[Bug 48981] New: Riot Vanguard (Riot Games) needs Microsoft Kernel Mode Cryptographic Primitives Library 'cng.sys'
https://bugs.winehq.org/show_bug.cgi?id=48981 Bug ID: 48981 Summary: Riot Vanguard (Riot Games) needs Microsoft Kernel Mode Cryptographic Primitives Library 'cng.sys' Product: Wine Version: 5.6 Hardware: x86-64 OS: Linux Status: NEW Severity: normal Priority: P2 Component: -unknown Assignee: wine-bugs(a)winehq.org Reporter: focht(a)gmx.net Distribution: --- Hello folks, as it says. There are some fixes required prior to come to this place. I'll create/reference more bug reports later for them. There is a public document which describes the module and the API: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-pr... --- quote --- Microsoft Windows7 Kernel Mode Cryptographic Primitives Library (cng.sys) Microsoft Windows 7 Operating System FIPS 140-2 Security Policy Document This document specifies the security policy for the Microsoft Kernel Mode Cryptographic Primitives Library (CNG.SYS) as described in FIPS PUB 140-2. January 16, 2013 Document Version: 2.2 --- quote --- --- snip --- ... The vgk service is starting. 002d:trace:loaddll:load_native_dll Loaded L"C:\\windows\\system32\\kernelbase.dll" at 0x7b000000: PE builtin 002d:trace:loaddll:load_so_dll Loaded L"C:\\windows\\system32\\kernel32.dll" at 0x7b410000: builtin 002d:trace:loaddll:load_native_dll Loaded L"C:\\windows\\system32\\winedevice.exe" at 0x140000000: PE builtin 002d:trace:loaddll:load_so_dll Loaded L"C:\\windows\\system32\\advapi32.dll" at 0x7f39a2c80000: builtin 002d:trace:loaddll:load_so_dll Loaded L"C:\\windows\\system32\\msvcrt.dll" at 0x7f39a2aa0000: builtin 002d:trace:loaddll:load_native_dll Loaded L"C:\\windows\\system32\\ntoskrnl.exe" at 0x180000000: PE builtin 002d:trace:loaddll:load_so_dll Loaded L"C:\\windows\\system32\\ucrtbase.dll" at 0x7f39a2970000: builtin 002d:trace:loaddll:load_native_dll Loaded L"C:\\windows\\system32\\rpcrt4.dll" at 0x9b0000: PE builtin 002f:trace:ntoskrnl:ZwLoadDriver (L"\\Registry\\Machine\\System\\CurrentControlSet\\Services\\vgk") 002f:trace:ntoskrnl:open_driver opened service for driver L"\\Registry\\Machine\\System\\CurrentControlSet\\Services\\vgk" 002f:trace:ntoskrnl:IoCreateDriver (L"\\Driver\\vgk", 00000001800132F0) 002f:trace:ntoskrnl:load_driver loading driver L"C:\\Program Files\\Riot Vanguard\\vgk.sys" 002f:err:module:import_dll Library cng.sys (which is needed by L"C:\\Program Files\\Riot Vanguard\\vgk.sys") not found 002f:trace:ntoskrnl:IoDeleteDriver (0000000000723070) 002f:trace:ntoskrnl:ObDereferenceObject (0000000000723070) ref=0 002f:err:ntoskrnl:ZwLoadDriver failed to create driver L"\\Registry\\Machine\\System\\CurrentControlSet\\Services\\vgk": c0000142 DLL initialization failed. --- snip --- Only two 'cng.sys' functions are currently imported: --- snip --- $ winedump -j import vgk.sys Contents of vgk.sys: 3196560 bytes Import Table size: 00000050 offset 0001e090 cng.sys Hint/Name Table: 00022108 TimeDateStamp: 00000000 (Thu Jan 1 01:00:00 1970) ForwarderChain: 00000000 First thunk RVA: 0001B028 Thunk Ordn Name 0001b028 8 BCryptDestroyHash 0001b030 1 BCryptCloseAlgorithmProvider ... Done dumping vgk.sys --- snip --- $ wine --version wine-5.6-258-gf31a29b8d1 Regards -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=48981 Anastasius Focht <focht(a)gmx.net> changed: What |Removed |Added ---------------------------------------------------------------------------- Keywords| |download, obfuscation URL| |https://riot-client.secure. | |dyn.riotcdn.net/channels/pu | |blic/rccontent/vanguard/0.3 | |.2.2/setup.exe -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=48981 Andrew Wesie <awesie(a)gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |awesie(a)gmail.com --- Comment #1 from Andrew Wesie <awesie(a)gmail.com> --- There are likely more imports required. A dump of the kernel driver contains these imports within its address space: cng BCryptOpenAlgorithmProvider cng BCryptGetProperty cng BCryptCreateHash cng BCryptHashData cng BCryptFinishHash I posted a full list here: https://gist.github.com/awesie/618eb15e9f57e1fff4efb2786febec3f. I haven't done any substantial analysis yet, so these could be a false flag. