[Bug 16365] New: Archlord crashes with err:dbghelp:SymCleanup this process has not had SymInitialize() called for it
http://bugs.winehq.org/show_bug.cgi?id=16365
Summary: Archlord crashes with err:dbghelp:SymCleanup this process has not had SymInitialize() called for it Product: Wine Version: 1.1.10 Platform: PC-x86-64 OS/Version: Linux Status: UNCONFIRMED Severity: critical Priority: P1 Component: -unknown AssignedTo: wine-bugs@winehq.org ReportedBy: mono@4c2.de
Created an attachment (id=17682) --> (http://bugs.winehq.org/attachment.cgi?id=17682) Errorlog of Archlord after crashing
Archlord, a free mmorpg, crashes under different Linux-Distributions and with different versions of wine.
Normaly on starting up the game, an automatic updater is startet, which is well known for freezing under wine.
But it is possible to start Archlord without the updater (patch it by hand), by running "wine alefclient.exe". But it crashes on startup.
last console message: err:dbghelp:SymCleanup this process has not had SymInitialize() called for it
I provide crashreports as attachements.
There is also a Thread in the Wine Forum:
http://forum.winehq.org/viewtopic.php?t=3076
My specs:
Gentoo 64bit, wine 1.1.10
http://bugs.winehq.org/show_bug.cgi?id=16365
--- Comment #1 from Mono mono@4c2.de 2008-12-06 08:18:13 --- Created an attachment (id=17683) --> (http://bugs.winehq.org/attachment.cgi?id=17683) Crashdump of Archlord after crashing
http://bugs.winehq.org/show_bug.cgi?id=16365
--- Comment #2 from Mono mono@4c2.de 2008-12-06 08:18:54 --- Created an attachment (id=17684) --> (http://bugs.winehq.org/attachment.cgi?id=17684) registrylog of Archlord after crashing
http://bugs.winehq.org/show_bug.cgi?id=16365
--- Comment #3 from Jeff Zaroyko jeffz@jeffz.name 2008-12-06 10:10:30 --- these attachments aren't really useful. try to get a meaningful backtrace by running the program under winedbg.
is there a demo/download available to test?
http://bugs.winehq.org/show_bug.cgi?id=16365
Jeff Zaroyko jeffz@jeffz.name changed:
What |Removed |Added ---------------------------------------------------------------------------- Severity|critical |normal Priority|P1 |P2
--- Comment #4 from Jeff Zaroyko jeffz@jeffz.name 2008-12-06 10:11:21 --- http://bugs.winehq.org/page.cgi?id=fields.html#bug_severity, not critical.
http://bugs.winehq.org/show_bug.cgi?id=16365
--- Comment #5 from Austin English austinenglish@gmail.com 2008-12-06 12:00:08 --- Download link?
http://bugs.winehq.org/show_bug.cgi?id=16365
steve mankoon@mt2009.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|UNCONFIRMED |NEW Ever Confirmed|0 |1
--- Comment #6 from steve mankoon@mt2009.com 2008-12-06 12:10:30 --- *** This bug has been confirmed by popular vote. ***
http://bugs.winehq.org/show_bug.cgi?id=16365
--- Comment #7 from Mono mono@4c2.de 2008-12-06 14:06:45 --- The game can be downloaded e.g
http://downloads.guru3d.com/ArchLord-Episode-3-FREE-GAME-CLIENT-download-203...
or here
http://www.archlordgame.com/freetoplay.php
"try to get a meaningful backtrace by running the program under winedbg"
i'll provide anything you need, but please tell me how.
looked at the WineDbg Command Reference and didn't understand a single word :-)
i'm sounddesigner, not developer, sorry.
http://bugs.winehq.org/show_bug.cgi?id=16365
Austin English austinenglish@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Keywords| |download
http://bugs.winehq.org/show_bug.cgi?id=16365
--- Comment #8 from Sergey uriiniix@gmail.com 2008-12-18 14:53:02 --- Created an attachment (id=18056) --> (http://bugs.winehq.org/attachment.cgi?id=18056) fail log
This log while running alefclient.exe with winedbg.
