[Ttssh2-commit] [7975] Windows 9x/NT4.0ではOpenSSL 1.0.2ベースの処理ではなく、CryptAcquireContextAを使うようにした。

アーカイブの一覧に戻る
scmno****@osdn***** scmno****@osdn*****
2019年 8月 16日 (金) 15:39:56 JST


Revision: 7975
          https://osdn.net/projects/ttssh2/scm/svn/commits/7975
Author:   yutakapon
Date:     2019-08-16 15:39:56 +0900 (Fri, 16 Aug 2019)
Log Message:
-----------
Windows 9x/NT4.0ではOpenSSL 1.0.2ベースの処理ではなく、CryptAcquireContextAを使うようにした。
チケット #36876 

Ticket Links:
------------
    https://osdn.net/projects/ttssh2/tracker/detail/36876

Modified Paths:
--------------
    branches/openssl_1_1_1_v2/libs/openssl_patch/CryptAcquireContextW2.txt

-------------- next part --------------
Modified: branches/openssl_1_1_1_v2/libs/openssl_patch/CryptAcquireContextW2.txt
===================================================================
--- branches/openssl_1_1_1_v2/libs/openssl_patch/CryptAcquireContextW2.txt	2019-08-15 15:18:21 UTC (rev 7974)
+++ branches/openssl_1_1_1_v2/libs/openssl_patch/CryptAcquireContextW2.txt	2019-08-16 06:39:56 UTC (rev 7975)
@@ -1,273 +1,40 @@
 *** openssl-1.1.1c.org/crypto/rand/rand_win.c	2019-05-28 22:12:20.000000000 +0900
---- openssl/crypto/rand/rand_win.c	2019-08-15 22:46:14.892369300 +0900
-***************
-*** 39,44 ****
---- 39,80 ----
-  #  define INTEL_DEF_PROV L"Intel Hardware Cryptographic Service Provider"
-  # endif
-  
-+ 
-+ #if 0
-+ typedef struct tagCURSORINFO {
-+     DWORD cbSize;
-+     DWORD flags;
-+     HCURSOR hCursor;
-+     POINT ptScreenPos;
-+ } CURSORINFO, *PCURSORINFO, *LPCURSORINFO;
-+ #endif
-+ 
-+ typedef HWND(WINAPI *GETFOREGROUNDWINDOW) (VOID);
-+ typedef BOOL(WINAPI *GETCURSORINFO) (PCURSORINFO);
-+ typedef DWORD(WINAPI *GETQUEUESTATUS) (UINT);
-+ 
-+ typedef HANDLE(WINAPI *CREATETOOLHELP32SNAPSHOT) (DWORD, DWORD);
-+ typedef BOOL(WINAPI *CLOSETOOLHELP32SNAPSHOT) (HANDLE);
-+ typedef BOOL(WINAPI *HEAP32FIRST) (LPHEAPENTRY32, DWORD, size_t);
-+ typedef BOOL(WINAPI *HEAP32NEXT) (LPHEAPENTRY32);
-+ //typedef BOOL(WINAPI *HEAP32LIST) (HANDLE, LPHEAPLIST32);
-+ //typedef BOOL(WINAPI *PROCESS32) (HANDLE, LPPROCESSENTRY32);
-+ //typedef BOOL(WINAPI *THREAD32) (HANDLE, LPTHREADENTRY32);
-+ //typedef BOOL(WINAPI *MODULE32) (HANDLE, LPMODULEENTRY32);
-+ 
-+ static void add_RAND_buffer(void *srcbuf, int srcnum, void *dstbuf, int *dstoff, int dstmax)
-+ {
-+ 	int off = *dstoff;
-+ 
-+ 	if (off + srcnum > dstmax)
-+ 		return;
-+ 
-+ 	memcpy((unsigned char*)dstbuf + off , srcbuf, srcnum);
-+ 	off += srcnum;
-+ 
-+ 	*dstoff = off;
-+ }
-+ 
-  size_t rand_pool_acquire_entropy(RAND_POOL *pool)
-  {
-  # ifndef USE_BCRYPTGENRANDOM
+--- openssl/crypto/rand/rand_win.c	2019-08-16 15:18:26.626115600 +0900
 *************** size_t rand_pool_acquire_entropy(RAND_PO
 *** 115,120 ****
---- 151,373 ----
+--- 115,149 ----
           return entropy_available;
   # endif
   
 + 	/* 
-+ 	 * for Windows 9x, NT4.0 
++ 	 * for Windows 95/98/Me/NT4.0 
 + 	 */
 +     bytes_needed = rand_pool_bytes_needed(pool, 1 /*entropy_factor*/);
 +     buffer = rand_pool_add_begin(pool, bytes_needed);
 +     if (buffer != NULL) {
-+ 		size_t sum = 0;
-+ 		int off = 0;
-+ 		DWORD w;
-+ 		HMODULE user = NULL;
-+         HMODULE kernel = LoadLibrary(TEXT("KERNEL32.DLL"));
-+ 		MEMORYSTATUS m;
++         size_t bytes = 0;
++ 		BOOL cret = FALSE;
 + 
-+ 		user = LoadLibrary(TEXT("USER32.DLL"));
-+ 		if (user) {
-+             GETCURSORINFO cursor;
-+             GETFOREGROUNDWINDOW win;
-+             GETQUEUESTATUS queue;
++         cret = CryptAcquireContextA(&hProvider, NULL, NULL, PROV_RSA_FULL, 0);
++ 		if (cret == FALSE) {
++ 			if (GetLastError() == NTE_BAD_KEYSET) { 
++ 				cret = CryptAcquireContextA(&hProvider, NULL, NULL, PROV_RSA_FULL, CRYPT_NEWKEYSET);
++ 			}
++ 		}
 + 
-+             win =
-+                 (GETFOREGROUNDWINDOW) GetProcAddress(user,
-+                                                      "GetForegroundWindow");
-+             cursor = (GETCURSORINFO) GetProcAddress(user, "GetCursorInfo");
-+             queue = (GETQUEUESTATUS) GetProcAddress(user, "GetQueueStatus");
++ 		if (cret) {
++             if (CryptGenRandom(hProvider, bytes_needed, buffer) != 0)
++                 bytes = bytes_needed;
 + 
-+             if (win) {
-+                 /* window handle */
-+                 HWND h = win();
-+                 add_RAND_buffer(&h, sizeof(h), buffer, &off, bytes_needed);
-+             }
-+             if (cursor) {
-+                 /*
-+                  * unfortunately, its not safe to call GetCursorInfo() on NT4
-+                  * even though it exists in SP3 (or SP6) and higher.
-+                  */
-+                 //if (check_winnt() && !check_win_minplat(5))
-+                 //    cursor = 0;
-+             }
-+             if (cursor) {
-+                 /* cursor position */
-+                 /* assume 2 bytes of entropy */
-+                 CURSORINFO ci;
-+                 ci.cbSize = sizeof(CURSORINFO);
-+                 if (cursor(&ci))
-+ 					add_RAND_buffer(&ci, ci.cbSize, buffer, &off, bytes_needed);
-+             }
-+ 
-+             if (queue) {
-+                 /* message queue status */
-+                 /* assume 1 byte of entropy */
-+                 w = queue(QS_ALLEVENTS);
-+ 				add_RAND_buffer(&w, sizeof(w), buffer, &off, bytes_needed);
-+             }
-+ 
-+             FreeLibrary(user);
++             CryptReleaseContext(hProvider, 0);
++ 			cret = CryptAcquireContextA(&hProvider, NULL, NULL, PROV_RSA_FULL, CRYPT_DELETEKEYSET);
 +         }
-+ 
-+ #if 0
-+         if (kernel) {
-+             CREATETOOLHELP32SNAPSHOT snap;
-+             CLOSETOOLHELP32SNAPSHOT close_snap;
-+             HANDLE handle;
-+ 
-+             HEAP32FIRST heap_first;
-+             HEAP32NEXT heap_next;
-+             HEAP32LIST heaplist_first, heaplist_next;
-+             PROCESS32 process_first, process_next;
-+             THREAD32 thread_first, thread_next;
-+             MODULE32 module_first, module_next;
-+ 
-+             HEAPLIST32 hlist;
-+             HEAPENTRY32 hentry;
-+             PROCESSENTRY32 p;
-+             THREADENTRY32 t;
-+             MODULEENTRY32 m;
-+             DWORD starttime = 0;
-+ 
-+             snap = (CREATETOOLHELP32SNAPSHOT)
-+                 GetProcAddress(kernel, "CreateToolhelp32Snapshot");
-+             close_snap = (CLOSETOOLHELP32SNAPSHOT)
-+                 GetProcAddress(kernel, "CloseToolhelp32Snapshot");
-+             heap_first = (HEAP32FIRST) GetProcAddress(kernel, "Heap32First");
-+             heap_next = (HEAP32NEXT) GetProcAddress(kernel, "Heap32Next");
-+             heaplist_first =
-+                 (HEAP32LIST) GetProcAddress(kernel, "Heap32ListFirst");
-+             heaplist_next =
-+                 (HEAP32LIST) GetProcAddress(kernel, "Heap32ListNext");
-+             process_first =
-+                 (PROCESS32) GetProcAddress(kernel, "Process32First");
-+             process_next =
-+                 (PROCESS32) GetProcAddress(kernel, "Process32Next");
-+             thread_first = (THREAD32) GetProcAddress(kernel, "Thread32First");
-+             thread_next = (THREAD32) GetProcAddress(kernel, "Thread32Next");
-+             module_first = (MODULE32) GetProcAddress(kernel, "Module32First");
-+             module_next = (MODULE32) GetProcAddress(kernel, "Module32Next");
-+ 
-+             if (snap && heap_first && heap_next && heaplist_first &&
-+                 heaplist_next && process_first && process_next &&
-+                 thread_first && thread_next && module_first &&
-+                 module_next && (handle = snap(TH32CS_SNAPALL, 0))
-+                 != INVALID_HANDLE_VALUE) {
-+                 /* heap list and heap walking */
-+                 /*
-+                  * HEAPLIST32 contains 3 fields that will change with each
-+                  * entry.  Consider each field a source of 1 byte of entropy.
-+                  * HEAPENTRY32 contains 5 fields that will change with each
-+                  * entry.  Consider each field a source of 1 byte of entropy.
