1996-12-24 - Re: [NOT NOISE] Microsoft Crypto Service Provider API
Header Data
From: roy@sendai.scytale.com (Roy M. Silvernail)
To: blake@bcdev.com (Blake Coverett)
Message Hash: 217662f9cc0458ffa26f446209156448957e43334e7001897c818ad682fc35df
Message ID: <961224.113652.8U1.rnr.w165w@sendai.scytale.com>
Reply To: <01BBF127.ACD7C120@bcdev.com>
UTC Datetime: 1996-12-24 20:12:09 UTC
Raw Date: Tue, 24 Dec 1996 12:12:09 -0800 (PST)
Raw message
From: roy@sendai.scytale.com (Roy M. Silvernail)
Date: Tue, 24 Dec 1996 12:12:09 -0800 (PST)
To: blake@bcdev.com (Blake Coverett)
Subject: Re: [NOT NOISE] Microsoft Crypto Service Provider API
In-Reply-To: <01BBF127.ACD7C120@bcdev.com>
Message-ID: <961224.113652.8U1.rnr.w165w@sendai.scytale.com>
MIME-Version: 1.0
Content-Type: text
-----BEGIN PGP SIGNED MESSAGE-----
In list.cypherpunks, blake@bcdev.com writes of the MS CSPAPI and
signatures:
> More interesting would be the OS patch that allows an unsigned
> (or signed by someone other than MS) CSP to be loaded...
Agreed.
> Hmm, logically the patch must be built in and only need to be
> switched on as it would be too annoying to debug a CSP if you
> needed to get it signed every time you built a new version.
Not quite. The API comes with a program SIGN.EXE that will create a
"debugging signature" for your CSP, and a new ADVAPI32.DLL, described as
a "Modified advapi32.dll to load providers that are signed with
sign.exe." So the patch point is a bit more accessable than inside the
kernel. Maybe the "Modified advapi32.dll" should find its way offshore?
> Microsoft's Authenticode system had such a patch at one time
> for just that purpose, and all it required was a registry setting.
Interestingly enough, CSP signatures are held in the registry instead of
the binary, necessitating some install procedure for a given CSP. Not
to start rumors, but NT 4.0 does use threads to watch some registry
entries that control the version (workstation/server). Not much of a
stretch to imagine a thread that tracks (reports?) changes to
HKEY_LOCAL_MACHINE
SOFTWARE
Microsoft
Cryptography
Defaults
Provider
...
- --
Roy M. Silvernail [ ] roy@scytale.com
DNRC Minister Plenipotentiary of All Things Confusing, Software Division
PGP Public Key fingerprint = 31 86 EC B9 DB 76 A7 54 13 0B 6A 6B CC 09 18 B6
Key available from pubkey@scytale.com
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQCVAwUBMsAbhhvikii9febJAQEQwAQAuasIE2nEXiLlukBTRWoOFgdJa4jZh/MF
Ql0OxvKXbpKzFodE+O56An7ulH/tkfmXUd9E6xVtO6Z/AcrqN284ZPJmcbsR5cYB
KBhcHAc4JbFlUxpSu8iTM5B4seMwQrl9PmxN43q7GDq07NSbKZYkQ7ljwcTnULoQ
9I5gjyirmTc=
=J0eC
-----END PGP SIGNATURE-----
Thread
Return to December 1996
- Return to “Blake Coverett <blake@bcdev.com>”
Return to “roy@sendai.scytale.com (Roy M. Silvernail)”
- 1996-12-24 (Mon, 23 Dec 1996 20:19:13 -0800 (PST)) - RE: [NOT NOISE] Microsoft Crypto Service Provider API - Blake Coverett <blake@bcdev.com>
- 1996-12-24 (Tue, 24 Dec 1996 12:12:09 -0800 (PST)) - Re: [NOT NOISE] Microsoft Crypto Service Provider API - roy@sendai.scytale.com (Roy M. Silvernail)