FreeRDP/winpr/libwinpr/crypto/test/TestCryptoProtectMemory.c


#include <winpr/crt.h>
#include <winpr/print.h>
#include <winpr/crypto.h>
#include <winpr/ssl.h>
#include <winpr/wlog.h>

static const char* SECRET_PASSWORD_TEST = "MySecretPassword123!";

int TestCryptoProtectMemory(int argc, char* argv[])
{
	UINT32 cbPlainText;
	UINT32 cbCipherText;
	const char* pPlainText;
	BYTE* pCipherText;

	WINPR_UNUSED(argc);
	WINPR_UNUSED(argv);

	pPlainText = SECRET_PASSWORD_TEST;
	cbPlainText = strlen(pPlainText) + 1;
	cbCipherText = cbPlainText +
	               (CRYPTPROTECTMEMORY_BLOCK_SIZE - (cbPlainText % CRYPTPROTECTMEMORY_BLOCK_SIZE));
	printf("cbPlainText: %" PRIu32 " cbCipherText: %" PRIu32 "\n", cbPlainText, cbCipherText);
	pCipherText = (BYTE*)malloc(cbCipherText);
	if (!pCipherText)
	{
		printf("Unable to allocate memory\n");
		return -1;
	}
	CopyMemory(pCipherText, pPlainText, cbPlainText);
	ZeroMemory(&pCipherText[cbPlainText], (cbCipherText - cbPlainText));
	winpr_InitializeSSL(WINPR_SSL_INIT_DEFAULT);

	if (!CryptProtectMemory(pCipherText, cbCipherText, CRYPTPROTECTMEMORY_SAME_PROCESS))
	{
		printf("CryptProtectMemory failure\n");
		return -1;
	}

	printf("PlainText: %s (cbPlainText = %" PRIu32 ", cbCipherText = %" PRIu32 ")\n", pPlainText,
	       cbPlainText, cbCipherText);
	winpr_HexDump("crypto.test", WLOG_DEBUG, pCipherText, cbCipherText);

	if (!CryptUnprotectMemory(pCipherText, cbCipherText, CRYPTPROTECTMEMORY_SAME_PROCESS))
	{
		printf("CryptUnprotectMemory failure\n");
		return -1;
	}