The crash occures while choosing iPixelFormat. You should notice, that on some systems (gentoo) fail occures while getting access to registry in case running wine under common user.
http://bugs.winehq.org/show_bug.cgi?id=16365
Sergey uriiniix@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |uriiniix@gmail.com
--- Comment #9 from Sergey uriiniix@gmail.com 2008-12-18 16:38:30 --- I've found solution for last reported fail (iPixelFormat)
There is code in function in wine-1.1.10/dlls/wined3d/context.c WineD3D_ChoosePixelFormat:
574: /* Exit the loop as we have found a format :) */ 575: if(exactDepthMatch) { iPixelFormat = cfg->iPixelFormat; break; } else if(!iPixelFormat) {
iPixelFormat = cfg->iPixelFormat; break; /* <-- this statment is missing in original file */ }
After adding `break`, the problem with iPixelFormat solved. But other appears
fixme:d3d:test_pbo_functionality >>>>>>>>>>>>>>>>> GL_INVALID_OPERATION (0x502) from Loading the PBO test texture @ directx.c / 3810 fixme:d3d:WineD3D_ChoosePixelFormat ColorFormat=WINED3DFMT_A8R8G8B8, DepthStencilFormat=WINED3DFMT_D24S8, auxBuffers=1, numSamples=0, pbuffer=0, findCompatible=0 err:dbghelp:SymCleanup this process has not had SymInitialize() called for it!
http://bugs.winehq.org/show_bug.cgi?id=16365
--- Comment #10 from Sergey uriiniix@gmail.com 2008-12-18 17:15:01 --- Sory for spaming this discussion...
After installing vrun2005sp1 vrun2008
problem dissapired. But seems fault is in fgrlx_dri.so Backtrace: =>1 0x7d440075 in fglrx_dri.so (+0x69d075) (0x0033f188) 2 0x7d440c6d in fglrx_dri.so (+0x69dc6d) (0x0033f1c8) 3 0x7cfcda08 in fglrx_dri.so (+0x22aa08) (0x0033f218) 4 0x7d1d69c4 in fglrx_dri.so (+0x4339c4) (0x0033f278) 5 0x7ecd105a InitAdapters+0x746a() [/root/wine-1.1.10/dlls/wined3d/directx.c:3810] in wined3d (0x0033f818) 6 0x7ed4aec2 WineDirect3DCreate+0x22(dxVersion=9, parent=0x136368) [/root/wine-1.1.10/dlls/wined3d/wined3d_main.c:56] in wined3d (0x0033f848) 7 0x7ed93412 Direct3DCreate9+0x72(SDKVersion=32) [/root/wine-1.1.10/dlls/d3d9/d3d9_main.c:51] in d3d9 (0x0033f878) 8 0x004bc350 in alefclient (+0xbc350) (0x00ce67f8) 9 0x00000000 (0x00000000)
from dmesg [fglrx] It's not necessary to adjust system aperture on this ASIC [fglrx] Reserved FB block: Shared offset:0, size:1000000 [fglrx] Reserved FB block: Unshared offset:7ffb000, size:5000 [fglrx] Reserved FB block: Unshared offset:ffbb000, size:44000 [fglrx] Reserved FB block: Unshared offset:ffff000, size:1000
If some one can debug driver ...
http://bugs.winehq.org/show_bug.cgi?id=16365
--- Comment #11 from Austin English austinenglish@gmail.com 2010-06-27 23:24:15 --- Still present in 1.2-rc5 (installed game, and ran alefclient without updating first).
http://bugs.winehq.org/show_bug.cgi?id=16365
joaopa jeremielapuree@yahoo.fr changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |jeremielapuree@yahoo.fr
--- Comment #12 from joaopa jeremielapuree@yahoo.fr 2011-08-03 14:20:35 CDT --- still a bug in current wine?
http://bugs.winehq.org/show_bug.cgi?id=16365
Paul The Tall paulthetall@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |paulthetall@gmail.com
--- Comment #13 from Paul The Tall paulthetall@gmail.com 2013-11-09 12:13:41 CST --- Yes, in 1.7.6 still present....
http://bugs.winehq.org/show_bug.cgi?id=16365
Anastasius Focht focht@gmx.net changed:
What |Removed |Added ---------------------------------------------------------------------------- URL| |http://www.gamefront.com/fi | |les/13750760/ CC| |focht@gmx.net Component|-unknown |rsaenh Summary|Archlord crashes with |Archlord Episode 3 Client |err:dbghelp:SymCleanup this |crashes on startup |process has not had |(decrypting files with a |SymInitialize() called for |RC4 session key derived |it |from MD5 hash fails, only | |40 bits are used, salt is | |dropped)
--- Comment #14 from Anastasius Focht focht@gmx.net 2013-11-10 07:08:26 CST --- Hello folks,
confirming.
