https://bugs.winehq.org/show_bug.cgi?id=49543
Bug ID: 49543 Summary: Several games require bcrypt DH support Product: Wine Version: 5.12 Hardware: x86 OS: Linux Status: UNCONFIRMED Severity: normal Priority: P2 Component: bcrypt Assignee: wine-bugs@winehq.org Reporter: bshanks@codeweavers.com Distribution: ---
There are a few games that need DH support in bcrypt.
- The Rockstar Games Launcher, GTA V, and RDR 2 all open DH and generate+export a public key. With DH unimplemented, the only effect I know of is that RDR 2's online mode fails to load. - Astroneer dedicated server (see https://www.reddit.com/r/wine_gaming/comments/gvaa9a/bcryptopenalgorithmprov...).
From a disassembler, it looks like the server imports/exports public/private
keys, and uses BCryptDeriveKey() with the "HASH" KDF and SHA256.
Microsoft has sample code which tests (some of) the functionality: https://github.com/microsoft/Windows-classic-samples/blob/master/Samples/Sec...
Unfortunately GnuTLS doesn't currently export the needed functionality. There's an issue open: https://gitlab.com/gnutls/gnutls/-/issues/894
https://bugs.winehq.org/show_bug.cgi?id=49543
Anya animegirl@stronzi.org changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |animegirl@stronzi.org
https://bugs.winehq.org/show_bug.cgi?id=49543
zalaare@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |zalaare@gmail.com
https://bugs.winehq.org/show_bug.cgi?id=49543
mo78@abv.bg changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |mo78@abv.bg
https://bugs.winehq.org/show_bug.cgi?id=49543
russianneuromancer@ya.ru changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |russianneuromancer@ya.ru
https://bugs.winehq.org/show_bug.cgi?id=49543
henryclose@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |henryclose@gmail.com
https://bugs.winehq.org/show_bug.cgi?id=49543
Zebediah Figura z.figura12@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |dev@mtbk.me
--- Comment #1 from Zebediah Figura z.figura12@gmail.com --- *** Bug 51445 has been marked as a duplicate of this bug. ***
https://bugs.winehq.org/show_bug.cgi?id=49543
joejoetv@netc.eu changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |joejoetv@netc.eu
https://bugs.winehq.org/show_bug.cgi?id=49543
muetakappaepsilon@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |muetakappaepsilon@gmail.com
--- Comment #2 from muetakappaepsilon@gmail.com --- It *appears* that gnutls now supports DH, any update on incorporating this in wine?
https://bugs.winehq.org/show_bug.cgi?id=49543
Zeb Figura z.figura12@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |z.figura12@gmail.com
--- Comment #3 from Zeb Figura z.figura12@gmail.com --- (In reply to muetakappaepsilon from comment #2)
It *appears* that gnutls now supports DH, any update on incorporating this in wine?
Does it? The linked bug report is still open and hasn't been touched since July 2020.
https://bugs.winehq.org/show_bug.cgi?id=49543
Olivier F. R. Dierick o.dierick@piezo-forte.be changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |o.dierick@piezo-forte.be
--- Comment #4 from Olivier F. R. Dierick o.dierick@piezo-forte.be --- Created attachment 72356 --> https://bugs.winehq.org/attachment.cgi?id=72356 1/3 include: Add DH-related bcrypt constants
https://bugs.winehq.org/show_bug.cgi?id=49543
--- Comment #5 from Olivier F. R. Dierick o.dierick@piezo-forte.be --- Created attachment 72357 --> https://bugs.winehq.org/attachment.cgi?id=72357 2/3 bcrypt: Implement DH algorithm using libgmp
https://bugs.winehq.org/show_bug.cgi?id=49543
--- Comment #6 from Olivier F. R. Dierick o.dierick@piezo-forte.be --- Created attachment 72358 --> https://bugs.winehq.org/attachment.cgi?id=72358 3/3 bcrypt/tests: Test DH algorithm
Hello,
Here is a DH implementation from Proton (Glorious Eggroll) with tests based on the reference from comment 0.
All the tests pass for me (except for BCryptDeriveKey which I had to mark 'todo_wine' because the function is only a stub.)