	printf("Decrypted CipherText: %s\n", pCipherText);
	SecureZeroMemory(pCipherText, cbCipherText);
	free(pCipherText);
	return 0;
}
libwinpr-crypto: implement CryptProtectMemory/CryptUnprotectMemory 2014-02-01 20:52:04 +04:00
			`#include <winpr/crt.h>`
			`#include <winpr/print.h>`
			`#include <winpr/crypto.h>`
Winpr/openssl: Fix digests initialization in multi-thread SSL functions like OpenSSL_add_all_digests should be invoked at very beginning as they are not MT safe. If not we might meet double free exception as following: #0 0x00007f23ddd71c37 in raise () from /lib/x86_64-linux-gnu/libc.so.6 #1 0x00007f23ddd75028 in abort () from /lib/x86_64-linux-gnu/libc.so.6 #2 0x00007f23dddae2a4 in ?? () from /lib/x86_64-linux-gnu/libc.so.6 #3 0x00007f23dddba55e in ?? () from /lib/x86_64-linux-gnu/libc.so.6 #4 0x00007f23dc6ecfcd in CRYPTO_free () from /lib/x86_64-linux-gnu/libcrypto.so.1.0.0 #5 0x00007f23dc6ef8d1 in OBJ_NAME_add () from /lib/x86_64-linux-gnu/libcrypto.so.1.0.0 #6 0x00007f23dc77dcd8 in EVP_add_digest () from /lib/x86_64-linux-gnu/libcrypto.so.1.0.0 #7 0x00007f23dc782321 in OpenSSL_add_all_digests () from /lib/x86_64-linux-gnu/libcrypto.so.1.0.0 #8 0x00007f23c781da28 in winpr_openssl_get_evp_md (md=4) at /home/zihao/workspace/zihao_FreeRDP/winpr/libwinpr/crypto/hash.c:52 #9 0x00007f23c781dccb in winpr_Digest_Init (ctx=0x7f22d064d470, md=<optimized out>) at /home/zihao/workspace/zihao_FreeRDP/winpr/libwinpr/crypto/hash.c:344 #10 0x00007f23d486139b in security_salted_mac_signature (rdp=0x7f23859f5a20, data=0x7f238542d4fb "\004\204\022\004", length=4743, encryption=<optimized out>, output=0x7 at /home/zihao/workspace/zihao_FreeRDP/libfreerdp/core/security.c:378 #11 0x00007f23d488d73f in fastpath_send_update_pdu (fastpath=<optimized out>, updateCode=4 '\004', s=0x7f23859f5f40, skipCompression=true) at /home/zihao/workspace/zihao_FreeRDP/libfreerdp/core/fastpath.c:1076 #12 0x00007f23d4891c4f in update_send_surface_frame_bits (context=0x7f23859f5540, cmd=0x7f22b2ffcc80, first=true, last=true, frameId=6) at /home/zihao/workspace/zihao_FreeRDP/libfreerdp/core/update.c:1041 Related reports: https://rt.openssl.org/Ticket/Display.html?id=2216&user=guest&pass=guest 2016-12-26 17:21:36 +03:00			`#include <winpr/ssl.h>`
Replaced stdio logging with WLog 2014-08-18 19:22:22 +04:00			`#include <winpr/wlog.h>`
libwinpr-crypto: implement CryptProtectMemory/CryptUnprotectMemory 2014-02-01 20:52:04 +04:00
Reformatted changed files. 2014-08-18 21:34:47 +04:00			`static const char* SECRET_PASSWORD_TEST = "MySecretPassword123!";`
libwinpr-crypto: implement CryptProtectMemory/CryptUnprotectMemory 2014-02-01 20:52:04 +04:00
Reformatted changed files. 2014-08-18 21:34:47 +04:00			`int TestCryptoProtectMemory(int argc, char* argv[])`
libwinpr-crypto: implement CryptProtectMemory/CryptUnprotectMemory 2014-02-01 20:52:04 +04:00			`{`
Fixed integer warnings, fixed data types 2021-06-16 19:09:14 +03:00			`UINT32 cbPlainText;`
			`UINT32 cbCipherText;`
Code cleanups (strlen, casts, size_t, ...) 2019-10-29 12:18:09 +03:00			`const char* pPlainText;`
Reformatted changed files. 2014-08-18 21:34:47 +04:00			`BYTE* pCipherText;`
Fixed integer warnings, fixed data types 2021-06-16 19:09:14 +03:00
			`WINPR_UNUSED(argc);`
			`WINPR_UNUSED(argv);`