It seems the game has several encrypted files and Wine doesn't properly decrypt them, leading to failure.
Example: "ini\sysstr.txt"
Map the file into memory, allocate decrypt buffer, copy file content:
--- snip --- $ pwd /home/focht/.wine/drive_c/Program Files/Codemasters/Archlord ... $ WINEDEBUG=+tid,+seh,+relay wine ./alefclient.exe >>log.txt 2>&1 ... 0025:Starting process L"C:\Program Files\Codemasters\Archlord\alefclient.exe" (entryproc=0x75a94a) ... 0025:Call KERNEL32.CreateFileA(007ee634 "ini\sysstr.txt",80000000,00000000,00000000,00000003,00000080,00000000) ret=004ea20d 0025:Ret KERNEL32.CreateFileA() retval=000000ac ret=004ea20d 0025:Call KERNEL32.CreateFileMappingA(000000ac,00000000,00000002,00000000,00000000,00000000) ret=004ea225 0025:Ret KERNEL32.CreateFileMappingA() retval=000000b0 ret=004ea225 0025:Call KERNEL32.MapViewOfFile(000000b0,00000004,00000000,00000000,00000000) ret=004ea248 0025:Ret KERNEL32.MapViewOfFile() retval=05a30000 ret=004ea248 0025:Call KERNEL32.GetFileSize(000000ac,00000000) ret=004ea25a 0025:Ret KERNEL32.GetFileSize() retval=0000401b ret=004ea25a ... 0025:Call ntdll.RtlAllocateHeap(00110000,00000000,0000401c) ret=7e25f194 0025:Ret ntdll.RtlAllocateHeap() retval=053be168 ret=7e25f194 0025:Ret msvcrt.??2@YAPAXI@Z() retval=053be168 ret=004e1be6 0025:Call msvcrt.memcpy(053be168,05a30000,0000401b) ret=004e1bf0 0025:Ret msvcrt.memcpy() retval=053be168 ret=004e1bf0 --- snip ---
Decrypting the content with session key (derived from MD5 hash + 4 char password "1111"):
--- snip --- ... 0025:Call advapi32.CryptSetProviderA(008038cc "Microsoft Base Cryptographic Provider v1.0",00000001) ret=004e9781 0025:Ret advapi32.CryptSetProviderA() retval=00000000 ret=004e9781 0025:Call advapi32.CryptAcquireContextA(0033f294,00000000,008038cc "Microsoft Base Cryptographic Provider v1.0",00000001,f0000000) ret=004e9796 0025:Call rsaenh.CPAcquireContext(053c22f0,00000000,f0000000,053c2370) ret=7e93e7eb ... 0025:Ret rsaenh.CPAcquireContext() retval=00000001 ret=7e93e7eb 0025:Ret advapi32.CryptAcquireContextA() retval=00000001 ret=004e9796 ... 0025:Call advapi32.CryptCreateHash(053c22e0,00008003,00000000,00000000,0033f278) ret=004e98cd 0025:Call rsaenh.CPCreateHash(00000002,00008003,00000000,00000000,053c2198) ret=7e93efb8 0025:Call ntdll.RtlAllocateHeap(00110000,00000000,00000170) ret=7cc507a6 0025:Ret ntdll.RtlAllocateHeap() retval=053c2608 ret=7cc507a6 0025:Call advapi32.MD5Init(053c2628) ret=7cc508c8 0025:Ret advapi32.MD5Init() retval=053c2628 ret=7cc508c8 0025:Ret rsaenh.CPCreateHash() retval=00000001 ret=7e93efb8 0025:Ret advapi32.CryptCreateHash() retval=00000001 ret=004e98cd ... 0025:Call advapi32.CryptHashData(053c2190,00802d18,00000004,00000000) ret=004e98fe 0025:Call rsaenh.CPHashData(00000002,00000004,00802d18,00000004,00000000) ret=7e9410c8 0025:Call advapi32.MD5Update(053c2628,00802d18,00000004) ret=7cc509d4 0025:Ret advapi32.MD5Update() retval=053c2640 ret=7cc509d4 0025:Ret rsaenh.CPHashData() retval=00000001 ret=7e9410c8 0025:Ret advapi32.CryptHashData() retval=00000001 ret=004e98fe ... 