include/svl/cryptosign.hxx | 3 svl/source/crypto/cryptosign.cxx | 21 ----- xmlsecurity/source/xmlsec/mscrypt/securityenvironment_mscryptimpl.cxx | 36 ++-------- 3 files changed, 12 insertions(+), 48 deletions(-)
New commits: commit 954f59db6cddc79d1f629fafc53ad20b6c4a14de Author: Miklos Vajna <vmik...@collabora.co.uk> AuthorDate: Wed Aug 8 23:10:52 2018 +0200 Commit: Miklos Vajna <vmik...@collabora.co.uk> CommitDate: Thu Aug 9 09:13:51 2018 +0200 svl windows: remove last traces of pre-CNG signing Mostly only the certificate selector was left + the global runtime switch. Change-Id: I11e8e0920806eb61848512df6dea48c594febfe4 Reviewed-on: https://gerrit.libreoffice.org/58751 Tested-by: Jenkins Reviewed-by: Miklos Vajna <vmik...@collabora.co.uk> diff --git a/include/svl/cryptosign.hxx b/include/svl/cryptosign.hxx index b70b995b23b9..eacb4d78af25 100644 --- a/include/svl/cryptosign.hxx +++ b/include/svl/cryptosign.hxx @@ -86,9 +86,6 @@ private: OUString m_aSignPassword; }; -/// Decides if SVL_CRYPTO_MSCRYPTO uses the new CNG API or not. -SVL_DLLPUBLIC bool isMSCng(); - } } diff --git a/svl/source/crypto/cryptosign.cxx b/svl/source/crypto/cryptosign.cxx index a9258a5c607c..0e86664c28c1 100644 --- a/svl/source/crypto/cryptosign.cxx +++ b/svl/source/crypto/cryptosign.cxx @@ -1402,15 +1402,9 @@ bool Signing::Sign(OStringBuffer& rCMSHexBuffer) aPara.cMsgCert = 1; aPara.rgpMsgCert = &pCertContext; - HCRYPTPROV hCryptProv = 0; NCRYPT_KEY_HANDLE hCryptKey = 0; - DWORD dwFlags = CRYPT_ACQUIRE_CACHE_FLAG; - HCRYPTPROV_OR_NCRYPT_KEY_HANDLE* phCryptProvOrNCryptKey = &hCryptProv; - if (svl::crypto::isMSCng()) - { - dwFlags |= CRYPT_ACQUIRE_ONLY_NCRYPT_KEY_FLAG; - phCryptProvOrNCryptKey = &hCryptKey; - } + DWORD dwFlags = CRYPT_ACQUIRE_CACHE_FLAG | CRYPT_ACQUIRE_ONLY_NCRYPT_KEY_FLAG; + HCRYPTPROV_OR_NCRYPT_KEY_HANDLE* phCryptProvOrNCryptKey = &hCryptKey; DWORD nKeySpec; BOOL bFreeNeeded; @@ -1432,10 +1426,7 @@ bool Signing::Sign(OStringBuffer& rCMSHexBuffer) memset(&aSignerInfo, 0, sizeof(aSignerInfo)); aSignerInfo.cbSize = sizeof(aSignerInfo); aSignerInfo.pCertInfo = pCertContext->pCertInfo; - if (!svl::crypto::isMSCng()) - aSignerInfo.hCryptProv = hCryptProv; - else - aSignerInfo.hNCryptKey = hCryptKey; + aSignerInfo.hNCryptKey = hCryptKey; aSignerInfo.dwKeySpec = nKeySpec; aSignerInfo.HashAlgorithm.pszObjId = const_cast<LPSTR>(szOID_NIST_sha256); aSignerInfo.HashAlgorithm.Parameters.cbData = 0; @@ -2421,12 +2412,6 @@ bool Signing::Verify(SvStream& rStream, #endif } -bool isMSCng() -{ - static bool bNoMSCng = getenv("SVL_CRYPTO_NOCNG"); - return !bNoMSCng; -} - } } diff --git a/xmlsecurity/source/xmlsec/mscrypt/securityenvironment_mscryptimpl.cxx b/xmlsecurity/source/xmlsec/mscrypt/securityenvironment_mscryptimpl.cxx index 9e2ccf928a08..b03a4945f42d 100644 --- a/xmlsecurity/source/xmlsec/mscrypt/securityenvironment_mscryptimpl.cxx +++ b/xmlsecurity/source/xmlsec/mscrypt/securityenvironment_mscryptimpl.cxx @@ -344,7 +344,6 @@ uno::Sequence< uno::Reference < XCertificate > > SecurityEnvironment_MSCryptImpl if( m_bEnableDefault ) { HCERTSTORE hSystemKeyStore ; DWORD