advapi: remove signature checking code.
Michael Jung
mjung at iss.tu-darmstadt.de
Mon Mar 28 16:08:27 CST 2005
Hi,
Microsoft signs it's cryptographic service provider (csp) dlls with a private
key. advapi32 will only load csp dlls with a valid signature. We will never
be able to implement this, since this would mean having access to Microsoft's
private keys. Above this, Microsofts scheme doesn't give real security, since
there are instructions on the web to replace advapi32's _NSAKEY with an
arbitrary private key (this is if you have write access to advapi32.dll),
allowing you to load a csp signed by yourself.
I would like to remove the (stubbed) signature checking code from advapi32.
This would clean up advapi32 somewhat and remove a FIXME message, which
bothers me for some time and which confused wine users in at least two
occurences.
Comments anyone?
Bye,
--
Michael Jung
mjung at iss.tu-darmstadt.de
-------------- next part --------------
A non-text attachment was scrubbed...
Name: dlls_advapi32_crypt_c.diff
Type: text/x-diff
Size: 2529 bytes
Desc: not available
Url : http://www.winehq.org/pipermail/wine-devel/attachments/20050329/7e27e76b/dlls_advapi32_crypt_c.bin
More information about the wine-devel
mailing list