0025:Call advapi32.CryptDeriveKey(053c22e0,00006801,053c2190,00000004,0033f27c) ret=004e991d 0025:Call rsaenh.CPDeriveKey(00000002,00006801,00000004,00000004,053c21b0) ret=7e93f2d3 0025:Call ntdll.RtlAllocateHeap(00110000,00000000,000003e4) ret=7cc507a6 0025:Ret ntdll.RtlAllocateHeap() retval=053c2780 ret=7cc507a6 0025:Call advapi32.MD5Final(053c2628) ret=7cc50b2e 0025:Ret advapi32.MD5Final() retval=053c2680 ret=7cc50b2e 0025:Ret rsaenh.CPDeriveKey() retval=00000001 ret=7e93f2d3 ... 0025:Call advapi32.CryptDestroyHash(053c2190) ret=004e992c 0025:Call rsaenh.CPDestroyHash(00000002,00000004) ret=7e93f412 ... 0025:Ret rsaenh.CPDestroyHash() retval=00000001 ret=7e93f412 0025:Ret advapi32.CryptDestroyHash() retval=00000001 ret=004e992c ... 0025:Call advapi32.CryptDecrypt(053c21a8,00000000,00000000,00000000,053be168,0033f28c) ret=004e994f 0025:Call rsaenh.CPDecrypt(00000002,00000003,00000000,00000000,00000000,053be168,0033f28c) ret=7e93f14b 0025:Ret rsaenh.CPDecrypt() retval=00000001 ret=7e93f14b 0025:Ret advapi32.CryptDecrypt() retval=00000001 ret=004e994f ... 0025:Call advapi32.CryptDestroyKey(053c21a8) ret=004e9962 0025:Call rsaenh.CPDestroyKey(00000002,00000003) ret=7e93f534 ... 0025:Ret rsaenh.CPDestroyKey() retval=00000001 ret=7e93f534 0025:Ret advapi32.CryptDestroyKey() retval=00000001 ret=004e9962 ... 0025:Call rsaenh.CPReleaseContext(00000002,00000000) ret=7e93ecc6 ... 0025:Ret advapi32.CryptReleaseContext() retval=00000001 ret=004e998f --- snip ---
After decryption the code tries to parse "key=value" pair strings on the buffer:
--- snip --- ... 0025:Call ntdll.RtlAllocateHeap(00110000,00000000,00001000) ret=7e25f194 0025:Ret ntdll.RtlAllocateHeap() retval=053c2190 ret=7e25f194 0025:Ret msvcrt.??2@YAPAXI@Z() retval=053c2190 ret=004e1c1e 0025:Call msvcrt.memset(053c2190,00000000,00001000) ret=004e1c32 0025:Ret msvcrt.memset() retval=053c2190 ret=004e1c32 0025:Call msvcrt.memcpy(053c2190,053be168,00000013) ret=004ea127 0025:Ret msvcrt.memcpy() retval=053c2190 ret=004ea127 0025:Call ntdll.strcspn(053c2190 "\x8a\r|\xe6\x03\x07<\xe5n7\x03Gb\xc0\xe3\xa4\xfaR",00802f9c "=") ret=004e1c5c 0025:Ret ntdll.strcspn() retval=00000012 ret=004e1c5c 0025:Call ntdll.strcspn(053c2190 "\x8a\r|\xe6\x03\x07<\xe5n7\x03Gb\xc0\xe3\xa4\xfaR",00802f9c "=") ret=004e1ccd 0025:Ret ntdll.strcspn() retval=00000012 ret=004e1ccd 0025:Call msvcrt.??2@YAPAXI@Z(00000000) ret=004e1cf8 0025:Call ntdll.RtlAllocateHeap(00110000,00000000,00000000) ret=7e25f194 0025:Ret ntdll.RtlAllocateHeap() retval=053c3198 ret=7e25f194 0025:Ret msvcrt.??2@YAPAXI@Z() retval=053c3198 ret=004e1cf8 0025:Call msvcrt.memcpy(053c3198,053c21a3,ffffffff) ret=004e1d04 0025:trace:seh:raise_exception code=c0000005 flags=0 addr=0xf74f33f1 ip=f74f33f1 tid=0025 0025:trace:seh:raise_exception info[0]=00000001 0025:trace:seh:raise_exception info[1]=053d0000 0025:trace:seh:raise_exception eax=053cf03b ebx=f7562000 ecx=ffff30e7 edx=053cffb0 esi=0033f2bc edi=0033f28c 0025:trace:seh:raise_exception ebp=0033f278 esp=0033f258 cs=0023 ds=002b es=002b fs=0063 gs=006b flags=00010286 ... --- snip ---
This obviously fails because the buffer content was incorrectly decrypted -> garbage strings to strcspn().
