Author: tkreuzer Date: Wed Jan 22 23:41:04 2014 New Revision: 61759

URL: http://svn.reactos.org/svn/reactos?rev=61759&view=rev Log: [KSECDD] Implement IRP_MJ_DEVICE_CONTROL, handle ioctl 0x390004, used by MS advapi32 to generate random numbers. Even though it is not very crypto-safe, for now we just use RtlRandomEx, "improved" by xoring the seed with some data from KeTickCount (no idea whether that does any good)

Added: trunk/reactos/drivers/crypto/ksecdd/random.c (with props) Modified: trunk/reactos/drivers/crypto/ksecdd/CMakeLists.txt trunk/reactos/drivers/crypto/ksecdd/dispatch.c trunk/reactos/drivers/crypto/ksecdd/ksecdd.c trunk/reactos/drivers/crypto/ksecdd/ksecdd.h

Modified: trunk/reactos/drivers/crypto/ksecdd/CMakeLists.txt URL: http://svn.reactos.org/svn/reactos/trunk/reactos/drivers/crypto/ksecdd/CMake... ============================================================================== --- trunk/reactos/drivers/crypto/ksecdd/CMakeLists.txt [iso-8859-1] (original) +++ trunk/reactos/drivers/crypto/ksecdd/CMakeLists.txt [iso-8859-1] Wed Jan 22 23:41:04 2014 @@ -4,6 +4,7 @@ list(APPEND SOURCE ksecdd.c dispatch.c + random.c stubs.c ksecdd.rc)

Modified: trunk/reactos/drivers/crypto/ksecdd/dispatch.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/drivers/crypto/ksecdd/dispa... ============================================================================== --- trunk/reactos/drivers/crypto/ksecdd/dispatch.c [iso-8859-1] (original) +++ trunk/reactos/drivers/crypto/ksecdd/dispatch.c [iso-8859-1] Wed Jan 22 23:41:04 2014 @@ -81,6 +81,35 @@ return STATUS_SUCCESS; }

+static +NTSTATUS +KsecDeviceControl( + ULONG IoControlCode, + PVOID Buffer, + SIZE_T InputLength, + PSIZE_T OutputLength) +{ + NTSTATUS Status; + + Status = STATUS_SUCCESS; + + /* Check ioctl code */ + switch (IoControlCode) + { + case IOCTL_KSEC_GEN_RANDOM: + + Status = KsecGenRandom(Buffer, *OutputLength); + break; + + default: + DPRINT1("Unhandled control code 0x%lx\n", IoControlCode); + __debugbreak(); + return STATUS_INVALID_PARAMETER; + } + + return Status; +} + NTSTATUS NTAPI KsecDdDispatch( @@ -91,9 +120,10 @@ ULONG_PTR Information; NTSTATUS Status; PVOID Buffer; - SIZE_T OutputLength; + SIZE_T InputLength, OutputLength; FILE_INFORMATION_CLASS FileInfoClass; FS_INFORMATION_CLASS FsInfoClass; + ULONG IoControlCode;

IoStackLocation = IoGetCurrentIrpStackLocation(Irp);

@@ -149,6 +179,22 @@ Information = OutputLength; break;

+ case IRP_MJ_DEVICE_CONTROL: + + /* Extract the parameters */ + Buffer = Irp->AssociatedIrp.SystemBuffer; + InputLength = IoStackLocation->Parameters.DeviceIoControl.InputBufferLength; + OutputLength = IoStackLocation->Parameters.DeviceIoControl.OutputBufferLength; + IoControlCode = IoStackLocation->Parameters.DeviceIoControl.IoControlCode; + + /* Call the internal function */ + Status = KsecDeviceControl(IoControlCode, + Buffer, + InputLength, + &OutputLength); + Information = OutputLength; + break; + default: DPRINT1("Unhandled major function %lu!\n", IoStackLocation->MajorFunction);

Modified: trunk/reactos/drivers/crypto/ksecdd/ksecdd.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/drivers/crypto/ksecdd/ksecd... ============================================================================== --- trunk/reactos/drivers/crypto/ksecdd/ksecdd.c [iso-8859-1] (original) +++ trunk/reactos/drivers/crypto/ksecdd/ksecdd.c [iso-8859-1] Wed Jan 22 23:41:04 2014 @@ -50,6 +50,7 @@ DriverObject->MajorFunction[IRP_MJ_WRITE] = KsecDdDispatch; DriverObject->MajorFunction[IRP_MJ_QUERY_INFORMATION] = KsecDdDispatch; DriverObject->MajorFunction[IRP_MJ_QUERY_VOLUME_INFORMATION] = KsecDdDispatch; + DriverObject->MajorFunction[IRP_MJ_DEVICE_CONTROL] = KsecDdDispatch;

return STATUS_SUCCESS; }

Modified: trunk/reactos/drivers/crypto/ksecdd/ksecdd.h URL: http://svn.reactos.org/svn/reactos/trunk/reactos/drivers/crypto/ksecdd/ksecd... ============================================================================== --- trunk/reactos/drivers/crypto/ksecdd/ksecdd.h [iso-8859-1] (original) +++ trunk/reactos/drivers/crypto/ksecdd/ksecdd.h [iso-8859-1] Wed Jan 22 23:41:04 2014 @@ -9,6 +9,10 @@ #define _NO_KSECDD_IMPORT_ #include <ntifs.h>

+// 0x390004 +#define IOCTL_KSEC_GEN_RANDOM \ + CTL_CODE(FILE_DEVICE_KSEC, 0x01, METHOD_BUFFERED, FILE_ANY_ACCESS) + NTSTATUS NTAPI KsecDdDispatch( @@ -16,3 +20,9 @@ PIRP Irp);

+NTSTATUS +NTAPI +KsecGenRandom( + PVOID Buffer, + SIZE_T Length); +

Added: trunk/reactos/drivers/crypto/ksecdd/random.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/drivers/crypto/ksecdd/rando... ============================================================================== --- trunk/reactos/drivers/crypto/ksecdd/random.c (added) +++ trunk/reactos/drivers/crypto/ksecdd/random.c [iso-8859-1] Wed Jan 22 23:41:04 2014 @@ -0,0 +1,50 @@ +/* + * COPYRIGHT: See COPYING in the top level directory + * PROJECT: ReactOS Drivers + * PURPOSE: Kernel Security Support Provider Interface Driver + * + * PROGRAMMERS: Timo Kreuzer (timo.kreuzer@reactos.org) + */ + +/* INCLUDES *******************************************************************/ + +#include "ksecdd.h" + +#define NDEBUG +#include <debug.h> + + +/* GLOBALS ********************************************************************/ + +static ULONG KsecRandomSeed = 0x62b409a1; + + +/* FUNCTIONS ******************************************************************/ + +NTSTATUS +NTAPI +KsecGenRandom( + PVOID Buffer, + SIZE_T Length) +{ + ULONG i, RandomValue; + PULONG P; + + /* Try to generate a more random seed */ + KsecRandomSeed ^= _rotl(KeTickCount.LowPart, (KsecRandomSeed % 23)); + + P = Buffer; + for (i = 0; i < Length / sizeof(ULONG); i++) + { + P[i] = RtlRandomEx(&KsecRandomSeed); + } + + Length &= (sizeof(ULONG) - 1); + if (Length > 0) + { + RandomValue = RtlRandomEx(&KsecRandomSeed); + RtlCopyMemory(&P[i], &RandomValue, Length); + } + + return STATUS_SUCCESS; +}

Propchange: trunk/reactos/drivers/crypto/ksecdd/random.c ------------------------------------------------------------------------------ svn:eol-style = native