Windows System Software -- Consulting, Training, Development -- Unique Expertise, Guaranteed Results
The free OSR Learning Library has more than 50 articles on a wide variety of topics about writing and debugging device drivers and Minifilters. From introductory level to advanced. All the articles have been recently reviewed and updated, and are written using the clear and definitive style you've come to expect from OSR over the years.
Check out The OSR Learning Library at: https://www.osr.com/osr-learning-library/
Upcoming OSR Seminars | ||
---|---|---|
OSR has suspended in-person seminars due to the Covid-19 outbreak. But, don't miss your training! Attend via the internet instead! | ||
Writing WDF Drivers | 7 Dec 2020 | LIVE ONLINE |
Internals & Software Drivers | 25 Jan 2021 | LIVE ONLINE |
Developing Minifilters | 8 March 2021 | LIVE ONLINE |
Comments
http://www.microsoft.com/downloads/details.aspx?familyid=1ef399e9-b018-49db-a98b-0ced7cb8ff6f&displaylang=en
Briefly, CNG is officially supported started from Vista (in both, user and kernel mode). In kernel mode it's implemented as an export driver (ksecdd.sys, with ksecdd.lib import library). IRQL and other info can be found in documentation for each function separately:
http://msdn.microsoft.com/en-us/library/aa833130(VS.85).aspx
nowhere does it document what IRQL's you can call functions at, even
though if you search enough on microsoft.com it implies some functions
can be called at DISPATCH_LEVEL just not which functions they are.
Don Burn (MVP, Windows DKD)
Windows Filesystem and Driver Consulting
Website: http://www.windrvr.com
Blog: http://msmvps.com/blogs/WinDrvr
> -----Original Message-----
> From: [email protected] [mailto:[email protected]]
> Posted At: Wednesday, June 02, 2010 1:42 PM
> Posted To: ntdev
> Conversation: Bcrypt in the kernel
> Subject: RE: Bcrypt in the kernel
>
> You may want to get CNG SDK with samples, containing kernel mode usage
> examples along with other stuff:
>
>
http://www.microsoft.com/downloads/details.aspx?familyid=1ef399e9-b018-4
9db-
> a98b-0ced7cb8ff6f&displaylang=en
>
> Briefly, CNG is officially supported started from Vista (in both, user
and
> kernel mode). In kernel mode it's implemented as an export driver
(ksecdd.sys,
> with ksecdd.lib import library). IRQL and other info can be found in
> documentation for each function separately:
>
> http://msdn.microsoft.com/en-us/library/aa833130(VS.85).aspx
>
>
>
>
> __________ Information from ESET Smart Security, version of virus
signature
> database 5167 (20100602) __________
>
> The message was checked by ESET Smart Security.
>
> http://www.eset.com
>
"Depending on what processor modes a provider supports, BCryptEncrypt can be called either from user mode or kernel mode. Kernel mode callers can execute either at PASSIVE_LEVEL IRQL or DISPATCH_LEVEL IRQL. If the current IRQL level is DISPATCH_LEVEL, the handle provided in the hKey parameter must be derived from an algorithm handle returned by a provider that was opened with the BCRYPT_PROV_DISPATCH flag, and any pointers passed to the BCryptEncrypt function must refer to nonpaged (or locked) memory."
http://msdn.microsoft.com/en-us/library/aa375421(VS.85).aspx
..........
Depending on what processor modes a provider supports, BCryptEncrypt can be called either from user mode or kernel mode. Kernel mode callers can execute either at PASSIVE_LEVEL IRQL or DISPATCH_LEVEL IRQL. If the current IRQL level is DISPATCH_LEVEL, the handle provided in the hKey parameter must be derived from an algorithm handle returned by a provider that was opened with the BCRYPT_PROV_DISPATCH flag, and any pointers passed to the BCryptEncrypt function must refer to nonpaged (or locked) memory.
To call this function in kernel mode, use Ksecdd.lib, which is part of the Driver Development Kit (DDK).
..........
Peter Viscarola
OSR
@OSRDrivers
I'll go back to sleep now,
Peter
OSR
Peter Viscarola
OSR
@OSRDrivers