Author: Fu Linlin Source: NEW YORK kept an eye on me the article users have not forgotten me, "Slot1 loaded to make their own written DLL" article asking a question to all users reading this article, on signfile.exe The setting problem of the parameter key Container, no one answered me. However, I have been studying myself recently. After experiment, the trusted environment provided by CE is implemented. The "trusted environment" said that it is a point to let you customize the CE kernel to start the core, the DLL module, and the signature EXE, DLL module, non-signature EXE, DLL cannot be run. The "trusted environment" guarantees your kernel security to prevent other people from illegal to study your kernel or illegally run EXE, DLL. Before telling this technology, please allow me to say a few words. There are currently more than ten websites in China reprinted some of my articles (most non-I authorized), and readers can't read all my articles. Here I emphasized this, I only open a column at www.yesky.com and www.vckbase.com, only the article in the column is the most complete, to the copy of the number of articles I published in the column Calculate this article There are 27 people. These 27 articles are all provided to these two websites. The link address of my column is as follows: Yesky: http://www.yesky.com/softchannel/72340168526266368/20040908/1851586.shtmlvckbase: http://www.vckbase.com/vckbase/columnist/fllsoft Next Start explanation. Windows CE provides a mechanism to make developers of custom operating system kernels protect their custom kernels. After the mechanism is added, all NK.bin unlocked modules (EXE, DLL, OCX) can run normally. The module stored on the permanent memory can also be run after the developer's digital signature, and no digital signature module cannot run. Readers are interested in viewing articles titled "Create a Trusted Environment" in the CE Help document. Swords, the following begins to explain how to implement a trusted environment. 1. The method of obtaining the key container obtains the key container is to call the Win32 Security API. First get the CSP (CRYPTOGRAPHIC Service Provider), get the key container. The default CSP is Microsoft Base Cryptographic Provider. The default Key Container is named at the current login user. If you are familiar with encryption knowledge, you can call other CSPs. Here we use Microsoft Base Cryptographic Provider default key container for key containers required for Signfile. 2. Signing the module Signfile.exe is used to sign the module. This file can be found in the CE installation directory (including the source code), the following is the parameter description: -o
Output signature data to the specified file
-k
Specify CAPI key container
-p
Output public key to the specified file (content is an array of C language) -s
Embed a specified character
-a Additional signature data in the specified PE format
-f
Documents to sign (exe, dll)
If we want to sign myProc.exe, assume that we log in on the desktop Windows with a Fulinlin name, then enter the following command on the command line:
Signfile -fmyProc.exe -a -kfulinlin -pmyproc.txt
The above parameters tell the signfile.exe signature file MyProc.exe with the private key in Fulinlin in the key container, and store the public key in a file called MyProc.txt. The specific process of encryption is complicated, I don't understand the encryption, I can only understand such a low level. If you are wrong, you want readers to advise. 3, write inspection functions
Please refer to the article titled "verifying a signature" in the help documentation of the CE before writing the inspection function. We only need to copy the bottom code in this article to the .c file that defines the Oeminit function under the CE installation directory. Because my debug platform belongs to the X86 series, define the Oeminit function is in the cfwpc.c file. In order to make the reader can simply understand this mechanism, I will make a different function and variables as follows:
Initializing key function extern bool initpubkey; / These two pointers are defined in the loader.c file, loader.c implements the function of the loader, load module (EXE, DLL). The two pointers point to the two functions, the functionality of the PoemLoadInit pointing to the function is: Whenever this function determines whether it needs to be verified whenever a module is loaded. True means that False does not need. The function of the PoemLoadModule pointing to the function is to verify that the module to be loaded is a legal signature. There are three return values, please see the help documentation. Extern OemLoadInit_t poemloadinit; Extern OemloadModule_t poemloadModule; / with "CERTIFYMODULE" function is a verification function that comes with the system. With these three functions, you don't have to understand the knowledge of encryption. Extern Bool CertifyModuleinit; Extern Bool CertifyModule (Pbyte Pbblock, DWORD CBBLOCK); Extern Bool CertifyModuleFinal (PBYTE * PPBSIGNDATA, PDWORD PCSIGNDATA);
Pay attention to public key data g_bsignpublicKeyblob, to cover the public key exported in the code to G_BsignPublicKeyBlob in the code. 4, compile and test the PB to open a kernel engineering to enter the command line status (menu Open Build Release Directory). Type "Build-C" and "Sysgen I486oal" because cfwpc.c is part of I486OAL.LIB. Then recompile the kernel. The test method is to copy an exe running under any CE, one copy is not changed, and the other is signed by a signfile. Then copy the two files to the permanent memory. The test results are signed can run, and the unsigned cannot run (pop-up dialog displays "not finding XXX (or its component). Please confirm ...").
Pay Lin Lin:
2001 computer majors graduated. From graduation, we have been engaged in software development work. Currently engaged in operating system core customization and application development under Windows CE. Some experiences developed under CE were accumulated in actual work. I hope to communicate with the developers under CE, and I hope that you can enlighten me. My email: windowsce@tom.com
