Fix Windows build: use *mut c_void for BCrypt handles

windows-sys 0.59 changed BCRYPT_ALG_HANDLE from usize to *mut c_void.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

Author: crisdosaygo

crates/crypto/src/windows.rs

@@ -4,11 +4,15 @@
 // API, which is the OS-provided FIPS-validated crypto surface on Windows.
 
 use crate::{KEY_LEN, PBKDF2_ITERATIONS};
+use std::ffi::c_void;
+
+type AlgHandle = *mut c_void;
+type KeyHandle = *mut c_void;
 
 pub fn random_bytes(len: usize) -> Result<Vec<u8>, String> {
     use windows_sys::Win32::Security::Cryptography::BCryptGenRandom;
     let mut buf = vec![0u8; len];
-    let status = unsafe { BCryptGenRandom(0, buf.as_mut_ptr(), len as u32, 0x00000002) };
+    let status = unsafe { BCryptGenRandom(std::ptr::null_mut(), buf.as_mut_ptr(), len as u32, 0x00000002) };
     if status != 0 {
         return Err(format!("BCryptGenRandom failed: NTSTATUS {status:#x}"));
     }
@@ -20,10 +24,10 @@ pub fn derive_key(passphrase: &[u8], salt: &[u8]) -> Result<[u8; KEY_LEN], Strin
     // For simplicity and correctness, we use BCryptDeriveKeyPBKDF2
     use windows_sys::Win32::Security::Cryptography::*;
 
-    let mut alg_handle: usize = 0;
+    let mut alg_handle: AlgHandle = std::ptr::null_mut();
     let status = unsafe {
         BCryptOpenAlgorithmProvider(
-            &mut alg_handle as *mut _,
+            &mut alg_handle,
             // BCRYPT_SHA256_ALGORITHM = "SHA256\0" as wide string
             [b'S' as u16, b'H' as u16, b'A' as u16, b'2' as u16, b'5' as u16, b'6' as u16, 0].as_ptr(),
             std::ptr::null(),
@@ -145,16 +149,16 @@ const AES_ALGORITHM: &[u16] = &[b'A' as u16, b'E' as u16, b'S' as u16, 0];
 // FFI declarations for BCrypt functions not in windows-sys or needed with specific signatures
 unsafe extern "system" {
     fn BCryptSetProperty(
-        h_object: usize,
+        h_object: AlgHandle,
         psz_property: *const u16,
         pb_input: *const u8,
         cb_input: u32,
         dw_flags: u32,
     ) -> i32;
 
     fn BCryptGenerateSymmetricKey(
-        h_algorithm: usize,
-        ph_key: *mut usize,
+        h_algorithm: AlgHandle,
+        ph_key: *mut KeyHandle,
         pb_key_object: *mut u8,
         cb_key_object: u32,
         pb_secret: *const u8,
@@ -163,7 +167,7 @@ unsafe extern "system" {
     ) -> i32;
 
     fn BCryptEncrypt(
-        h_key: usize,
+        h_key: KeyHandle,
         pb_input: *const u8,
         cb_input: u32,
         p_padding_info: *mut AuthCipherModeInfo,
@@ -176,7 +180,7 @@ unsafe extern "system" {
     ) -> i32;
 
     fn BCryptDecrypt(
-        h_key: usize,
+        h_key: KeyHandle,
         pb_input: *const u8,
         cb_input: u32,
         p_padding_info: *mut AuthCipherModeInfo,
@@ -188,19 +192,19 @@ unsafe extern "system" {
         dw_flags: u32,
     ) -> i32;
 
-    fn BCryptDestroyKey(h_key: usize) -> i32;
+    fn BCryptDestroyKey(h_key: KeyHandle) -> i32;
 }
 
 /// Opens an AES algorithm handle configured for GCM chaining mode.
-fn open_aes_gcm_handle() -> Result<usize, String> {
+fn open_aes_gcm_handle() -> Result<AlgHandle, String> {
     use windows_sys::Win32::Security::Cryptography::{
         BCryptCloseAlgorithmProvider, BCryptOpenAlgorithmProvider,
     };
 
-    let mut alg_handle: usize = 0;
+    let mut alg_handle: AlgHandle = std::ptr::null_mut();
     let status = unsafe {
         BCryptOpenAlgorithmProvider(
-            &mut alg_handle as *mut _,
+            &mut alg_handle,
             AES_ALGORITHM.as_ptr(),
             std::ptr::null(),
             0,
@@ -236,7 +240,7 @@ pub fn aes_gcm_encrypt(key: &[u8; KEY_LEN], nonce: &[u8], plaintext: &[u8]) -> R
     let alg_handle = open_aes_gcm_handle()?;
 
     // Generate symmetric key handle
-    let mut key_handle: usize = 0;
+    let mut key_handle: KeyHandle = std::ptr::null_mut();
     let status = unsafe {
         BCryptGenerateSymmetricKey(
             alg_handle,
@@ -307,7 +311,7 @@ pub fn aes_gcm_decrypt(key: &[u8; KEY_LEN], nonce: &[u8], ciphertext_and_tag: &[
     let alg_handle = open_aes_gcm_handle()?;
 
     // Generate symmetric key handle
-    let mut key_handle: usize = 0;
+    let mut key_handle: KeyHandle = std::ptr::null_mut();
     let status = unsafe {
         BCryptGenerateSymmetricKey(
             alg_handle,