[Bug 1161] CryptoAPI crashes in MS Money 2001 (illegal CPDeriveKey() call?)

Wine Bugs wine-bugs at winehq.com
Sat Jun 28 09:35:16 CDT 2003 

http://bugs.winehq.com/show_bug.cgi?id=1161





------- Additional Comments From winebug at flonet.net  2003-28-06 09:35 -------
Bug comments restored from Gmane.org:

This is on Wine 20021031 (no option appears for this above).

CryptoAPI is broken under this version.  I started poking around trying to find
out if someone was working on this.  All I could find was a conversation between
two people -- both of whom seem to indicate that they were close to finishing
some kind of implementation for this.  This was around August/September 2001. 
There was another discussion as to legal issues surrounding cryptography exports
and licensing issues surrounding the integration with OpenSSL.

I'm a complete novice with Wine.  I'm trying to run the application Microsoft
Money 2001 from an existing installation on a Windows partition.  The most
successful attempt to date passes the splash screen and opens the main window,
but does not draw the "home" page.  This is the trace:

 =>0 0x7ca03a36 (RSAENH.DLL.CPDuplicateHash+0x12d in
C:\WINDOWS\SYSTEM\RSAENH.DLL) (ebp=406b1e10)
  1 0x4099bf0b (ADVAPI32.DLL.CryptDeriveKey+0x145 in advapi32.dll.so) (ebp=406b1e58)
  2 0x27108809 (MNYUTIL.DLL.??_7COfdPoolAdvDates@@6B at +0x69 in C:\PROGRAM
FILES\MICROSOFT MONEY\SYSTEM\MNYUTIL.DLL) (ebp=406b1e80)
  3 0x271088ea (MNYUTIL.DLL.?Encrypt@@YAPAEPBEKPAKPBD at Z+0x4a in C:\PROGRAM
FILES\MICROSOFT MONEY\SYSTEM\MNYUTIL.DLL) (ebp=406b1eb0)
  4 0x2710889b (MNYUTIL.DLL.?SetPassword at CEncryptedPassword@@QAEXPBD at Z+0x46 in
C:\PROGRAM FILES\MICROSOFT MONEY\SYSTEM\MNYUTIL.DLL) (ebp=406b268c)
  5 0x10554d47 (MNYOB99.DLL.?FCreate at CPlaceBar@@UAEHPAVCWnd@@@Z+0x6c8 in
C:\PROGRAM FILES\MICROSOFT MONEY\SYSTEM\MNYOB99.DLL) (ebp=406b28c8)
  6 0x1055a77f (MNYOB99.DLL.?InitInstance at CObeliskDLL@@QAEHXZ+0xd75 in
C:\PROGRAM FILES\MICROSOFT MONEY\SYSTEM\MNYOB99.DLL) (ebp=406b2c9c)
  7 0x10559bf9 (MNYOB99.DLL.?InitInstance at CObeliskDLL@@QAEHXZ+0x1ef in
C:\PROGRAM FILES\MICROSOFT MONEY\SYSTEM\MNYOB99.DLL) (ebp=406b2d98)
  8 0x5f40b4f3 (MFC42.DLL.1576+0x47 in C:\WINDOWS\SYSTEM\MFC42.DLL) (ebp=406b2e58)
  9 0x400c6709 (KERNEL32.DLL.CreatePipe+0xd99 in libntdll.dll.so) (ebp=406b2f1c)
  10 0x400cb1c7 (KERNEL32.DLL.WaitForMultipleObjectsEx+0x659 in libntdll.dll.so)
(ebp=406b2ff4)
  11 0x400cb418 (KERNEL32.DLL.WaitForMultipleObjectsEx+0x8aa in libntdll.dll.so)
(ebp=00000000)


I've tried using the native advapi32.dll, but this fares even worse (or
better?).  Money complains that is unable to load a resource and crashes.  At
least with the builtin advapi I get a stack trace.

The other settings are trivial -- mostly defaults from winesetuptk.  The major
change is that the windowing mode is desktop.  Other windowing modes fail. 
Double-buffering fails for the desktop mode.  Installing money natively to Wine
fails with an internal error (2761?) at about the 50% mark.

If you need more information, just give me some basic instruction as to the
debugmsg options and wine config you'd like.


------- Additional Comments From mike at theoretic.com  2003-03-30 15:20 -------
Is this still a bug in latest CVS? CryptoAPI has been implemented for a long
time now iirc, it sounds like a regression or bug, rather than unimplemented API.


------- Additional Comments From pollockd at magma.ca  2003-03-30 20:29 -------
I'm currently running the wine-20021125 package from Gentoo.  They also have
20030115 and 20030219, but these are marked as unstable.  This is a bit of the
current goo from the trace (-debugmsg +all).  

trace:string:lstrcpynW (0x4053e748, L"C:\\WINDOWS\\SYSTEM\\USER32.DLL", 260)
trace:crypt:CryptCreateHash (0x402fe678, 0x8003, 0x0, 00000000, 0x4053f674)
trace:crypt:CryptHashData (0x43b900a8, 0x41382c80, 66, 00000000)
trace:crypt:CryptDeriveKey (0x402fe678, 26625, 0x1136197800, 00000001, 0x4053f678)
wine: Unhandled exception, starting debugger...


It definitely seems (to the novice's eyes) that it is still failing somewhere in
cryptographic code.  I wish I could be more help.