Dumping 40-bit session key:
--- snip --- 0x0553d87c: bf679cb5 00000019 00000000 00000000 0x0553d88c: 00000000 00000000 00000000 00000000 0x0553d89c: 00000000 00000000 00000000 00000000 --- snip ---
128-bit hash -> 88 bits leftover, salt value retrieved by CryptGetKeyParam( KP_SALT)
--- snip --- Wine-dbg>bt Backtrace: =>0 0x7e944600 MD5Final+0x161(ctx=0x553d6e8) [/home/focht/projects/wine/wine-git/dlls/advapi32/crypt_md5.c:179] in advapi32 (0x0033ee58) 1 0x7d862b2e finalize_hash_impl+0xc1(aiAlgid=0x8003, pHashContext=0x553d6e8, pbHashValue="") [/home/focht/projects/wine/wine-git/dlls/rsaenh/implglue.c:142] in rsaenh (0x0033ee88) 2 0x7d86d3be finalize_hash+0x1c6(pCryptHash=0x553d6c8) [/home/focht/projects/wine/wine-git/dlls/rsaenh/rsaenh.c:721] in rsaenh (0x0033ef28) 3 0x7d872820 RSAENH_CPGetHashParam+0x248(hProv=0x2, hHash=0x4, dwParam=0x2, pbData="`╥SÉ∙ê} `╥Sα≡3", pdwDataLen=0x33f0a8, dwFlags=0) [/home/focht/projects/wine/wine-git/dlls/rsaenh/rsaenh.c:3341] in rsaenh (0x0033ef88) ... Wine-dbg>p *ctx {i={0x20, 0}, buf={0xbf679cb5, 0x58476a19, 0xf7421e19, 0xbace7066}, in="???", digest="????????"} ... --- snip ---
-> final session key
--- snip --- Wine-dbg>x/10x pbHashValue 0x0553d7b8: bf679cb5 58476a19 f7421e19 bace7066 0x0553d7c8: 00000000 00000000 00000000 00000000 0x0553d7d8: 00000000 00000000 ... --- snip ---
When I dumped the key in RSAENH_CPDeriveKey() -> setup_key() -> setup_key_impl() -> rc4_ready() I got a surprise ...
Only 40-bit were actually used!
--- snip --- 0x0553d87c: bf679cb5 00000019 00000000 00000000 0x0553d88c: 00000000 00000000 00000000 00000000 0x0553d89c: 00000000 00000000 00000000 00000000 --- snip ---
/* make RC4 perm and shuffle */ for (x = 0; x < 256; x++) { s[x] = x; }
--- snip --- 0x0553d87c: 03020100 07060504 0b0a0908 0f0e0d0c 0x0553d88c: 13121110 17161514 1b1a1918 1f1e1d1c 0x0553d89c: 23222120 27262524 2b2a2928 2f2e2d2c 0x0553d8ac: 33323130 37363534 3b3a3938 3f3e3d3c --- snip ---
for (j = x = y = 0; x < 256; x++) { y = (y + prng->rc4.buf[x] + key[j++]) & 255; if (j == keylen) { j = 0; } tmp = s[x]; s[x] = s[y]; s[y] = tmp; }
Result:
--- snip --- 0x0553d87c: 7dbb52b5 15a59f9a d2c7bd0f b4f9ebde 0x0553d88c: c5f37acd 341dacf2 047f654c 1f1e161c ... --- snip ---
Source: http://source.winehq.org/git/wine.git/blob/bfd2c533beef454a61b24f92790f91099...
