Revision: 7842 https://osdn.net/projects/ttssh2/scm/svn/commits/7842 Author: yutakapon Date: 2019-07-11 20:54:46 +0900 (Thu, 11 Jul 2019) Log Message: ----------- 下記APIへの依存除去(実験的) CryptAcquireContextW チケット #36876 Ticket Links: ------------ https://osdn.net/projects/ttssh2/tracker/detail/36876 Modified Paths: -------------- branches/openssl_1_1_1_v2/libs/openssl_patch/check_patch.bat Added Paths: ----------- branches/openssl_1_1_1_v2/libs/openssl_patch/CryptAcquireContextW.txt -------------- next part -------------- Added: branches/openssl_1_1_1_v2/libs/openssl_patch/CryptAcquireContextW.txt =================================================================== --- branches/openssl_1_1_1_v2/libs/openssl_patch/CryptAcquireContextW.txt (rev 0) +++ branches/openssl_1_1_1_v2/libs/openssl_patch/CryptAcquireContextW.txt 2019-07-11 11:54:46 UTC (rev 7842) @@ -0,0 +1,53 @@ +*** openssl-1.1.1c.org/crypto/rand/rand_win.c 2019-05-28 22:12:20.000000000 +0900 +--- openssl/crypto/rand/rand_win.c 2019-07-11 00:27:30.582096400 +0900 +*************** +*** 36,42 **** + * http://developer.intel.com/design/security/rng/redist_license.htm + */ + # define PROV_INTEL_SEC 22 +! # define INTEL_DEF_PROV L"Intel Hardware Cryptographic Service Provider" + # endif + + size_t rand_pool_acquire_entropy(RAND_POOL *pool) +--- 36,42 ---- + * http://developer.intel.com/design/security/rng/redist_license.htm + */ + # define PROV_INTEL_SEC 22 +! # define INTEL_DEF_PROV ("Intel Hardware Cryptographic Service Provider") + # endif + + size_t rand_pool_acquire_entropy(RAND_POOL *pool) +*************** size_t rand_pool_acquire_entropy(RAND_PO +*** 81,87 **** + if (buffer != NULL) { + size_t bytes = 0; + /* poll the CryptoAPI PRNG */ +! if (CryptAcquireContextW(&hProvider, NULL, NULL, PROV_RSA_FULL, + CRYPT_VERIFYCONTEXT | CRYPT_SILENT) != 0) { + if (CryptGenRandom(hProvider, bytes_needed, buffer) != 0) + bytes = bytes_needed; +--- 81,87 ---- + if (buffer != NULL) { + size_t bytes = 0; + /* poll the CryptoAPI PRNG */ +! if (CryptAcquireContextA(&hProvider, NULL, NULL, PROV_RSA_FULL, + CRYPT_VERIFYCONTEXT | CRYPT_SILENT) != 0) { + if (CryptGenRandom(hProvider, bytes_needed, buffer) != 0) + bytes = bytes_needed; +*************** size_t rand_pool_acquire_entropy(RAND_PO +*** 100,106 **** + if (buffer != NULL) { + size_t bytes = 0; + /* poll the Pentium PRG with CryptoAPI */ +! if (CryptAcquireContextW(&hProvider, NULL, + INTEL_DEF_PROV, PROV_INTEL_SEC, + CRYPT_VERIFYCONTEXT | CRYPT_SILENT) != 0) { + if (CryptGenRandom(hProvider, bytes_needed, buffer) != 0) +--- 100,106 ---- + if (buffer != NULL) { + size_t bytes = 0; + /* poll the Pentium PRG with CryptoAPI */ +! if (CryptAcquireContextA(&hProvider, NULL, + INTEL_DEF_PROV, PROV_INTEL_SEC, + CRYPT_VERIFYCONTEXT | CRYPT_SILENT) != 0) { + if (CryptGenRandom(hProvider, bytes_needed, buffer) != 0) Modified: branches/openssl_1_1_1_v2/libs/openssl_patch/check_patch.bat =================================================================== --- branches/openssl_1_1_1_v2/libs/openssl_patch/check_patch.bat 2019-07-10 14:53:20 UTC (rev 7841) +++ branches/openssl_1_1_1_v2/libs/openssl_patch/check_patch.bat 2019-07-11 11:54:46 UTC (rev 7842) @@ -17,6 +17,8 @@ rem \x83p\x83b\x83`\x82̓K\x97p\x97L\x96\xB3\x82\xF0\x83`\x83F\x83b\x83N + +rem freeaddrinfo/getnameinfo/getaddrinfo API\x88ˑ\xB6\x8F\x9C\x8B\x8E\x82̂\xBD\x82\xDF :patch1 findstr /c:"# undef AI_PASSIVE" ..\openssl\crypto\bio\bio_lcl.h if ERRORLEVEL 1 goto fail1 @@ -27,7 +29,8 @@ %folder%\patch %cmdopt2% < %folder%\ws2_32_dll_patch.txt popd -rem \x88ȉ\xBA\x82͂\xA0\x82Ƃŏ\xC1\x82\xB7 +rem InitializeCriticalSectionAndSpinCount API\x88ˑ\xB6\x8F\x9C\x8B\x8E\x82̂\xBD\x82\xDF +rem \x88ȉ\xBA\x82͕s\x97v :patch2 findstr /c:"running on Windows95" ..\openssl\crypto\threads_win.c if ERRORLEVEL 1 goto fail2 @@ -38,6 +41,7 @@ %folder%\patch %cmdopt2% < %folder%\InitializeCriticalSectionAndSpinCount_patch.txt popd +rem InitializeCriticalSectionAndSpinCount/InterlockedCompareExchange/InterlockedExchangeAdd API\x88ˑ\xB6\x8F\x9C\x8B\x8E\x82̂\xBD\x82\xDF :patch3 findstr /c:"myInitializeCriticalSectionAndSpinCount" ..\openssl\crypto\threads_win.c if ERRORLEVEL 1 goto fail3 @@ -49,9 +53,22 @@ popd +rem CryptAcquireContextW API\x88ˑ\xB6\x8F\x9C\x8B\x8E\x82̂\xBD\x82\xDF +:patch4 +findstr /c:"CryptAcquireContextA" ..\openssl\crypto\rand\rand_win.c +if ERRORLEVEL 1 goto fail4 +goto patch5 +:fail4 +pushd .. +%folder%\patch %cmdopt1% < %folder%\CryptAcquireContextW.txt +%folder%\patch %cmdopt2% < %folder%\CryptAcquireContextW.txt +popd -:patch4 +:patch5 + + +:patch_end echo "\x83p\x83b\x83`\x82͓K\x97p\x82\xB3\x82\xEA\x82Ă\xA2\x82܂\xB7" timeout 5 goto end