[prev in list] [next in list] [prev in thread] [next in thread]
List: ms-cryptoapi
Subject: Re: W2K SP3 and CSPDK
From: Laszlo Elteto <lelteto () RAINBOW ! COM>
Date: 2002-08-16 15:15:11
[Download RAW message or body]
I found Petr's solution working (w/o updating the exe checksum). The change
is:
after a call to NtQuerySystemInformation he changed a "jnz" conditional jump
to a "jmp" unconditional jump instruction (to the same target address). I
tried to find documentation on the function but could not. I guess this is a
check to see if system-level debugger is running.
Laszlo Elteto
Fellow Scientist
Rainbow Technologies, Inc.
-----Original Message-----
From: Dag Legernęs [mailto:Dag.Legernes@ERGO.NO]
Sent: Friday, August 16, 2002 12:23 AM
To: CryptoAPI@DISCUSS.MICROSOFT.COM
Subject: Re: W2K SP3 and CSPDK
Thanks Petr,
I found a similar solution but with a more crude approach;
replacing a block of of 136 bytes at offset 0x53C18 and updating
the checksum in the header at offset 0x120. The patch was a
result of doing a simple binary comparison of the SP1/SP2 versions
of ADVAPI32.DLL in cspdk with the corresponding versions on the W2K
installation CDs. This also seems to work, but I'll try your method also.
Would you care to give a brief explanation of how you found which bytes to
replace
and what to replace them with?
Is it not necessary to update the checksum as well?
Regards,
Dag
-----Original Message-----
From: Kostka, Petr [mailto:petr.kostka@st.com]
Sent: 15. august 2002 18:18
To: 'CryptoAPI@DISCUSS.MICROSOFT.COM'
Cc: Dag Legernęs
Subject: RE: W2K SP3 and CSPDK
Hi Dag,
I think I have an easier solution for you and everyone interested.
1. Just copy the advapi32.dll from x:\winnt\system32 on your W2K SP3 machine
to some temp directory.
2. Open it with your favourite hex editor (can be Visual Studio as well).
3. Find bytes '0F 84 69 35 01' at address 00013471
4. Replace them with following sequence: E9 6A 35 01 00
Now you have a modified advapi32.dll similar to those provided in CSPDK.
Follow the CSPDK intructions for replacing the dll in the system.
This patch was briefly tested on Win2k Server, English mutation,
advapi32.dll version 5.0.2195.5385.
Enjoy it
Petr
> -----Original Message-----
> From: Dag.Legernes@ERGO.NO [mailto:Dag.Legernes@ERGO.NO]
> Sent: 8. srpna 2002 23:46
> To: CryptoAPI@DISCUSS.MICROSOFT.COM
> Subject: Re: W2K SP3 and CSPDK
>
>
> Thanks to all who gave their advice on this one... however, I
> wanted to avoid the dependence on a second computer and was
> able to solve my problem in a more simple way...
>
> Dag
>
> -----Original Message-----
> From: John Banes [mailto:jbanes@WINDOWS.MICROSOFT.COM]
> Sent: 8. august 2002 20:00
> To: CryptoAPI@DISCUSS.MICROSOFT.COM
> Subject: Re: W2K SP3 and CSPDK
>
>
> I haven't actually tried this, but it's my understanding that
> once the KD is up and running on your machine, you can then
> use any debugger that you want (including visual studio) to
> debug your CSP.
>
> So you'll need to set up a debugger machine, run a null modem
> cable between the debugger machine and your target machine,
> edit the boot.ini file on your target machine, etc., so that
> when you reboot your target machine, you see a little bit of
> output in the kd window on your debugger machine. At this
> point, the KD is active, and you should be able to then
> ignore it and go about running and debugging your CSP
> normally, without worrying about signatures.
>
> If there's anyone out there who's actually tried this, feel
> free to shoot me down if I've gotten anything wrong. :-)
>
> Regards,
> John
>
>
> -----Original Message-----
> From: Dag Legernęs [mailto:Dag.Legernes@ERGO.NO]
> Sent: Thursday, August 08, 2002 2:28 AM
> To: CryptoAPI@DISCUSS.MICROSOFT.COM
> Subject: Re: W2K SP3 and CSPDK
>
>
> Thanks,
>
> but I'm still a little confused...