dwKeySpec; - HCRYPTPROV hCryptProv; NCRYPT_KEY_HANDLE hCryptKey; #ifdef SAL_LOG_INFO @@ -357,13 +356,8 @@ uno::Sequence< uno::Reference < XCertificate > > SecurityEnvironment_MSCryptImpl while (pCertContext) { // for checking whether the certificate is a personal certificate or not. - DWORD dwFlags = CRYPT_ACQUIRE_COMPARE_KEY_FLAG; - HCRYPTPROV_OR_NCRYPT_KEY_HANDLE* phCryptProvOrNCryptKey = &hCryptProv; - if (svl::crypto::isMSCng()) - { - dwFlags |= CRYPT_ACQUIRE_ONLY_NCRYPT_KEY_FLAG; - phCryptProvOrNCryptKey = &hCryptKey; - } + DWORD dwFlags = CRYPT_ACQUIRE_COMPARE_KEY_FLAG | CRYPT_ACQUIRE_ONLY_NCRYPT_KEY_FLAG; + HCRYPTPROV_OR_NCRYPT_KEY_HANDLE* phCryptProvOrNCryptKey = &hCryptKey; if(!(CryptAcquireCertificatePrivateKey(pCertContext, dwFlags, nullptr, @@ -977,15 +971,9 @@ sal_Int32 SecurityEnvironment_MSCryptImpl::getCertificateCharacters( const css:: { BOOL fCallerFreeProv ; DWORD dwKeySpec ; - HCRYPTPROV hProv ; NCRYPT_KEY_HANDLE hKey = 0; - DWORD dwFlags = 0; - HCRYPTPROV_OR_NCRYPT_KEY_HANDLE* phCryptProvOrNCryptKey = &hProv; - if (svl::crypto::isMSCng()) - { - dwFlags |= CRYPT_ACQUIRE_ONLY_NCRYPT_KEY_FLAG; - phCryptProvOrNCryptKey = &hKey; - } + DWORD dwFlags = CRYPT_ACQUIRE_ONLY_NCRYPT_KEY_FLAG; + HCRYPTPROV_OR_NCRYPT_KEY_HANDLE* phCryptProvOrNCryptKey = &hKey; if( CryptAcquireCertificatePrivateKey( pCertContext , dwFlags, nullptr , @@ -995,9 +983,7 @@ sal_Int32 SecurityEnvironment_MSCryptImpl::getCertificateCharacters( const css:: ) { characters |= css::security::CertificateCharacters::HAS_PRIVATE_KEY ; - if( hProv != NULL && fCallerFreeProv ) - CryptReleaseContext( hProv, 0 ) ; - else if (hKey && fCallerFreeProv) + if (hKey && fCallerFreeProv) NCryptFreeObject(hKey); } else { characters &= ~ css::security::CertificateCharacters::HAS_PRIVATE_KEY ; @@ -1056,8 +1042,7 @@ xmlSecKeysMngrPtr SecurityEnvironment_MSCryptImpl::createKeysManager() { m_hMySystemStore = nullptr; throw uno::RuntimeException() ; } - if (svl::crypto::isMSCng()) - m_hMySystemStore = nullptr; + m_hMySystemStore = nullptr; } //Add system root store into the keys manager. @@ -1068,8 +1053,7 @@ xmlSecKeysMngrPtr SecurityEnvironment_MSCryptImpl::createKeysManager() { m_hRootSystemStore = nullptr; throw uno::RuntimeException() ; } - if (svl::crypto::isMSCng()) - m_hRootSystemStore = nullptr; + m_hRootSystemStore = nullptr; } //Add system trusted store into the keys manager. @@ -1080,8 +1064,7 @@ xmlSecKeysMngrPtr SecurityEnvironment_MSCryptImpl::createKeysManager() { m_hTrustSystemStore = nullptr; throw uno::RuntimeException() ; } - if (svl::crypto::isMSCng()) - m_hTrustSystemStore = nullptr; + m_hTrustSystemStore = nullptr; } //Add system CA store into the keys manager. @@ -1092,8 +1075,7 @@ xmlSecKeysMngrPtr SecurityEnvironment_MSCryptImpl::createKeysManager() { m_hCaSystemStore = nullptr; throw uno::RuntimeException() ; } - if (svl::crypto::isMSCng()) - m_hCaSystemStore = nullptr; + m_hCaSystemStore = nullptr; } } _______________________________________________ Libreoffice-commits mailing list libreoffice-comm...@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/libreoffice-commits