Regards.
https://bugs.winehq.org/show_bug.cgi?id=49543
Ker noa blue-t@web.de changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |blue-t@web.de
https://bugs.winehq.org/show_bug.cgi?id=49543
wobak@wobak.fr changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |wobak@wobak.fr
--- Comment #7 from wobak@wobak.fr --- Hello,
Not sure I understand, but does that mean if I build wine from source with these patches beforehand, bcrypt DH should be supported OK?
https://bugs.winehq.org/show_bug.cgi?id=49543
--- Comment #8 from Olivier F. R. Dierick o.dierick@piezo-forte.be --- (In reply to Wobak from comment #7)
Hello,
Not sure I understand, but does that mean if I build wine from source with these patches beforehand, bcrypt DH should be supported OK?
Hello,
It should, but the patches may need to be rebased for the newest Wine version. That is: There are minor corrections to do because some other ciphers were added since my last attachment, but it should be straightforward (I have updated patches, if needed).
It also depends on libgmp (libgmp:amd64 and/or :i386 for execution; libgmp-dev for compilation).
Regards.
https://bugs.winehq.org/show_bug.cgi?id=49543
--- Comment #9 from Wobak wobak@wobak.fr --- Could you attach the updated patches to this bug?
As I'm not 100% familiar with compiling wine (and still fighting it tbh), if I can avoid a struggle of rebasing the patches, I'd highly appreciate it :)
Thanks !
https://bugs.winehq.org/show_bug.cgi?id=49543
Olivier F. R. Dierick o.dierick@piezo-forte.be changed:
What |Removed |Added ---------------------------------------------------------------------------- Attachment #72356|0 |1 is obsolete| |
--- Comment #10 from Olivier F. R. Dierick o.dierick@piezo-forte.be --- Created attachment 73060 --> https://bugs.winehq.org/attachment.cgi?id=73060 1/3 include: Add DH-related bcrypt constants
https://bugs.winehq.org/show_bug.cgi?id=49543
Olivier F. R. Dierick o.dierick@piezo-forte.be changed:
What |Removed |Added ---------------------------------------------------------------------------- Attachment #72357|0 |1 is obsolete| |
--- Comment #11 from Olivier F. R. Dierick o.dierick@piezo-forte.be --- Created attachment 73061 --> https://bugs.winehq.org/attachment.cgi?id=73061 2/3 bcrypt: Implement DH algorithm using libgmp
https://bugs.winehq.org/show_bug.cgi?id=49543
Olivier F. R. Dierick o.dierick@piezo-forte.be changed:
What |Removed |Added ---------------------------------------------------------------------------- Attachment #72358|0 |1 is obsolete| |
--- Comment #12 from Olivier F. R. Dierick o.dierick@piezo-forte.be --- Created attachment 73062 --> https://bugs.winehq.org/attachment.cgi?id=73062 3/3 bcrypt/tests: Test DH algorithm
Hello,
Here is a rebased patchset for Wine 7.16 & 7.17.
Apply each from the root of the building directory, with 'git am --3way file.patch' if compiling from git, or 'patch -p1 < file.patch' if compiling from tar source.
Regards.
https://bugs.winehq.org/show_bug.cgi?id=49543
--- Comment #13 from muetakappaepsilon@gmail.com --- Any update on getting this into the trunk of wine?
https://bugs.winehq.org/show_bug.cgi?id=49543
--- Comment #14 from Hans Leidekker hans@meelstraat.net --- (In reply to muetakappaepsilon from comment #13)
Any update on getting this into the trunk of wine?
We would like to avoid adding another library dependency. Someone tried to add ECDH support to GnuTLS a while ago (which could be generalized to handle both DH and ECDH) but it seems the effort has stalled:
https://gitlab.com/gnutls/gnutls/-/merge_requests/1395
https://bugs.winehq.org/show_bug.cgi?id=49543
winehq@id.davy.tw winehq@id.davy.tw changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |winehq@id.davy.tw
--- Comment #15 from winehq@id.davy.tw winehq@id.davy.tw --- (In reply to Hans Leidekker from comment #14)
(In reply to muetakappaepsilon from comment #13)
Any update on getting this into the trunk of wine?
