I implemented NCryptExportKey, but need manage FLAG 0x4000000

[Mondin Marco]

I see in ncrypt dll NCryptExportKey is not implementetd, and NCryptImportKey yes.
In bcrypt are every two implemented, ncrypt is retranslated to bcrypt call.

I try to implement in ncrypt, looking import implementation. But it bring me to a stack exception in NCryptFreeObject.

My test was quite simple:

Code: Select all

SECURITY_STATUS WINAPI NCryptExportKey(NCRYPT_KEY_HANDLE handle, NCRYPT_KEY_HANDLE decrypt_key,
                                       const WCHAR *type, NCryptBufferDesc *params, BYTE *data,
                                       DWORD datasize, DWORD *pcbResult, DWORD flags)
{
    struct object *object = (struct object *)(&handle); 
    NTSTATUS status;
    status = BCryptExportKey(object->key.bcrypt_key, NULL, type, data, datasize, pcbResult, 0); 
    return ERROR_SUCCESS;
}

I think is needed an analisys on NULL pointers in NCryptExportKey before calling BCryptExportKey, but is not so easy.

Someone have suggestions?

[Mondin Marco]

I modified ncrypt.spec, main.c and ncrypt.h to implement NCryptExportKey.
This worked, because BCrypt has a compatible implementation, but application I'm testing make use of NCRYPT_PERSIST_ONLY_FLAG.

If I try to ignore this flag, it make all unstable and unpredictable work.

Something go wrong in NCryptFreeObject (Randomly).

Code: Select all

04b4:err:eventlog:ReportEventW L"Application: CODESYS.exe\nFramework Version: v4.0.30319\nDescription: The process was terminated due to an unhandled exception.\nException Info: System.AccessViolationException\n   at Microsoft.Win32.SafeHandles.SafeNCryptProviderHandle.NCryptFreeObject(IntPtr)\n   at Microsoft.Win32.Safe"...
04b4:fixme:advapi:DeregisterEventSource (00000000CAFE4242) stub

Unhandled Exception: 04b4:fixme:ver:GetCurrentPackageId (000000000334B020 0000000000000000): stub
Unhandled Exception: System.AccessViolationException: Attempted to read or write protected memory. This is often an indicati
on that other memory is corrupt.
   at Microsoft.Win32.SafeHandles.SafeNCryptProviderHandle.NCryptFreeObject(IntPtr hObject)
   at Microsoft.Win32.SafeHandles.SafeNCryptProviderHandle.ReleaseNativeHandle()
   at Microsoft.Win32.SafeHandles.SafeNCryptHandle.ReleaseHandle()
   at System.Runtime.InteropServices.SafeHandle.InternalFinalize()
   at System.Runtime.InteropServices.SafeHandle.Finalize()
wine: Unhandled page fault on read access to FFFFFFFFFFFFFFFF at address 000000017002AEF8 (thread 04b4), starting debugger..

Any suggestion on how manage NCRYPT_PERSIST_ONLY_FLAG?

[Mondin Marco]

In first message I changed:
struct object *object = (struct object *)(&handle);
to
struct object *object = (struct object *)handle;

This make export working.
Now I need to solve problem of second message.

[Mondin Marco]

Only for test purpose i put a reuturn in NCryptFreeObject after call, before various free(...), this surely bring in a memory leak, but now installer work, packages are installed, signatures working. So NCRYPT_PERSIST_ONLY_FLAG probability could be managed in a key property avoiding free when this property is set. I think resulting key obtained should be stored in some static object to return same key in many request avoiding many allocations.

In Codesys3.5.18(64bit) "Codesys Installer" is needed to install various necessary packages, so dll should compiled also in 32bit, due this program is released only in 32bit version.