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=48981 Anastasius Focht <focht(a)gmx.net> changed: What |Removed |Added ---------------------------------------------------------------------------- URL|https://riot-client.secure. |https://web.archive.org/web |dyn.riotcdn.net/channels/pu |/20200421165713/https://rio |blic/rccontent/vanguard/0.3 |t-client.secure.dyn.riotcdn |.2.2/setup.exe |.net/channels/public/rccont | |ent/vanguard/0.3.2.2/setup. | |exe -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=48981 Anastasius Focht <focht(a)gmx.net> changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|--- |FIXED Fixed by SHA1| |d09d4d97e02a724c98df9a6cacc | |8d8f4e545ee0e Status|NEW |RESOLVED --- Comment #2 from Anastasius Focht <focht(a)gmx.net> --- Hello folks, this is fixed by commit https://source.winehq.org/git/wine.git/commitdiff/d09d4d97e02a724c98df9a6cac... ("cng.sys: New dll."). Thanks Alistair --- snip --- $ WINEDEBUG=+seh,+loaddll,+ntoskrnl,+module,+imports wine net start vgk
log.txt 2>&1 ... 0118:trace:module:map_image_into_view mapping PE file L"\\??\\C:\\Program Files\\Riot Vanguard\\vgk.sys" at 0xdb0000-0x10b7000 0118:trace:module:map_image_into_view mapping L"\\??\\C:\\Program Files\\Riot Vanguard\\vgk.sys" section .text at 0xdb1000 off 400 size 1a000 virt 19ec2 flags 68000020 0118:trace:module:map_image_into_view mapping L"\\??\\C:\\Program Files\\Riot Vanguard\\vgk.sys" section .rdata at 0xdcb000 off 1a400 size 2000 virt 1ea4 flags 48000040 0118:trace:module:map_image_into_view mapping L"\\??\\C:\\Program Files\\Riot Vanguard\\vgk.sys" section .data at 0xdcd000 off 1c400 size 600 virt 146c flags c8000040 0118:trace:module:map_image_into_view clearing 0xdcd600 - 0xdce000 0118:trace:module:map_image_into_view mapping L"\\??\\C:\\Program Files\\Riot Vanguard\\vgk.sys" section .pdata at 0xdcf000 off 1ca00 size 1400 virt 1320 flags 48000040 0118:trace:module:map_image_into_view clearing 0xdd0400 - 0xdd1000 0118:trace:module:map_image_into_view mapping L"\\??\\C:\\Program Files\\Riot Vanguard\\vgk.sys" section .edata at 0xdd1000 off 1de00 size 200 virt 3e flags 40000040 0118:trace:module:map_image_into_view clearing 0xdd1200 - 0xdd2000 0118:trace:module:map_image_into_view mapping L"\\??\\C:\\Program Files\\Riot Vanguard\\vgk.sys" section INIT at 0xdd2000 off 1e000 size 600 virt 442 flags 60000020 0118:trace:module:map_image_into_view clearing 0xdd2600 - 0xdd3000 0118:trace:module:map_image_into_view mapping L"\\??\\C:\\Program Files\\Riot Vanguard\\vgk.sys" section .stub0 at 0xdd3000 off 1e600 size 2dcc00 virt 2dcb6c flags 68000060 0118:trace:module:map_image_into_view clearing 0x10afc00 - 0x10b0000 0118:trace:module:map_image_into_view mapping L"\\??\\C:\\Program Files\\Riot Vanguard\\vgk.sys" section .reloc at 0x10b0000 off 2fb200 size 200 virt e0 flags 42000040 0118:trace:module:map_image_into_view clearing 0x10b0200 - 0x10b1000 0118:trace:module:map_image_into_view mapping L"\\??\\C:\\Program Files\\Riot Vanguard\\vgk.sys" section .rsrc at 0x10b1000 off 2fb400 size 5e00 virt 5d3c flags 42000040 0118:trace:module:map_image_into_view clearing 0x10b6e00 - 0x10b7000 0118:warn:module:set_security_cookie security cookie 000000014001D5E8 outside of image 0000000000DB0000-00000000010B7000 0118:trace:module:load_dll looking for L"cng.sys" in L"C:\\Program Files\\Riot Vanguard;C:\\windows\\system32;C:\\windows\\system32\\drivers;C:\\windows\\system32\\" 0118:trace:module:get_load_order looking for L"C:\\windows\\system32\\drivers\\cng.sys" 0118:trace:module:get_load_order got hardcoded default for L"C:\\windows\\system32\\drivers\\cng.sys" 0118:trace:module:map_image_into_view mapping PE file L"\\??