Revision: 7975 https://osdn.net/projects/ttssh2/scm/svn/commits/7975 Author: yutakapon Date: 2019-08-16 15:39:56 +0900 (Fri, 16 Aug 2019) Log Message: ----------- Windows 9x/NT4.0ではOpenSSL 1.0.2ベースの処理ではなく、CryptAcquireContextAを使うようにした。 チケット #36876 Ticket Links: ------------ https://osdn.net/projects/ttssh2/tracker/detail/36876 Modified Paths: -------------- branches/openssl_1_1_1_v2/libs/openssl_patch/CryptAcquireContextW2.txt -------------- next part -------------- Modified: branches/openssl_1_1_1_v2/libs/openssl_patch/CryptAcquireContextW2.txt =================================================================== --- branches/openssl_1_1_1_v2/libs/openssl_patch/CryptAcquireContextW2.txt 2019-08-15 15:18:21 UTC (rev 7974) +++ branches/openssl_1_1_1_v2/libs/openssl_patch/CryptAcquireContextW2.txt 2019-08-16 06:39:56 UTC (rev 7975) @@ -1,273 +1,40 @@ *** openssl-1.1.1c.org/crypto/rand/rand_win.c 2019-05-28 22:12:20.000000000 +0900 ---- openssl/crypto/rand/rand_win.c 2019-08-15 22:46:14.892369300 +0900 -*************** -*** 39,44 **** ---- 39,80 ---- - # define INTEL_DEF_PROV L"Intel Hardware Cryptographic Service Provider" - # endif - -+ -+ #if 0 -+ typedef struct tagCURSORINFO { -+ DWORD cbSize; -+ DWORD flags; -+ HCURSOR hCursor; -+ POINT ptScreenPos; -+ } CURSORINFO, *PCURSORINFO, *LPCURSORINFO; -+ #endif -+ -+ typedef HWND(WINAPI *GETFOREGROUNDWINDOW) (VOID); -+ typedef BOOL(WINAPI *GETCURSORINFO) (PCURSORINFO); -+ typedef DWORD(WINAPI *GETQUEUESTATUS) (UINT); -+ -+ typedef HANDLE(WINAPI *CREATETOOLHELP32SNAPSHOT) (DWORD, DWORD); -+ typedef BOOL(WINAPI *CLOSETOOLHELP32SNAPSHOT) (HANDLE); -+ typedef BOOL(WINAPI *HEAP32FIRST) (LPHEAPENTRY32, DWORD, size_t); -+ typedef BOOL(WINAPI *HEAP32NEXT) (LPHEAPENTRY32); -+ //typedef BOOL(WINAPI *HEAP32LIST) (HANDLE, LPHEAPLIST32); -+ //typedef BOOL(WINAPI *PROCESS32) (HANDLE, LPPROCESSENTRY32); -+ //typedef BOOL(WINAPI *THREAD32) (HANDLE, LPTHREADENTRY32); -+ //typedef BOOL(WINAPI *MODULE32) (HANDLE, LPMODULEENTRY32); -+ -+ static void add_RAND_buffer(void *srcbuf, int srcnum, void *dstbuf, int *dstoff, int dstmax) -+ { -+ int off = *dstoff; -+ -+ if (off + srcnum > dstmax) -+ return; -+ -+ memcpy((unsigned char*)dstbuf + off , srcbuf, srcnum); -+ off += srcnum; -+ -+ *dstoff = off; -+ } -+ - size_t rand_pool_acquire_entropy(RAND_POOL *pool) - { - # ifndef USE_BCRYPTGENRANDOM +--- openssl/crypto/rand/rand_win.c 2019-08-16 15:18:26.626115600 +0900 *************** size_t rand_pool_acquire_entropy(RAND_PO *** 115,120 **** ---- 151,373 ---- +--- 115,149 ---- return entropy_available; # endif + /* -+ * for Windows 9x, NT4.0 ++ * for Windows 95/98/Me/NT4.0 + */ + bytes_needed = rand_pool_bytes_needed(pool, 1 /*entropy_factor*/); + buffer = rand_pool_add_begin(pool, bytes_needed); + if (buffer != NULL) { -+ size_t sum = 0; -+ int off = 0; -+ DWORD w; -+ HMODULE user = NULL; -+ HMODULE kernel = LoadLibrary(TEXT("KERNEL32.DLL")); -+ MEMORYSTATUS m; ++ size_t bytes = 0; ++ BOOL cret = FALSE; + -+ user = LoadLibrary(TEXT("USER32.DLL")); -+ if (user) { -+ GETCURSORINFO cursor; -+ GETFOREGROUNDWINDOW win; -+ GETQUEUESTATUS queue; ++ cret = CryptAcquireContextA(&hProvider, NULL, NULL, PROV_RSA_FULL, 0); ++ if (cret == FALSE) { ++ if (GetLastError() == NTE_BAD_KEYSET) { ++ cret = CryptAcquireContextA(&hProvider, NULL, NULL, PROV_RSA_FULL, CRYPT_NEWKEYSET); ++ } ++ } + -+ win = -+ (GETFOREGROUNDWINDOW) GetProcAddress(user, -+ "GetForegroundWindow"); -+ cursor = (GETCURSORINFO) GetProcAddress(user, "GetCursorInfo"); -+ queue = (GETQUEUESTATUS) GetProcAddress(user, "GetQueueStatus"); ++ if (cret) { ++ if (CryptGenRandom(hProvider, bytes_needed, buffer) != 0) ++ bytes = bytes_needed; + -+ if (win) { -+ /* window handle */ -+ HWND h = win(); -+ add_RAND_buffer(&h, sizeof(h), buffer, &off, bytes_needed); -+ } -+ if (cursor) { -+ /* -+ * unfortunately, its not safe to call GetCursorInfo() on NT4 -+ * even though it exists in SP3 (or SP6) and higher. -+ */ -+ //if (check_winnt() && !check_win_minplat(5)) -+ // cursor = 0; -+ } -+ if (cursor) { -+ /* cursor position */ -+ /* assume 2 bytes of entropy */ -+ CURSORINFO ci; -+ ci.cbSize = sizeof(CURSORINFO); -+ if (cursor(&ci)) -+ add_RAND_buffer(&ci, ci.cbSize, buffer, &off, bytes_needed); -+ } -+ -+ if (queue) { -+ /* message queue status */ -+ /* assume 1 byte of entropy */ -+ w = queue(QS_ALLEVENTS); -+ add_RAND_buffer(&w, sizeof(w), buffer, &off, bytes_needed); -+ } -+ -+ FreeLibrary(user); ++ CryptReleaseContext(hProvider, 0); ++ cret = CryptAcquireContextA(&hProvider, NULL, NULL, PROV_RSA_FULL, CRYPT_DELETEKEYSET); + } -+ -+ #if 0 -+ if (kernel) { -+ CREATETOOLHELP32SNAPSHOT snap; -+ CLOSETOOLHELP32SNAPSHOT close_snap; -+ HANDLE handle; -+ -+ HEAP32FIRST heap_first; -+ HEAP32NEXT heap_next; -+ HEAP32LIST heaplist_first, heaplist_next; -+ PROCESS32 process_first, process_next; -+ THREAD32 thread_first, thread_next; -+ MODULE32 module_first, module_next; -+ -+ HEAPLIST32 hlist; -+ HEAPENTRY32 hentry; -+ PROCESSENTRY32 p; -+ THREADENTRY32 t; -+ MODULEENTRY32 m; -+ DWORD starttime = 0; -+ -+ snap = (CREATETOOLHELP32SNAPSHOT) -+ GetProcAddress(kernel, "CreateToolhelp32Snapshot"); -+ close_snap = (CLOSETOOLHELP32SNAPSHOT) -+ GetProcAddress(kernel, "CloseToolhelp32Snapshot"); -+ heap_first = (HEAP32FIRST) GetProcAddress(kernel, "Heap32First"); -+ heap_next = (HEAP32NEXT) GetProcAddress(kernel, "Heap32Next"); -+ heaplist_first = -+ (HEAP32LIST) GetProcAddress(kernel, "Heap32ListFirst"); -+ heaplist_next = -+ (HEAP32LIST) GetProcAddress(kernel, "Heap32ListNext"); -+ process_first = -+ (PROCESS32) GetProcAddress(kernel, "Process32First"); -+ process_next = -+ (PROCESS32) GetProcAddress(kernel, "Process32Next"); -+ thread_first = (THREAD32) GetProcAddress(kernel, "Thread32First"); -+ thread_next = (THREAD32) GetProcAddress(kernel, "Thread32Next"); -+ module_first = (MODULE32) GetProcAddress(kernel, "Module32First"); -+ module_next = (MODULE32) GetProcAddress(kernel, "Module32Next"); -+ -+ if (snap && heap_first && heap_next && heaplist_first && -+ heaplist_next && process_first && process_next && -+ thread_first && thread_next && module_first && -+ module_next && (handle = snap(TH32CS_SNAPALL, 0)) -+ != INVALID_HANDLE_VALUE) { -+ /* heap list and heap walking */ -+ /* -+ * HEAPLIST32 contains 3 fields that will change with each -+ * entry. Consider each field a source of 1 byte of entropy. -+ * HEAPENTRY32 contains 5 fields that will change with