--- snip --- BOOL WINAPI RSAENH_CPDeriveKey(HCRYPTPROV hProv, ALG_ID Algid, HCRYPTHASH hBaseData, DWORD dwFlags, HCRYPTKEY *phKey) { CRYPTKEY *pCryptKey, *pMasterKey; CRYPTHASH *pCryptHash; BYTE abHashValue[RSAENH_MAX_HASH_SIZE*2]; DWORD dwLen; ... case ALG_CLASS_DATA_ENCRYPT: *phKey = new_key(hProv, Algid, dwFlags, &pCryptKey); if (*phKey == (HCRYPTKEY)INVALID_HANDLE_VALUE) return FALSE;
/* * We derive the key material from the hash. * If the hash value is not large enough for the claimed key, we have to construct * a larger binary value based on the hash. This is documented in MSDN: CryptDeriveKey. */ dwLen = RSAENH_MAX_HASH_SIZE; RSAENH_CPGetHashParam(pCryptHash->hProv, hBaseData, HP_HASHVAL, abHashValue, &dwLen, 0);
if (dwLen < pCryptKey->dwKeyLen) { ... }
memcpy(pCryptKey->abKeyValue, abHashValue, RSAENH_MIN(dwLen, sizeof(pCryptKey->abKeyValue))); break; ... default: SetLastError(NTE_BAD_ALGID); return FALSE; }
setup_key(pCryptKey); return TRUE; } --- snip ---
The culprit: http://source.winehq.org/git/wine.git/blob/bfd2c533beef454a61b24f92790f91099...
--- snip --- 3966 memcpy(pCryptKey->abKeyValue, abHashValue, 3967 RSAENH_MIN(pCryptKey->dwKeyLen, sizeof(pCryptKey->abKeyValue))); --- snip ---
IMHO "pCryptKey->dwKeyLen" should be "dwLen"
With that part fixed all files get properly decrypted and the client/launcher actually starts.
Although it seems this game version is abandoned (domain/website for sale) it still proves to be a useful test case for Wine ;-)
$ sha1sum ArchlordEpisode3.exe 52b81c9148536c504fe3d697ddf808d80b2e76ed ArchlordEpisode3.exe
$ du -sh ArchlordEpisode3.exe 1.5G ArchlordEpisode3.exe
$ wine --version wine-1.7.6-109-g917d303
Regards
http://bugs.winehq.org/show_bug.cgi?id=16365
--- Comment #15 from Anastasius Focht focht@gmx.net 2013-11-10 07:13:38 CST --- Created attachment 46494 --> http://bugs.winehq.org/attachment.cgi?id=46494 C application to decrypt game files
Hello folks,
attached is a small C application I wrote which resembles the game code for decrypting files. Can be used for testing or other purposes ;-)
compile: $ winegcc -m32 -o decrypt decrypt.c
test/run: $ ./decrypt.exe ini/sysstr.txt ini/decrypted_sysstr.txt
Regards
http://bugs.winehq.org/show_bug.cgi?id=16365
--- Comment #16 from Dmitry Timoshkov dmitry@baikal.ru 2013-11-12 20:49:57 CST --- (In reply to comment #15)
attached is a small C application I wrote which resembles the game code for decrypting files. Can be used for testing or other purposes ;-)
There is a small bug in your test app:
if (!CryptDeriveKey(cprov, CALG_RC4, chash, strlen(passwd), &ckey)) return FALSE;
The 4th parameter of CryptDeriveKey is flags, not the length of some kind. Probably it should be CRYPT_CREATE_SALT (0x0004) if strlen("1111") works by a pure luck :)
http://bugs.winehq.org/show_bug.cgi?id=16365
Anastasius Focht focht@gmx.net changed:
What |Removed |Added ---------------------------------------------------------------------------- Attachment #46494|0 |1 is obsolete| |
--- Comment #17 from Anastasius Focht focht@gmx.net 2013-11-13 02:42:00 CST --- Created attachment 46509 --> http://bugs.winehq.org/attachment.cgi?id=46509 C application to decrypt game files
Hello Dmitry,
--- quote --- The 4th parameter of CryptDeriveKey is flags, not the length of some kind. Probably it should be CRYPT_CREATE_SALT (0x0004) if strlen("1111") works by a pure luck :) --- quote ---
sure ... that happens when copy/paste relay trace log snippets into a text file and transforming into C code :) Like: "(..., 00000004, ...) hmm, let's see ... (looks at previous call) ... that might be the string length of passwd (skips MSDN lookup) ..." and then things sneak in :)
Attached a new version with minor correction, thanks.
