchive/archive_random.c @@ -57,19 +57,13 @@ static void la_arc4random_buf(void *, size_t); #include "archive.h" #include "archive_random_private.h" -#if defined(_WIN32) && !defined(__CYGWIN__) -#if defined(HAVE_BCRYPT_H) && _WIN32_WINNT >= _WIN32_WINNT_VISTA -/* don't use bcrypt when XP needs to be supported */ +#if defined(_WIN32) && !defined(__CYGWIN__) && defined(HAVE_BCRYPT_H) #include /* Common in other bcrypt implementations, but missing from VS2008. */ #ifndef BCRYPT_SUCCESS #define BCRYPT_SUCCESS(r) ((NTSTATUS)(r) == STATUS_SUCCESS) #endif - -#elif defined(HAVE_WINCRYPT_H) -#include -#endif #endif #ifndef O_CLOEXEC @@ -85,7 +79,6 @@ int archive_random(void *buf, size_t nbytes) { #if defined(_WIN32) && !defined(__CYGWIN__) -# if defined(HAVE_BCRYPT_H) && _WIN32_WINNT >= _WIN32_WINNT_VISTA NTSTATUS status; BCRYPT_ALG_HANDLE hAlg; @@ -98,25 +91,6 @@ archive_random(void *buf, size_t nbytes) return ARCHIVE_FAILED; return ARCHIVE_OK; -# else - HCRYPTPROV hProv; - BOOL success; - - success = CryptAcquireContext(&hProv, NULL, NULL, PROV_RSA_FULL, - CRYPT_VERIFYCONTEXT); - if (!success && GetLastError() == (DWORD)NTE_BAD_KEYSET) { - success = CryptAcquireContext(&hProv, NULL, NULL, - PROV_RSA_FULL, CRYPT_NEWKEYSET); - } - if (success) { - success = CryptGenRandom(hProv, (DWORD)nbytes, (BYTE*)buf); - CryptReleaseContext(hProv, 0); - if (success) - return ARCHIVE_OK; - } - /* TODO: Does this case really happen? */ - return ARCHIVE_FAILED; -# endif #elif !defined(HAVE_ARC4RANDOM_BUF) && (!defined(_WIN32) || defined(__CYGWIN__)) la_arc4random_buf(buf, nbytes); return ARCHIVE_OK; diff --git a/libarchive/archive_util.c b/libarchive/archive_util.c index 900abd0c3..7c9ba1c16 100644 --- a/libarchive/archive_util.c +++ b/libarchive/archive_util.c @@ -42,17 +42,13 @@ #include #endif #if defined(_WIN32) && !defined(__CYGWIN__) -#if defined(HAVE_BCRYPT_H) && _WIN32_WINNT >= _WIN32_WINNT_VISTA -/* don't use bcrypt when XP needs to be supported */ +#if defined(HAVE_BCRYPT_H) #include /* Common in other bcrypt implementations, but missing from VS2008. */ #ifndef BCRYPT_SUCCESS #define BCRYPT_SUCCESS(r) ((NTSTATUS)(r) == STATUS_SUCCESS) #endif - -#elif defined(HAVE_WINCRYPT_H) -#include #endif #endif #ifdef HAVE_ZLIB_H @@ -250,11 +246,7 @@ __archive_mktempx(const char *tmpdir, wchar_t *template) DWORD attr; wchar_t *xp, *ep; int fd; -#if defined(HAVE_BCRYPT_H) && _WIN32_WINNT >= _WIN32_WINNT_VISTA BCRYPT_ALG_HANDLE hAlg = NULL; -#else - HCRYPTPROV hProv = (HCRYPTPROV)NULL; -#endif fd = -1; ws = NULL; archive_string_init(&temp_name); @@ -328,19 +320,11 @@ __archive_mktempx(const char *tmpdir, wchar_t *template) abort(); } -#if defined(HAVE_BCRYPT_H) && _WIN32_WINNT >= _WIN32_WINNT_VISTA if (!BCRYPT_SUCCESS(BCryptOpenAlgorithmProvider(&hAlg, BCRYPT_RNG_ALGORITHM, NULL, 0))) { la_dosmaperr(GetLastError()); goto exit_tmpfile; } -#else - if (!CryptAcquireContext(&hProv, NULL, NULL, PROV_RSA_FULL, - CRYPT_VERIFYCONTEXT)) { - la_dosmaperr(GetLastError()); - goto exit_tmpfile; - } -#endif for (;;) { wchar_t *p; @@ -351,19 +335,11 @@ __archive_mktempx(const char *tmpdir, wchar_t *template) /* Generate a random file name through CryptGenRandom(). */ p = xp; -#if defined(HAVE_BCRYPT_H) && _WIN32_WINNT >= _WIN32_WINNT_VISTA if (!BCRYPT_SUCCESS(BCryptGenRandom(hAlg, (PUCHAR)p, (DWORD)(ep - p)*sizeof(wchar_t), 0))) { la_dosmaperr(GetLastError()); goto exit_tmpfile; } -#else - if (!CryptGenRandom(hProv, (DWORD)(ep - p)*sizeof(wchar_t), - (BYTE*)p)) { - la_dosmaperr(GetLastError()); - goto exit_tmpfile; - } -#endif for (; p < ep; p++) *p = num[((DWORD)*p) % (sizeof(num)/sizeof(num[0]))]; @@ -417,13 +393,8 @@ __archive_mktempx(const char *tmpdir, wchar_t *template) break;/* success! */ } exit_tmpfile: -#if defined(HAVE_BCRYPT_H) && _WIN32_WINNT >= _WIN32_WINNT_VISTA if (hAlg != NULL) BCryptCloseAlgorithmProvider(hAlg, 0); -#else - if (hProv != (HCRYPTPROV)NULL) - CryptReleaseContext(hProv, 0); -#endif free(ws); if (template == temp_name.s) archive_wstring_free(&temp_name); diff --git a/libarchive/archive_version_details.c b/libarchive/archive_version_details.c index 0cf92db73..5adfab9da 100644 --- a/libarchive/archive_version_details.c +++ b/libarchive/archive_version_details.c @@ -157,10 +157,6 @@ archive_crypto_version(struct archive_string* str) #if defined(ARCHIVE_CRYPTOR_USE_LIBMD) archive_strcat(str, " libmd/"); archive_strcat(str, archive_libmd_version()); -#endif -#if defined(ARCHIVE_CRYPTOR_USE_WINCRYPT) - archive_strcat(str, " WinCrypt/"); - archive_strcat(str, archive_wincrypt_version()); #endif // Just in case (void)str; /* UNUSED */ @@ -431,27 +427,7 @@ archive_cng_version(void) const char * archive_wincrypt_version(void) { -#if defined(ARCHIVE_CRYPTOR_USE_WINCRYPT) || defined(ARCHIVE_CRYPTO_WINCRYPT) - HCRYPTPROV prov; - if (!CryptAcquireContext(&prov, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)) { - if (GetLastError() != (DWORD)NTE_BAD_KEYSET) - return NULL; - if (!CryptAcquireContext(&prov, NULL, NULL, PROV_RSA_FULL, CRYPT_NEWKEYSET)) - return NULL; - } - DWORD version, length = sizeof(version); - if (!CryptGetProvParam(prov, PP_VERSION, (BYTE *)&version, &length, 0)) { - return NULL; - } else { - char major = (version >> 8) & 0xFF; - char minor = version & 0xFF; - static char wincrypt_version[6]; - snprintf(wincrypt_version, 6, "%hhd.%hhd", major, minor); - return wincrypt_version; - } -#else return NULL; -#endif } const char * -- 2.47.3