[Ttssh2-commit] [7842] 下記APIへの依存除去(実験的)

scmno****@osdn***** scmno****@osdn*****
2019年 7月 11日 (木) 20:54:46 JST


Revision: 7842
          https://osdn.net/projects/ttssh2/scm/svn/commits/7842
Author:   yutakapon
Date:     2019-07-11 20:54:46 +0900 (Thu, 11 Jul 2019)
Log Message:
-----------
下記APIへの依存除去(実験的)
CryptAcquireContextW
チケット #36876 

Ticket Links:
------------
    https://osdn.net/projects/ttssh2/tracker/detail/36876

Modified Paths:
--------------
    branches/openssl_1_1_1_v2/libs/openssl_patch/check_patch.bat

Added Paths:
-----------
    branches/openssl_1_1_1_v2/libs/openssl_patch/CryptAcquireContextW.txt

-------------- next part --------------
Added: branches/openssl_1_1_1_v2/libs/openssl_patch/CryptAcquireContextW.txt
===================================================================
--- branches/openssl_1_1_1_v2/libs/openssl_patch/CryptAcquireContextW.txt	                        (rev 0)
+++ branches/openssl_1_1_1_v2/libs/openssl_patch/CryptAcquireContextW.txt	2019-07-11 11:54:46 UTC (rev 7842)
@@ -0,0 +1,53 @@
+*** openssl-1.1.1c.org/crypto/rand/rand_win.c	2019-05-28 22:12:20.000000000 +0900
+--- openssl/crypto/rand/rand_win.c	2019-07-11 00:27:30.582096400 +0900
+***************
+*** 36,42 ****
+   * http://developer.intel.com/design/security/rng/redist_license.htm
+   */
+  #  define PROV_INTEL_SEC 22
+! #  define INTEL_DEF_PROV L"Intel Hardware Cryptographic Service Provider"
+  # endif
+  
+  size_t rand_pool_acquire_entropy(RAND_POOL *pool)
+--- 36,42 ----
+   * http://developer.intel.com/design/security/rng/redist_license.htm
+   */
+  #  define PROV_INTEL_SEC 22
+! #  define INTEL_DEF_PROV ("Intel Hardware Cryptographic Service Provider")
+  # endif
+  
+  size_t rand_pool_acquire_entropy(RAND_POOL *pool)
+*************** size_t rand_pool_acquire_entropy(RAND_PO
+*** 81,87 ****
+      if (buffer != NULL) {
+          size_t bytes = 0;
+          /* poll the CryptoAPI PRNG */
+!         if (CryptAcquireContextW(&hProvider, NULL, NULL, PROV_RSA_FULL,
+                                   CRYPT_VERIFYCONTEXT | CRYPT_SILENT) != 0) {
+              if (CryptGenRandom(hProvider, bytes_needed, buffer) != 0)
+                  bytes = bytes_needed;
+--- 81,87 ----
+      if (buffer != NULL) {
+          size_t bytes = 0;
+          /* poll the CryptoAPI PRNG */
+!         if (CryptAcquireContextA(&hProvider, NULL, NULL, PROV_RSA_FULL,
+                                   CRYPT_VERIFYCONTEXT | CRYPT_SILENT) != 0) {
+              if (CryptGenRandom(hProvider, bytes_needed, buffer) != 0)
+                  bytes = bytes_needed;
+*************** size_t rand_pool_acquire_entropy(RAND_PO
+*** 100,106 ****
+      if (buffer != NULL) {
+          size_t bytes = 0;
+          /* poll the Pentium PRG with CryptoAPI */
+!         if (CryptAcquireContextW(&hProvider, NULL,
+                                   INTEL_DEF_PROV, PROV_INTEL_SEC,
+                                   CRYPT_VERIFYCONTEXT | CRYPT_SILENT) != 0) {
+              if (CryptGenRandom(hProvider, bytes_needed, buffer) != 0)
+--- 100,106 ----
+      if (buffer != NULL) {
+          size_t bytes = 0;
+          /* poll the Pentium PRG with CryptoAPI */
+!         if (CryptAcquireContextA(&hProvider, NULL,
+                                   INTEL_DEF_PROV, PROV_INTEL_SEC,
+                                   CRYPT_VERIFYCONTEXT | CRYPT_SILENT) != 0) {
+              if (CryptGenRandom(hProvider, bytes_needed, buffer) != 0)

Modified: branches/openssl_1_1_1_v2/libs/openssl_patch/check_patch.bat
===================================================================
--- branches/openssl_1_1_1_v2/libs/openssl_patch/check_patch.bat	2019-07-10 14:53:20 UTC (rev 7841)
+++ branches/openssl_1_1_1_v2/libs/openssl_patch/check_patch.bat	2019-07-11 11:54:46 UTC (rev 7842)
@@ -17,6 +17,8 @@
 
 
 rem \x83p\x83b\x83`\x82̓K\x97p\x97L\x96\xB3\x82\xF0\x83`\x83F\x83b\x83N
+
+rem freeaddrinfo/getnameinfo/getaddrinfo API\x88ˑ\xB6\x8F\x9C\x8B\x8E\x82̂\xBD\x82\xDF
 :patch1
 findstr /c:"# undef AI_PASSIVE" ..\openssl\crypto\bio\bio_lcl.h
 if ERRORLEVEL 1 goto fail1
@@ -27,7 +29,8 @@
 %folder%\patch %cmdopt2% < %folder%\ws2_32_dll_patch.txt
 popd
 
-rem \x88ȉ\xBA\x82͂\xA0\x82Ƃŏ\xC1\x82\xB7
+rem InitializeCriticalSectionAndSpinCount API\x88ˑ\xB6\x8F\x9C\x8B\x8E\x82̂\xBD\x82\xDF
+rem \x88ȉ\xBA\x82͕s\x97v
 :patch2
 findstr /c:"running on Windows95" ..\openssl\crypto\threads_win.c
 if ERRORLEVEL 1 goto fail2
@@ -38,6 +41,7 @@
 %folder%\patch %cmdopt2% < %folder%\InitializeCriticalSectionAndSpinCount_patch.txt
 popd
 
+rem InitializeCriticalSectionAndSpinCount/InterlockedCompareExchange/InterlockedExchangeAdd API\x88ˑ\xB6\x8F\x9C\x8B\x8E\x82̂\xBD\x82\xDF
 :patch3
 findstr /c:"myInitializeCriticalSectionAndSpinCount" ..\openssl\crypto\threads_win.c
 if ERRORLEVEL 1 goto fail3
@@ -49,9 +53,22 @@
 popd
 
 
+rem CryptAcquireContextW API\x88ˑ\xB6\x8F\x9C\x8B\x8E\x82̂\xBD\x82\xDF
+:patch4
+findstr /c:"CryptAcquireContextA" ..\openssl\crypto\rand\rand_win.c
+if ERRORLEVEL 1 goto fail4
+goto patch5
+:fail4
+pushd ..
+%folder%\patch %cmdopt1% < %folder%\CryptAcquireContextW.txt
+%folder%\patch %cmdopt2% < %folder%\CryptAcquireContextW.txt
+popd
 
 
-:patch4
+:patch5
+
+
+:patch_end
 echo "\x83p\x83b\x83`\x82͓K\x97p\x82\xB3\x82\xEA\x82Ă\xA2\x82܂\xB7"
 timeout 5
 goto end


Ttssh2-commit メーリングリストの案内