advapi: removed incomplete signature checking code
Michael Jung
mjung at iss.tu-darmstadt.de
Tue Mar 29 13:34:57 CST 2005
Since I didn't get any feedback on this one, I'm forwarding it to
wine-patches.
> Microsoft signs it's cryptographic service provider (csp) dlls with a
> private key. advapi32 will only load csp dlls with a valid signature. We
> will never be able to implement this, since this would mean having access to
> Microsoft's private keys. Above this, Microsofts scheme doesn't give real
> security, since there are instructions on the web to replace advapi32's
> _NSAKEY with an arbitrary private key (this is if you have write access to
> advapi32.dll), allowing you to load a csp signed by yourself.
>
> I would like to remove the (stubbed) signature checking code from advapi32.
> This would clean up advapi32 somewhat and remove a FIXME message, which
> bothers me for some time and which confused wine users in at least two
> occurences.
Changelog:
Removed the incomplete signature checking code from advapi32.
--
Michael Jung
mjung at iss.tu-darmstadt.de
-------------- next part --------------
A non-text attachment was scrubbed...
Name: dlls_advapi32_crypt_c.diff
Type: text/x-diff
Size: 2529 bytes
Desc: not available
Url : http://www.winehq.org/pipermail/wine-patches/attachments/20050329/5f4bf554/dlls_advapi32_crypt_c.bin
More information about the wine-patches
mailing list