diff --git a/libmariadb/secure/win_crypt.c b/libmariadb/secure/win_crypt.c index 77194e8a..afe9e6e3 100644 --- a/libmariadb/secure/win_crypt.c +++ b/libmariadb/secure/win_crypt.c @@ -21,22 +21,19 @@ #include #include -BCRYPT_ALG_HANDLE Sha256Prov= 0; -BCRYPT_ALG_HANDLE Sha512Prov= 0; -BCRYPT_ALG_HANDLE RsaProv= 0; - -static LPCWSTR ma_hash_get_algorithm(unsigned int alg, BCRYPT_ALG_HANDLE *algHdl) +static LPCWSTR ma_hash_get_algorithm(unsigned int alg) { switch(alg) { + case MA_HASH_SHA1: + return BCRYPT_SHA1_ALGORITHM; case MA_HASH_SHA256: - *algHdl= Sha256Prov; return BCRYPT_SHA256_ALGORITHM; + case MA_HASH_SHA384: + return BCRYPT_SHA384_ALGORITHM; case MA_HASH_SHA512: - *algHdl= Sha512Prov; return BCRYPT_SHA512_ALGORITHM; default: - *algHdl= 0; return NULL; } } @@ -48,27 +45,40 @@ MA_HASH_CTX *ma_hash_new(unsigned int algorithm, MA_HASH_CTX *ctx) LPCWSTR alg; BCRYPT_ALG_HANDLE algHdl= 0; - alg= ma_hash_get_algorithm(algorithm, &algHdl); + alg= ma_hash_get_algorithm(algorithm); - if (!alg || !algHdl) + if (!alg) return NULL; - if (BCryptGetProperty(algHdl, BCRYPT_OBJECT_LENGTH, - (PBYTE)&cbObjSize, sizeof(DWORD), - &cbData, 0) < 0) - goto error; - if (!newctx) { newctx= (MA_HASH_CTX *)calloc(1, sizeof(MA_HASH_CTX)); newctx->free_me= 1; + } else { + char tmp_freeme= newctx->free_me; + BCRYPT_ALG_HANDLE tmp_alg= newctx->hAlg; + + newctx->free_me= 0; + newctx->hAlg = 0; + + ma_hash_free(newctx); + + newctx->free_me= tmp_freeme; + newctx->hAlg= tmp_alg; } - else - memset(newctx, 0, sizeof(MA_HASH_CTX)); + + if (!newctx->hAlg) + if (BCryptOpenAlgorithmProvider(&newctx->hAlg, alg, NULL, 0)) + goto error; + + if (BCryptGetProperty(newctx->hAlg, BCRYPT_OBJECT_LENGTH, + (PBYTE)&cbObjSize, sizeof(DWORD), + &cbData, 0) < 0) + goto error; newctx->hashObject= (PBYTE)malloc(cbObjSize); newctx->digest_len= (DWORD)ma_hash_digest_size(algorithm); - BCryptCreateHash(algHdl, &newctx->hHash, newctx->hashObject, cbObjSize, NULL, 0, 0); + BCryptCreateHash(newctx->hAlg, &newctx->hHash, newctx->hashObject, cbObjSize, NULL, 0, 0); return newctx; error: @@ -85,6 +95,8 @@ void ma_hash_free(MA_HASH_CTX *ctx) BCryptDestroyHash(ctx->hHash); if (ctx->hashObject) free(ctx->hashObject); + if (ctx->hAlg) + BCryptCloseAlgorithmProvider(ctx->hAlg, 0); if (ctx->free_me) free(ctx); } diff --git a/plugins/auth/caching_sha2_pw.c b/plugins/auth/caching_sha2_pw.c index 391f64d6..fa5a354d 100644 --- a/plugins/auth/caching_sha2_pw.c +++ b/plugins/auth/caching_sha2_pw.c @@ -52,8 +52,6 @@ #include #include -extern BCRYPT_ALG_HANDLE RsaProv; -extern BCRYPT_ALG_HANDLE Sha256Prov; #endif #include @@ -460,10 +458,6 @@ static int auth_caching_sha2_init(char *unused1 __attribute__((unused)), int unused3 __attribute__((unused)), va_list unused4 __attribute__((unused))) { -#if defined(HAVE_WINCRYPT) - BCryptOpenAlgorithmProvider(&Sha256Prov, BCRYPT_SHA256_ALGORITHM, NULL, 0); - BCryptOpenAlgorithmProvider(&RsaProv, BCRYPT_RSA_ALGORITHM, NULL, 0); -#endif return 0; } /* }}} */ @@ -471,10 +465,6 @@ static int auth_caching_sha2_init(char *unused1 __attribute__((unused)), /* {{{ auth_caching_sha2_deinit */ static int auth_caching_sha2_deinit(void) { -#if defined(HAVE_WINCRYPT) - BCryptCloseAlgorithmProvider(Sha256Prov, 0); - BCryptCloseAlgorithmProvider(RsaProv, 0); -#endif return 0; } /* }}} */ diff --git a/plugins/auth/ed25519.c b/plugins/auth/ed25519.c index e0b9333e..38b896f8 100644 --- a/plugins/auth/ed25519.c +++ b/plugins/auth/ed25519.c @@ -45,7 +45,6 @@ #include #include #include -extern BCRYPT_ALG_HANDLE Sha512Prov; #elif defined(HAVE_OPENSSL) #include #include @@ -123,9 +122,6 @@ static int auth_ed25519_init(char *unused1 __attribute__((unused)), int unused3 __attribute__((unused)), va_list unused4 __attribute__((unused))) { -#if defined(HAVE_WINCRYPT) - BCryptOpenAlgorithmProvider(&Sha512Prov, BCRYPT_SHA512_ALGORITHM, NULL, 0); -#endif return 0; } /* }}} */ @@ -133,9 +129,6 @@ static int auth_ed25519_init(char *unused1 __attribute__((unused)), /* {{{ auth_ed25519_deinit */ static int auth_ed25519_deinit(void) { -#if defined(HAVE_WINCRYPT) - BCryptCloseAlgorithmProvider(Sha512Prov, 0); -#endif return 0; } /* }}} */