As we all know ms signe crypto api providers dll's in XP to prevent users to make modifictions. Idea is simple - calculate MD5 on dll and then crypt it with
privet RSA key. Public key is in advapi32.dll. If we want to use protected provider dll the advapi32 check if the caluclated MD5 is the same with this crypted by private RSA key. If not then provider dll is not loaded. RSA 1024 is used for protection. So it is really impossble to break this protection. I do not want to talk about simple cracking procedures in advapi32 now.

But if we generate our own private RSA key and put its public key in advapi32then we can signe all dll's using our privet key. We do not have to break RSA used by ms - we can simply chang it for ours.
At first moment we can think that we have to sign again all dll's that are signed by ms. We can do this but we do not have to. There are two RSA keys in advapi32 and only one is used by ms the second one is not used ( N_S_A key ). So if they provided this for us - why not use it ?

This was about XP but in new systems we have certificates - i do not use vista - but I think it is the same idea. If we put our own certificate as root certificate we can do what we want and signe all drivers and dll's.

Ok this is only idea - any comments ?
pop

Sure this will work if you make the operating system accepting your modifications.
This is the same technique most crackers use when keygen/patching serial checks with RSA implementation.

OHPen

Another (in some cases easier) solution though is to just patch the verification code, in some cases only a single jump.

just tested - new sign for rsalib - and xp accept it

pop

yes ( nop, eb) - but I want dissccus here problem of using rsa in software protection - it seems that it useless in that area - in the sense that someone can expect . Quite different in compare with information signe/verification.

But if we talk about crypto - the one byte modification usualy open the door to our system wide for every one :-) Ok , I know , windows are opened already :-)
pop

Yes, the signatures aren't mainly aimed at stopping you from running modified files in your own system. Rather, they are aimed at preventing other people from getting you to run their fake files in your computer.

Nice to hear your experiment was successful anyway, no matter the theories behind it.

If any body interested ? step no1 in attachmnet
pop

No one interested - but hollydays are over so its time to finish this subject.

In step no1 we have changed public key2
in advapi32_dll for the new one ( new N and E )

In step no2 we can use this new rsa key to signe rsa enh_dll with
its privet key (N,D). This way we can check if this is working.

All details are in attached code ( this is test code - cpp vs2008 -
for information/documentation/learning only )

remarks:

- rsa enh_dll is signed using md5 hash paded
to 1024 bites - crypted with privet rsa key
and stored in resouce #6 6 6

- there are two indepedent type of signs for rsa enh_dll
stored in two different resourses :
- # 6 6 6 resource for rsa sign - what a number :-)
- # 6 6 7 resource for internal sign check

- we do here only new rsa sign => # 6 66

- Resource #6 67 is signed by rsa ( #6 66) so if we want
to change it we have to do it befor new sign rsa.

- The internal sign check (#6 67 ) can be bypassed
by one byte patch - as Delta sugest :-)
but only if we make new rsa sign or additional
byte modiffication for rsa check.

- If we do not change anything inside rsa enh_dll
we can ignor #6 67 and internal checking in this test.
Resource #6 66 is not signed with internal check ( #6 67)

- to sign rsa we have to calculate MD5 and pad it to 1024 bites.
Then make private crypto operation = MD5 ^ D mod N .
Finally the result should be stored in resource #6 66
inside rsa enh_dll.

- To make crypto aritmetic we can use functions which
are ready inside advapi32_dll. These functions are
used for checking and are not exported. Fixed addresses
of these functions (test for xp sp2) are used in code .

pop

Thanks for sharing your work.