We would like to avoid adding another library dependency. Someone tried to add ECDH support to GnuTLS a while ago (which could be generalized to handle both DH and ECDH) but it seems the effort has stalled:
It seems implemented in GnuTLS 3.8.2 recently?
https://gitlab.com/gnutls/gnutls/-/merge_requests/1773 https://gitlab.com/gnutls/gnutls/-/blob/3.8.2/NEWS?ref_type=tags#L13
https://bugs.winehq.org/show_bug.cgi?id=49543
soredake broaden_acid002@simplelogin.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC|broaden_acid002@simplelogin | |.com |
https://bugs.winehq.org/show_bug.cgi?id=49543
--- Comment #16 from Hans Leidekker hans@meelstraat.net --- (In reply to Davy from comment #15)
(In reply to Hans Leidekker from comment #14)
(In reply to muetakappaepsilon from comment #13)
Any update on getting this into the trunk of wine?
We would like to avoid adding another library dependency. Someone tried to add ECDH support to GnuTLS a while ago (which could be generalized to handle both DH and ECDH) but it seems the effort has stalled:
It seems implemented in GnuTLS 3.8.2 recently?
https://gitlab.com/gnutls/gnutls/-/merge_requests/1773 https://gitlab.com/gnutls/gnutls/-/blob/3.8.2/NEWS?ref_type=tags#L13
Yes, it looks promising. We probably need some extra changes to handle importing/exporting DH keys.
https://bugs.winehq.org/show_bug.cgi?id=49543
Hans Leidekker hans@meelstraat.net changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|UNCONFIRMED |RESOLVED Resolution|--- |FIXED Fixed by SHA1| |be9f66c62bc6f168e3fb4168239 | |1b0b37c999047
--- Comment #17 from Hans Leidekker hans@meelstraat.net --- DH is supported starting from be9f66c62bc6f168e3fb41682391b0b37c999047. Note that this needs GnuTLS 3.8.2.
https://bugs.winehq.org/show_bug.cgi?id=49543
Alexandre Julliard julliard@winehq.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED
--- Comment #18 from Alexandre Julliard julliard@winehq.org --- Closing bugs fixed in 9.0-rc1.
https://bugs.winehq.org/show_bug.cgi?id=49543
russianneuromancer@ya.ru changed:
What |Removed |Added ---------------------------------------------------------------------------- CC|russianneuromancer@ya.ru |
https://bugs.winehq.org/show_bug.cgi?id=49543
Wiley A Wiley.albright@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |Wiley.albright@gmail.com
--- Comment #19 from Wiley A Wiley.albright@gmail.com --- For Astroneer this issue is still present in Proton 9.0-3 > Wine Mono to 9.2.0. You're unable to connect to dedicated servers running encryption for crossplay with Windows, Xbox and Playstation consoles.
Testing was done using a Steam Deck.
https://bugs.winehq.org/show_bug.cgi?id=49543
--- Comment #20 from Hans Leidekker hans@meelstraat.net --- (In reply to Wiley A from comment #19)
For Astroneer this issue is still present in Proton 9.0-3 > Wine Mono to 9.2.0. You're unable to connect to dedicated servers running encryption for crossplay with Windows, Xbox and Playstation consoles.
Testing was done using a Steam Deck.
The version of GnuTLS on Steam Deck is too old.
https://bugs.winehq.org/show_bug.cgi?id=49543
--- Comment #21 from joejoetv@joejoetv.de --- Some context from me:
- This issue is happening with the dedicated server and the game client - With the current wine-staging version 9.22 and GnuTLS 3.8.3 on Ubuntu 24.04, the application starts, but once a player tries to join, the error `0170:fixme:bcrypt:BCryptExportKey encryption of key not yet supported` appears in the output log - This was tested with the server running using WINE and the client on a native platform (Windows)
https://bugs.winehq.org/show_bug.cgi?id=49543
--- Comment #22 from Hans Leidekker hans@meelstraat.net --- (In reply to joejoetv from comment #21)
`0170:fixme:bcrypt:BCryptExportKey encryption of key not yet supported`
That's a separate bug, can you open a bug report for it? This bug is closed.
https://bugs.winehq.org/show_bug.cgi?id=49543
--- Comment #23 from joejoetv@joejoetv.de --- (In reply to Hans Leidekker from comment #22)
(In reply to joejoetv from comment #21)
`0170:fixme:bcrypt:BCryptExportKey encryption of key not yet supported`
That's a separate bug, can you open a bug report for it? This bug is closed.
Ok, I have filed this here as a separate bug report: https://bugs.winehq.org/show_bug.cgi?id=57492
If it needs more information, please tell me.