Regards
http://bugs.winehq.org/show_bug.cgi?id=16365
Dmitry Timoshkov dmitry@baikal.ru changed:
What |Removed |Added ---------------------------------------------------------------------------- Attachment #46509|text/x-csrc |text/plain mime type| |
http://bugs.winehq.org/show_bug.cgi?id=16365
Jerome Leclanche adys.wh@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Keywords| |testcase
http://bugs.winehq.org/show_bug.cgi?id=16365
Bruno Jesus 00cpxxx@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |00cpxxx@gmail.com
--- Comment #18 from Bruno Jesus 00cpxxx@gmail.com --- Created attachment 49115 --> http://bugs.winehq.org/attachment.cgi?id=49115 test attempt
Anastasius, I'm not able to prove your theory, can you help me see what I'm doing wrong? The attached patch works in git and it should not I think.
http://bugs.winehq.org/show_bug.cgi?id=16365
Dmitry Timoshkov dmitry@baikal.ru changed:
What |Removed |Added ---------------------------------------------------------------------------- URL|http://www.gamefront.com/fi |http://www.gamefront.com/fi |les/13750760/ |les/13750760/
--- Comment #19 from Dmitry Timoshkov dmitry@baikal.ru --- (In reply to Bruno Jesus from comment #18)
Anastasius, I'm not able to prove your theory, can you help me see what I'm doing wrong? The attached patch works in git and it should not I think.
Hi Bruno,
I had a look at this and it appears that the problem is in the used provider: once I start to use MS_DEF_PROV_A in the rc4 test instead of used by default MS_ENHANCED_PROV_A the test starts to fail for me under Wine, while it still works under Windows. This should be easily fixable.
http://bugs.winehq.org/show_bug.cgi?id=16365
--- Comment #20 from Bruno Jesus 00cpxxx@gmail.com --- (In reply to Dmitry Timoshkov from comment #19)
I had a look at this and it appears that the problem is in the used provider: once I start to use MS_DEF_PROV_A in the rc4 test instead of used by default MS_ENHANCED_PROV_A the test starts to fail for me under Wine, while it still works under Windows. This should be easily fixable.
Hi, Dmitry. Thanks for taking a look at this. Unfortunately that change does not make it fail for me, the RC2 tests do started failing, but not the RC4. But I think the problem in the RC2 is the same from RC4. See my patch: http://source.winehq.org/patches/data/105794
http://bugs.winehq.org/show_bug.cgi?id=16365
--- Comment #21 from Bruno Jesus 00cpxxx@gmail.com --- I can't find any easy way to fix this bug. The proposed change from AF breaks dozens of tests.
http://bugs.winehq.org/show_bug.cgi?id=16365
--- Comment #22 from Bruno Jesus 00cpxxx@gmail.com --- Created attachment 49188 --> http://bugs.winehq.org/attachment.cgi?id=49188 Ensure salt length is used in key value composition
With Dmitry help I could find a way to fix this. I have some other patches pending, I'll submit this after if there is no objection.