------- Additional Comments From mike at theoretic.com  2003-03-31 03:35 -------
Yes, the trace indicates that it's failing inside the crypto code, that doesn't
mean it's unimplemented however.

I'll confirm this bug. Without a test app to reproduce this crash, there's not
much we can do to fix it, unless somebody recognises this trace.


------- Additional Comments From andi at rhlx01.fht-esslingen.de  2003-03-31 11:06
-------
Why?
Couldn't it be that our ADVAPI32.CryptDeriveKey simply calls into the crypt
provider DLL
(in this case, RSAENH.DLL) function in an illegal way?
It's most likely CPDeriveKey() that's called illegally, since that is the only
provider DLL function our CryptDeriveKey() calls...
BTW, The algorithm used (26625) is
ALG_CLASS_DATA_ENCRYPT | ALG_TYPE_STREAM | 1
and thus it should be RC4:
#define CALG_RC4        (ALG_CLASS_DATA_ENCRYPT | ALG_TYPE_STREAM |
ALG_SID_RC4)
since ALG_SID_RC4 is 1
Hmm, strange, why is the alg id RC4, but the DLL is called RSAENH.DLL??
Maybe that is the real problem?

BTW, could you try using a different version of RSAENH.DLL?


------- Additional Comments From pollockd at magma.ca  2003-03-31 14:56 -------
I'm not sure how to try using a different RSAENH.DLL.  I specified the
command-line as: "wine --debugmsg +all --dll rsaenh=b msmoney.exe
&>~/output.txt".  I hope that's what you wanted.  It didn't change the result,
however.

Here's some more stuff I've been able to find in the logs.  

err:win32:PE_fixup_imports No implementation for
ADVAPI32.dll.71(CryptGetLocalKeyLimits) imported from
C:\windows\system\rsabase.dll, setting to 0xdeadbeef

I'm set up to use the built-in advapi32 implementation.  I'll attach my config,
in case there are some glaring errors that I haven't noticed.

Just to check, I tried again with both:
wine --debugmsg +all --dll advapi32=n,rsaenh=b msmoney.exe &>~/output.txt
wine --debugmsg +all --dll rsaenh=b,rsabase=b msmoney.exe &>~/output.txt

Native advapi32 failed to get anywhere (even to the splash), and native rsabase
had no effect.


------- Additional Comments From pollockd at magma.ca  2003-03-31 14:56 -------
Created an attachment (id=442)
 --> (http://bugs.winehq.com/attachment.cgi?id=442&action=view)
Wine Configuration File


------- Additional Comments From mike at theoretic.com  2003-04-01 04:20 -------
Hmm, could you give us the full debug output, rather than just the backtrace?

If the crash is caused by dereferencing 0xdeadbeef then it's probably due to the
unimplemented CryptGetLocalKeyLimits function. I had a quick scoot around, I
can't find any docs on that, MSDN doesn't appear to have any info on it, so
maybe it's a callback or undocumented function?


------- Additional Comments From mike at theoretic.com  2003-04-01 04:22 -------
This might be a dupe of bug 682


------- Additional Comments From andi at rhlx01.fht-esslingen.de  2003-04-01 06:45
-------
Could you please try the following patch and report a --debugmsg +relay,+crypt
logfile?


------- Additional Comments From andi at rhlx01.fht-esslingen.de  2003-04-01 06:46
-------
Created an attachment (id=444)
 --> (http://bugs.winehq.com/attachment.cgi?id=444&action=view)
Patch to implement minimal CryptGetLocalKeyLimits() stub.


------- Additional Comments From pollockd at magma.ca  2003-04-01 09:42 -------
Now, when the application starts, two windows open.  One for "PSTORES.EXE" and
another for MSMoney.  The application still bombs, but I don't get the same "no
implementation message".  I'll attach the +crypt,+relay trace you asked for.

The patch given didn't apply on the version I have.  The spec file has an
additional value after the parameter list, which appears to just be the function
name itself.  I've patched as follows:

@ stdcall CryptGetHashParam(long long ptr ptr long) CryptGetHashParam
@ stdcall CryptGetKeyParam(long long ptr ptr long) CryptGetKeyParam
@ stdcall CryptGetLocalKeyLimits(long long long long long long long)
CryptGetLocalKeyLimits
@ stdcall CryptGetProvParam(long long ptr ptr long) CryptGetProvParam
@ stdcall CryptGetUserKey(long long ptr) CryptGetUserKey


------- Additional Comments From pollockd at magma.ca  2003-04-01 09:43 -------
Created an attachment (id=445)
 --> (http://bugs.winehq.com/attachment.cgi?id=445&action=view)
wine --debugmsg +relay,+crypt msmoney.exe &>~/output.txt


------- Additional Comments From mike at theoretic.com  2003-04-02 08:38 -------
trace:crypt:CryptAcquireContextA (0x40541eb4, (null), (null), 1, 00000000)
trace:crypt:CryptCreateHash (0x4029ef40, 0x8003, 0x0, 00000000, 0x40541e84)
trace:crypt:CryptHashData (0x4029f4c8, 0x27108998, 2, 00000000)
trace:crypt:CryptDeriveKey (0x4029ef40, 26114, 0x1076491464, 00000000, 0x40541e80)
wine: Unhandled exception, starting debugger...

Looks like a stub isn't good enough

-- 
Configure bugmail: http://bugs.winehq.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

More information about the wine-bugs mailing list