\\C:\\windows\\system32\\drivers\\cng.sys" at 0x10c0000-0x10c6000 0118:trace:module:map_image_into_view mapping L"\\??\\C:\\windows\\system32\\drivers\\cng.sys" section .text at 0x10c1000 off 1000 size 1000 virt 376 flags 60000020 0118:trace:module:map_image_into_view mapping L"\\??\\C:\\windows\\system32\\drivers\\cng.sys" section .rdata at 0x10c2000 off 2000 size 1000 virt c7c flags 40000040 0118:trace:module:map_image_into_view mapping L"\\??\\C:\\windows\\system32\\drivers\\cng.sys" section .buildid at 0x10c3000 off 3000 size 1000 virt 79 flags 40000040 0118:trace:module:map_image_into_view mapping L"\\??\\C:\\windows\\system32\\drivers\\cng.sys" section .pdata at 0x10c4000 off 4000 size 1000 virt 24 flags 40000040 0118:trace:module:map_image_into_view mapping L"\\??\\C:\\windows\\system32\\drivers\\cng.sys" section .rodata at 0x10c5000 off 5000 size 1000 virt 2c5 flags c0000040 0118:trace:module:load_dll looking for L"kernel32.dll" in L"C:\\Program Files\\Riot Vanguard;C:\\windows\\system32;C:\\windows\\system32\\drivers;C:\\windows\\system32\\" 0118:trace:module:load_dll Found L"C:\\windows\\system32\\kernel32.dll" for L"kernel32.dll" at 000000007B600000, count=-1 0118:trace:imports:import_dll --- DisableThreadLibraryCalls kernel32.dll.193 = 000000007B60C434 0118:trace:imports:import_dll --- RaiseException kernel32.dll.885 = 000000007B60E7D4 0118:trace:module:build_module loaded L"\\??\\C:\\windows\\system32\\drivers\\cng.sys" 000000000014AB00 00000000010C0000 0118:trace:loaddll:build_module Loaded L"C:\\windows\\system32\\drivers\\cng.sys" at 00000000010C0000: builtin 0118:trace:module:load_dll Loaded module L"\\??\\C:\\windows\\system32\\drivers\\cng.sys" at 00000000010C0000 0118:trace:module:find_forwarded_export delay loading L"bcrypt.dll" for 'bcrypt.BCryptDestroyHash' 0118:trace:module:load_dll looking for L"bcrypt.dll" in L"C:\\Program Files\\Riot Vanguard;C:\\windows\\system32;C:\\windows\\system32\\drivers;C:\\windows\\system32\\" 0118:trace:module:get_load_order looking for L"C:\\windows\\system32\\bcrypt.dll" 0118:trace:module:get_load_order got hardcoded default for L"bcrypt.dll" 0118:trace:module:map_image_into_view mapping PE file L"\\??\\C:\\windows\\system32\\bcrypt.dll" at 0x10d0000-0x10e2000 ... 0118:trace:module:MODULE_InitDLL (00000000010D0000,PROCESS_ATTACH,0000000000000000) - RETURN 1 0118:trace:module:process_attach (L"bcrypt.dll",0000000000000000) - END 0118:trace:imports:import_dll --- BCryptDestroyHash cng.sys.8 = 00000000010D2B00 0118:trace:imports:import_dll --- BCryptCloseAlgorithmProvider cng.sys.1 = 00000000010D2300 ... 0118:trace:module:process_attach (L"vgk.sys",0000000000000000) - START 0118:trace:module:process_attach (L"cng.sys",0000000000000000) - START 0118:trace:ntoskrnl:ldr_notify_callback loading L"cng.sys" 0118:trace:module:MODULE_InitDLL (00000000010C0000 L"cng.sys",PROCESS_ATTACH,0000000000000000) - CALL 0118:trace:module:MODULE_InitDLL (00000000010C0000,PROCESS_ATTACH,0000000000000000) - RETURN 1 0118:trace:module:process_attach (L"cng.sys",0000000000000000) - END 0118:trace:ntoskrnl:ldr_notify_callback loading L"vgk.sys" 0118:trace:ntoskrnl:ldr_notify_callback relocating from 0000000140000000-0000000140307000 to 0000000000DB0000-00000000010B7000 0118:trace:module:process_attach (L"vgk.sys",0000000000000000) - END ---- snip ---
$ wine --version wine-6.20-61-gababea0fd70 Regards -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=48981 Alexandre Julliard <julliard(a)winehq.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED --- Comment #3 from Alexandre Julliard <julliard(a)winehq.org> --- Closing bugs fixed in 6.21. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
participants (1)
-
WineHQ Bugzilla