-+                  */
-+                 ZeroMemory(&hlist, sizeof(HEAPLIST32));
-+                 hlist.dwSize = sizeof(HEAPLIST32);
-+                 if (good)
-+                     starttime = GetTickCount();
-+ #  ifdef _MSC_VER
-+                 if (heaplist_first(handle, &hlist)) {
-+                     /*
-+                      * following discussion on dev ML, exception on WinCE (or
-+                      * other Win platform) is theoretically of unknown
-+                      * origin; prevent infinite loop here when this
-+                      * theoretical case occurs; otherwise cope with the
-+                      * expected (MSDN documented) exception-throwing
-+                      * behaviour of Heap32Next() on WinCE.
-+                      *
-+                      * based on patch in original message by Tanguy Fautré
-+                      * (2009/03/02) Subject: RAND_poll() and
-+                      * CreateToolhelp32Snapshot() stability
-+                      */
-+                     int ex_cnt_limit = 42;
-+                     do {
-+ 						add_RAND_buffer(&hlist, hlist.dwSize, buffer, &off, bytes_needed);
-+                         __try {
-+                             ZeroMemory(&hentry, sizeof(HEAPENTRY32));
-+                             hentry.dwSize = sizeof(HEAPENTRY32);
-+                             if (heap_first(&hentry,
-+                                            hlist.th32ProcessID,
-+                                            hlist.th32HeapID)) {
-+                                 int entrycnt = 80;
-+                                 do
-+ 									add_RAND_buffer(&hentry, hentry.dwSize, buffer, &off, bytes_needed);
-+                                 while (heap_next(&hentry)
-+                                        && (!good || NOTTOOLONG(starttime))
-+                                        && --entrycnt > 0);
-+                             }
-+                         }
-+                         __except(EXCEPTION_EXECUTE_HANDLER) {
-+                             /*
-+                              * ignore access violations when walking the heap
-+                              * list
-+                              */
-+                             ex_cnt_limit--;
-+                         }
-+                     } while (heaplist_next(handle, &hlist)
-+                              && (!good || NOTTOOLONG(starttime))
-+                              && ex_cnt_limit > 0);
-+                 }
-+ #  endif
-+ 
-+                 /* process walking */
-+                 /*
-+                  * PROCESSENTRY32 contains 9 fields that will change with
-+                  * each entry.  Consider each field a source of 1 byte of
-+                  * entropy.
-+                  */
-+                 p.dwSize = sizeof(PROCESSENTRY32);
-+ 
-+                 if (good)
-+                     starttime = GetTickCount();
-+                 if (process_first(handle, &p))
-+                     do
-+ 						add_RAND_buffer(&p, p.dwSize, buffer, &off, bytes_needed);
-+                     while (process_next(handle, &p)
-+                            && (!good || NOTTOOLONG(starttime)));
-+ 
-+                 /* thread walking */
-+                 /*
-+                  * THREADENTRY32 contains 6 fields that will change with each
-+                  * entry.  Consider each field a source of 1 byte of entropy.
-+                  */
-+                 t.dwSize = sizeof(THREADENTRY32);
-+                 if (good)
-+                     starttime = GetTickCount();
-+                 if (thread_first(handle, &t))
-+                     do
-+ 						add_RAND_buffer(&t, t.dwSize, buffer, &off, bytes_needed);
-+                     while (thread_next(handle, &t)
-+                            && (!good || NOTTOOLONG(starttime)));
-+ 
-+                 /* module walking */
-+                 /*
-+                  * MODULEENTRY32 contains 9 fields that will change with each
-+                  * entry.  Consider each field a source of 1 byte of entropy.
-+                  */
-+                 m.dwSize = sizeof(MODULEENTRY32);
-+                 if (good)
-+                     starttime = GetTickCount();
-+                 if (module_first(handle, &m))
-+                     do
-+ 						add_RAND_buffer(&m, m.dwSize, buffer, &off, bytes_needed);
-+                     while (module_next(handle, &m)
-+                            && (!good || NOTTOOLONG(starttime)));
-+                 if (close_snap)
-+                     close_snap(handle);
-+                 else
-+                     CloseHandle(handle);
-+ 
-+             }
-+ 
-+             FreeLibrary(kernel);
-+         }
-+ #endif
-+ 
-+         rand_pool_add_end(pool, bytes_needed, 8 * bytes_needed);
++         rand_pool_add_end(pool, bytes, 8 * bytes);
 +         entropy_available = rand_pool_entropy_available(pool);
++     }
++     if (entropy_available > 0)
++         return entropy_available;
 + 
-+ 		if (entropy_available > 0)
-+ 			return entropy_available;
-+ 	}
-+ 
       return rand_pool_entropy_available(pool);
   }
   


Ttssh2-commit メーリングリストの案内
アーカイブの一覧に戻る