Code cleanups (strlen, casts, size_t, ...) 2019-10-29 12:18:09 +03:00			`pPlainText = SECRET_PASSWORD_TEST;`
libwinpr-crypto: implement CryptProtectMemory/CryptUnprotectMemory 2014-02-01 20:52:04 +04:00			`cbPlainText = strlen(pPlainText) + 1;`
Reformatted to new style 2019-11-06 17:24:51 +03:00			`cbCipherText = cbPlainText +`
			`(CRYPTPROTECTMEMORY_BLOCK_SIZE - (cbPlainText % CRYPTPROTECTMEMORY_BLOCK_SIZE));`
Fixed integer warnings, fixed data types 2021-06-16 19:09:14 +03:00			`printf("cbPlainText: %" PRIu32 " cbCipherText: %" PRIu32 "\n", cbPlainText, cbCipherText);`
Reformatted to new style 2019-11-06 17:24:51 +03:00			`pCipherText = (BYTE*)malloc(cbCipherText);`
winpr: add checks for *alloc Add missing checks if memory allocation was successful. Also adapt caller(s) when possible. 2015-04-03 17:21:01 +03:00			`if (!pCipherText)`
			`{`
			`printf("Unable to allocate memory\n");`
			`return -1;`
			`}`
libwinpr-crypto: implement CryptProtectMemory/CryptUnprotectMemory 2014-02-01 20:52:04 +04:00			`CopyMemory(pCipherText, pPlainText, cbPlainText);`
			`ZeroMemory(&pCipherText[cbPlainText], (cbCipherText - cbPlainText));`
Winpr/openssl: Fix digests initialization in multi-thread SSL functions like OpenSSL_add_all_digests should be invoked at very beginning as they are not MT safe. If not we might meet double free exception as following: #0 0x00007f23ddd71c37 in raise () from /lib/x86_64-linux-gnu/libc.so.6 #1 0x00007f23ddd75028 in abort () from /lib/x86_64-linux-gnu/libc.so.6 #2 0x00007f23dddae2a4 in ?? () from /lib/x86_64-linux-gnu/libc.so.6 #3 0x00007f23dddba55e in ?? () from /lib/x86_64-linux-gnu/libc.so.6 #4 0x00007f23dc6ecfcd in CRYPTO_free () from /lib/x86_64-linux-gnu/libcrypto.so.1.0.0 #5 0x00007f23dc6ef8d1 in OBJ_NAME_add () from /lib/x86_64-linux-gnu/libcrypto.so.1.0.0 #6 0x00007f23dc77dcd8 in EVP_add_digest () from /lib/x86_64-linux-gnu/libcrypto.so.1.0.0 #7 0x00007f23dc782321 in OpenSSL_add_all_digests () from /lib/x86_64-linux-gnu/libcrypto.so.1.0.0 #8 0x00007f23c781da28 in winpr_openssl_get_evp_md (md=4) at /home/zihao/workspace/zihao_FreeRDP/winpr/libwinpr/crypto/hash.c:52 #9 0x00007f23c781dccb in winpr_Digest_Init (ctx=0x7f22d064d470, md=<optimized out>) at /home/zihao/workspace/zihao_FreeRDP/winpr/libwinpr/crypto/hash.c:344 #10 0x00007f23d486139b in security_salted_mac_signature (rdp=0x7f23859f5a20, data=0x7f238542d4fb "\004\204\022\004", length=4743, encryption=<optimized out>, output=0x7 at /home/zihao/workspace/zihao_FreeRDP/libfreerdp/core/security.c:378 #11 0x00007f23d488d73f in fastpath_send_update_pdu (fastpath=<optimized out>, updateCode=4 '\004', s=0x7f23859f5f40, skipCompression=true) at /home/zihao/workspace/zihao_FreeRDP/libfreerdp/core/fastpath.c:1076 #12 0x00007f23d4891c4f in update_send_surface_frame_bits (context=0x7f23859f5540, cmd=0x7f22b2ffcc80, first=true, last=true, frameId=6) at /home/zihao/workspace/zihao_FreeRDP/libfreerdp/core/update.c:1041 Related reports: https://rt.openssl.org/Ticket/Display.html?id=2216&user=guest&pass=guest 2016-12-26 17:21:36 +03:00			`winpr_InitializeSSL(WINPR_SSL_INIT_DEFAULT);`
libwinpr-crypto: implement CryptProtectMemory/CryptUnprotectMemory 2014-02-01 20:52:04 +04:00
			`if (!CryptProtectMemory(pCipherText, cbCipherText, CRYPTPROTECTMEMORY_SAME_PROCESS))`
			`{`
			`printf("CryptProtectMemory failure\n");`
			`return -1;`
			`}`

Fixed integer warnings, fixed data types 2021-06-16 19:09:14 +03:00			`printf("PlainText: %s (cbPlainText = %" PRIu32 ", cbCipherText = %" PRIu32 ")\n", pPlainText,`
			`cbPlainText, cbCipherText);`
Replaced stdio logging with WLog 2014-08-18 19:22:22 +04:00			`winpr_HexDump("crypto.test", WLOG_DEBUG, pCipherText, cbCipherText);`
libwinpr-crypto: implement CryptProtectMemory/CryptUnprotectMemory 2014-02-01 20:52:04 +04:00
			`if (!CryptUnprotectMemory(pCipherText, cbCipherText, CRYPTPROTECTMEMORY_SAME_PROCESS))`
			`{`
			`printf("CryptUnprotectMemory failure\n");`
			`return -1;`
			`}`

			`printf("Decrypted CipherText: %s\n", pCipherText);`
			`SecureZeroMemory(pCipherText, cbCipherText);`
			`free(pCipherText);`
			`return 0;`
			`}`