each -+ * entry. Consider each field a source of 1 byte of entropy. -+ */ -+ ZeroMemory(&hlist, sizeof(HEAPLIST32)); -+ hlist.dwSize = sizeof(HEAPLIST32); -+ if (good) -+ starttime = GetTickCount(); -+ # ifdef _MSC_VER -+ if (heaplist_first(handle, &hlist)) { -+ /* -+ * following discussion on dev ML, exception on WinCE (or -+ * other Win platform) is theoretically of unknown -+ * origin; prevent infinite loop here when this -+ * theoretical case occurs; otherwise cope with the -+ * expected (MSDN documented) exception-throwing -+ * behaviour of Heap32Next() on WinCE. -+ * -+ * based on patch in original message by Tanguy Fautré -+ * (2009/03/02) Subject: RAND_poll() and -+ * CreateToolhelp32Snapshot() stability -+ */ -+ int ex_cnt_limit = 42; -+ do { -+ add_RAND_buffer(&hlist, hlist.dwSize, buffer, &off, bytes_needed); -+ __try { -+ ZeroMemory(&hentry, sizeof(HEAPENTRY32)); -+ hentry.dwSize = sizeof(HEAPENTRY32); -+ if (heap_first(&hentry, -+ hlist.th32ProcessID, -+ hlist.th32HeapID)) { -+ int entrycnt = 80; -+ do -+ add_RAND_buffer(&hentry, hentry.dwSize, buffer, &off, bytes_needed); -+ while (heap_next(&hentry) -+ && (!good || NOTTOOLONG(starttime)) -+ && --entrycnt > 0); -+ } -+ } -+ __except(EXCEPTION_EXECUTE_HANDLER) { -+ /* -+ * ignore access violations when walking the heap -+ * list -+ */ -+ ex_cnt_limit--; -+ } -+ } while (heaplist_next(handle, &hlist) -+ && (!good || NOTTOOLONG(starttime)) -+ && ex_cnt_limit > 0); -+ } -+ # endif -+ -+ /* process walking */ -+ /* -+ * PROCESSENTRY32 contains 9 fields that will change with -+ * each entry. Consider each field a source of 1 byte of -+ * entropy. -+ */ -+ p.dwSize = sizeof(PROCESSENTRY32); -+ -+ if (good) -+ starttime = GetTickCount(); -+ if (process_first(handle, &p)) -+ do -+ add_RAND_buffer(&p, p.dwSize, buffer, &off, bytes_needed); -+ while (process_next(handle, &p) -+ && (!good || NOTTOOLONG(starttime))); -+ -+ /* thread walking */ -+ /* -+ * THREADENTRY32 contains 6 fields that will change with each -+ * entry. Consider each field a source of 1 byte of entropy. -+ */ -+ t.dwSize = sizeof(THREADENTRY32); -+ if (good) -+ starttime = GetTickCount(); -+ if (thread_first(handle, &t)) -+ do -+ add_RAND_buffer(&t, t.dwSize, buffer, &off, bytes_needed); -+ while (thread_next(handle, &t) -+ && (!good || NOTTOOLONG(starttime))); -+ -+ /* module walking */ -+ /* -+ * MODULEENTRY32 contains 9 fields that will change with each -+ * entry. Consider each field a source of 1 byte of entropy. -+ */ -+ m.dwSize = sizeof(MODULEENTRY32); -+ if (good) -+ starttime = GetTickCount(); -+ if (module_first(handle, &m)) -+ do -+ add_RAND_buffer(&m, m.dwSize, buffer, &off, bytes_needed); -+ while (module_next(handle, &m) -+ && (!good || NOTTOOLONG(starttime))); -+ if (close_snap) -+ close_snap(handle); -+ else -+ CloseHandle(handle); -+ -+ } -+ -+ FreeLibrary(kernel); -+ } -+ #endif -+ -+ rand_pool_add_end(pool, bytes_needed, 8 * bytes_needed); ++ rand_pool_add_end(pool, bytes, 8 * bytes); + entropy_available = rand_pool_entropy_available(pool); ++ } ++ if (entropy_available > 0) ++ return entropy_available; + -+ if (entropy_available > 0) -+ return entropy_available; -+ } -+ return rand_pool_entropy_available(pool); }