среда, 31 августа 2016 г.

bugs in mbedtls DH client/server

1) altough always used constant MBEDTLS_MD_SHA256 parameters are signed with sha1 and then we have MBEDTLS_ERR_RSA_VERIFY_FAILED in library\rsa.c on line 1435
2) in dh_server.c when receiving client's public value length of buffer must be dhm.len

Nice cryptolibrary, totally ready to work in kernel mode I think

вторник, 30 августа 2016 г.

how to build mbedtls-2.3.0 with wdk7

Lets say that you want to have some Diffie-Hellman-Merkle algorithm & hmac inside your driver. I found plain C library mbedtls which is very suitable for this, but has one minor problem - it does not support wdk7. So I just made port for it

вторник, 9 августа 2016 г.

ida 6.95 has been released

useful changes:
  • PE: added detection of entry point from incremental linking by Visual Studio 
  • FLIRT: added signatures for Windows Driver Kits 7-10
  • FLIRT: added detection of GsDriverEntry for Windows Drivers 
but still no support of apisetschema in PE imports, yeah