http://bugs.winehq.org/show_bug.cgi?id=16365
Bruno Jesus 00cpxxx@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Assignee|wine-bugs@winehq.org |00cpxxx@gmail.com
--- Comment #23 from Bruno Jesus 00cpxxx@gmail.com --- I found some other differences between the base, strong and enhanced provider. The patch from my previous comment is not fully correct, it will take some more time to fix this properly.
http://bugs.winehq.org/show_bug.cgi?id=16365
Bruno Jesus 00cpxxx@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Fixed by SHA1| |d7aae7d728a03780c3a741e3d0c | |5bbc82b390e15 Status|NEW |RESOLVED Resolution|--- |FIXED
--- Comment #24 from Bruno Jesus 00cpxxx@gmail.com --- I believe this is fixed by http://source.winehq.org/git/wine.git/commitdiff/d7aae7d728a03780c3a741e3d0c...
http://bugs.winehq.org/show_bug.cgi?id=16365
--- Comment #25 from Anastasius Focht focht@gmx.net --- Hello folks,
indeed fixed, thanks Bruno.
The content of the files is now properly decrypted:
--- snip --- $ WINEDEBUG=+tid,+seh,+relay wine ./alefclient.exe >>log.txt 2>&1 ... 0029:Call KERNEL32.CreateFileA(007ee634 "ini\sysstr.txt",80000000,00000000,00000000,00000003,00000080,00000000) ret=004ea20d 0029:Ret KERNEL32.CreateFileA() retval=000000b4 ret=004ea20d 0029:Call KERNEL32.CreateFileMappingA(000000b4,00000000,00000002,00000000,00000000,00000000) ret=004ea225 0029:Ret KERNEL32.CreateFileMappingA() retval=000000b8 ret=004ea225 0029:Call KERNEL32.MapViewOfFile(000000b8,00000004,00000000,00000000,00000000) ret=004ea248 0029:Ret KERNEL32.MapViewOfFile() retval=05d90000 ret=004ea248 ... 0029:Call advapi32.CryptSetProviderA(008038cc "Microsoft Base Cryptographic Provider v1.0",00000001) ret=004e9781 0029:Ret advapi32.CryptSetProviderA() retval=00000000 ret=004e9781 0029:Call advapi32.CryptAcquireContextA(0033f294,00000000,008038cc "Microsoft Base Cryptographic Provider v1.0",00000001,f0000000) ret=004e9796 ... 0029:Ret advapi32.CryptAcquireContextA() retval=00000001 ret=004e9796 0029:Call advapi32.CryptCreateHash(019bcef8,00008003,00000000,00000000,0033f278) ret=004e98cd ... 0029:Ret advapi32.CryptCreateHash() retval=00000001 ret=004e98cd 0029:Call advapi32.CryptHashData(019bcda8,00802d18,00000004,00000000) ret=004e98fe ... 0029:Ret advapi32.CryptHashData() retval=00000001 ret=004e98fe 0029:Call advapi32.CryptDeriveKey(019bcef8,00006801,019bcda8,00000004,0033f27c) ret=004e991d ... 0029:Ret advapi32.CryptDeriveKey() retval=00000001 ret=004e991d ... 0029:Call advapi32.CryptDecrypt(019bcdc0,00000000,00000000,00000000,056dac18,0033f28c) ret=004e994f 0029:Call rsaenh.CPDecrypt(00000002,00000003,00000000,00000000,00000000,056dac18,0033f28c) ret=7e9783e7 0029:Ret rsaenh.CPDecrypt() retval=00000001 ret=7e9783e7 0029:Ret advapi32.CryptDecrypt() retval=00000001 ret=004e994f ... 0029:Call ntdll.strcspn(056dec40 "0=Option",00802f9c "=") ret=004e1c5c 0029:Ret ntdll.strcspn() retval=00000001 ret=004e1c5c ... 0029:Call ntdll.strcspn(056dec40 "1=Material",00802f9c "=") ret=004e1c5c 0029:Ret ntdll.strcspn() retval=00000001 ret=004e1c5c ... --- snip ---
Regards
https://bugs.winehq.org/show_bug.cgi?id=16365
Alexandre Julliard julliard@winehq.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED
--- Comment #26 from Alexandre Julliard julliard@winehq.org --- Closing bugs fixed in 1.7.24.
-
wine-bugs@winehq.org