> Could you be a little more specific on what you mean when you
> state that the KD "only needs to be running"? I have the
> debugging tools installed, but as far as I can tell local
> kernel-mode debugging under W2K is not supported? Does this
> mean I have to set up a second machine and use remote
> debugging, or is there a way to somehow activate the KD (so
> that a test signature on the CSP dll is
> accepted) locally while still using e.g. Visual Studio to
> debug the CSP?
>
> Regards,
> Dag
>
> -----Original Message-----
> From: Tom Jones (.NET) [mailto:tjones@WINDOWS.MICROSOFT.COM]
> Sent: 7. august 2002 21:57
> To: CryptoAPI@DISCUSS.MICROSOFT.COM
> Subject: Re: W2K SP3 and CSPDK
>
>
> You should use the existing cspdk and also download the
> kernel debugger from the ddk to test your code. Note that
> the KD does not need to be used for debugging, it only needs
> to be running to allow the test csp to work.
>
> Hth ..tom
>
> > -----Original Message-----
> > From: Dag Legernęs [mailto:Dag.Legernes@ERGO.NO]
> > Sent: Wednesday, August 07, 2002 4:28 AM
> > To: CryptoAPI@DISCUSS.MICROSOFT.COM
> > Subject: W2K SP3 and CSPDK
> >
> > Hi,
> >
> > I am developing a smart card CSP , using the CSPDK on Windows 2000.
> > With SP3 for W2K just being released, I wonder if anyone knows when
> > (or whether) there will be a version of the CSPDK available that
> > supports SP3?
> >
> > Regards,
> >
> > Dag Legernęs
> >
> > Buypass AS
> > Oslo, Norway
> > www.buypass.no
> >
> > ----------------------------------------------------------------
> > Users Guide http://discuss.microsoft.com/archives/mailfaq.asp
> > contains important info. Save time, search the archives at
> > http://discuss.microsoft.com/archives/index.html . To unsubscribe,
> > mailto:CryptoAPI-signoff-request@DISCUSS.MICROSOFT.COM
>
> ----------------------------------------------------------------
> Users Guide http://discuss.microsoft.com/archives/mailfaq.asp
> contains important info. Save time, search the archives at
> http://discuss.microsoft.com/archives/index.ht> ml . To
> unsubscribe,
> mailto:CryptoAPI-signoff-request@DISCUSS.MICROSOFT.COM
>
> ----------------------------------------------------------------
> Users Guide http://discuss.microsoft.com/archives/mailfaq.asp
> contains important info. Save time, search the archives at
> http://discuss.microsoft.com/archives/index.ht> ml . To
> unsubscribe,
> mailto:CryptoAPI-signoff-request@DISCUSS.MICROSOFT.COM
>
> ----------------------------------------------------------------
> Users Guide http://discuss.microsoft.com/archives/mailfaq.asp
> contains important info. Save time, search the archives at
> http://discuss.microsoft.com/archives/index.ht> ml . To
> unsubscribe,
> mailto:CryptoAPI-signoff-request@DISCUSS.MICROSOFT.COM
>
> ----------------------------------------------------------------
> Users Guide http://discuss.microsoft.com/archives/mailfaq.asp
> contains important info. Save time, search the archives at
> http://discuss.microsoft.com/archives/index.ht> ml . To
> unsubscribe,
> mailto:CryptoAPI-signoff-request@DISCUSS.MICROSOFT.COM
>
----------------------------------------------------------------
Users Guide http://discuss.microsoft.com/archives/mailfaq.asp
contains important info. Save time, search the archives at
http://discuss.microsoft.com/archives/index.html .
To unsubscribe, mailto:CryptoAPI-signoff-request@DISCUSS.MICROSOFT.COM
----------------------------------------------------------------
Users Guide http://discuss.microsoft.com/archives/mailfaq.asp
contains important info. Save time, search the archives at
http://discuss.microsoft.com/archives/index.html .
To unsubscribe, mailto:CryptoAPI-signoff-request@DISCUSS.MICROSOFT.COM
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic