Kas Ob.

Thank you for sharing ! This is yet the best reading i came across about Memory Safety.

Hi, I see no one answered you here, so i am not going to answer because i don't have a complete answer, and will explain why this will not be like the way it happened with EC JWK, and shouldn't be. PEM (Privacy Enhancement for Internet Electronic Mail) originally from https://www.rfc-editor.org/rfc/rfc1421 which had been updated few times and the last RFC is https://www.rfc-editor.org/rfc/rfc7468 With PEM and EC is easier and simpler then RSA keys to encode because (while both parameters are INTEGERS) but RSA parameters are encoded as BITSTRING then encapsulate the integers then list them as an array, this combined type has bit length not bytes, on top of that the length for fields with ASN.1 has its own standard which is not in byte, word, and dword, but again it is on own bit level, so the code to generate the headers for any type that can arbitrary is complex, unlike the case you mentioned with EC as the length private key or public key for such prime is fixed in length because the parameters are integers from a field predefined either by the named curve or by another parameter in case the curve is not named (not the case with SO example), again here the field size will be BITSTRING, but this is irrelevant here, in EC x and y are the public key which is a simple point in a field, while d is the scalar in that named field representing the private key. Back to RSA and its parameters, in your public key there is e and n , e is the exponent which is in most cases have one of two values (3 or 65537), 3 is not recommended, there are other small primes like (5, 17..) but i never saw RSA key with one of them. n is a prime, and this is the problem with the size if case the integer is not using the highest bit. Both must have their length convoyed by PEM in bits not in bytes, is your case the length is 2048, but is there a guarantee the generator of your key ? i don't know. My suggestion is to not try something like the SO example, i use proprietary library and never tried open source for such key with manually loading the parameters, but it should be doable easily, ICS or mormot(2) should/might do it, but i can't answer how easily it can be, as you should load the e and n from the JWK and feed them to some class in these library or use the raw functions of OpenSSL, after that OpenSSL will give you a right formatted PEM file/data. Both libraries i believe have do support JWK, so there a chance your need is very simple of load and pass to a class or something then save. Sorry can't help more. ps : if you want to replicate what have being done with SO example then you need the ASN1 parser, but again i don't recommend it, it might fail. https://lapo.it/asn1js/ and here is it with the PEM EC key from SO https://lapo.it/asn1js/#MHcCAQEEIEcMr_fVtxp342GyNF_m-VJob4fPKEQikJD8YsAj1RoIoAoGCCqGSM49AwEHoUQDQgAEsDbcYT8HzBk1tUl849ZHrhpIn8ZV7HfD1DwYdsP1ip0Rah18pZDqgTSmnKLu1E7_rUGABCxnIOMMaP2QtmJS2w Switch the "Definitions:" in that page to "PKCS#8 encrypted private key" for consistency in naming.

@Stefan Glienke you put your finger on the biggest pain source in Delphi and CBuilder. I honestly believe that the cause of this negligence and procrastination on enhancing the compiler is sourced from few things but mainly the stupid and outdated DebugInfo, see, enhancing the compiler to spit better, shorter and efficient code means the simple and stupid assembly instructions, right now it is a must to have at least one instruction per line at least, but with optimization some lines will not have any instructions, also means there will be multiple lines executed in one or more ASM instructions, also means some lines will be reordered or even omitted and this is important for the debugger, now comes the Borland DebugInfo and its really need to be re-hulled or even dropped and switched to something else, changing the simple and current retarded assembly flow will require the DebugInfo to have such changes convoyed to the debugger, and this is the black pit, enhancing compiler will require enhancing the debugger, and i mean almost rebuilding form the ground along with new. That is technical debt for Embarcadero, and they are castrating LLVM for the sake of the debugger and debug info.

Nothing, literally there is nothing ! But the point still stand C and C++ can so the same as Rust, as there is nothing Rust do and C++ can't, with that in mind and there is already a measure or standard that distinguish between Rust and C++ then Delphi has a place on that scale and it is closer to Rust than C++. It is all about semantics and investing time, where the language and compiler force the developer or prevent him from shortcuts or mistakes.

Agree, and if it is governmental agency then definitely they should use the most relevant and modern technology, in this case this will minimize the risk of faulty, unsafe or unsecure code, by argument above about everyone else non governmental, in software business trying to justify the transition and the cost, the cost is 0 for the tool chain yet the needed experienced developer/programmer in Rust is higher. No it's not. Lets agree to not agree on that, for me, just don't duck with the stack and the stack will not duck with you, is a moto.

I have few thoughts on this subject, i mean Rust and its safety because there is so much hype around this accompanied with lot of confusion with terminology. so : 1) By safety, most of the need for Rust is for security breach and counter fighting malicious and buggy code, due the memory safety, so it is not only about memory here, but around abusing the unsafe code that can be manipulated by handled (or arrived) data from untrusted source. 2) This safety concern come from almost from one source boundary checks and type casting (abusing), along with use after free. 3) Delphi is way more safer than C and C++, but when it comes to Rust then it is relatively comparable, and to understand what i mean you need to understand how Rust as language defined and how the compiler handle the code, this is the most important point, and there is many sources over the net explaining this and yet most of them mix terminology or just badly written to target a specific readers, wither too advanced in Rust or don't know if it is subject is the rust on an old power supply. An example of the differences and power of Rust against language like Delphi, in very short and lame way, in Delphi we can declare an array of bytes or TBytes or whatever, something like a list may be, but we can access it by an index, right ? of course right. That index can be a variable or a constant like MyList[5]. , in Rust you can't do that, you can't declare an open array and you can't access it by a constant or even by any variable, again it is complicated and i am not the best writer Again, in Delphi we can declare limited length array like ARR: array [0..255] of byte, in rust that is possible and in fact it is almost the only way but it must have a type, so in Delphi we should declare the type of that array then use it in variable like ARR: TMy256ByteArr. in Rust you can't access this 256 byte array by an integer variable it does need a variable declared as limited one to this very specific array, but in Delphi we can do that too like this (My256Int = 0..255;) and if you to the index of our array with this variable then never can breach the boundaries hence we stayed memory safe as much as Rust, both handled by the compiler, the difference Delphi might warn and might not, RUST will not compile, it will twist your hand to write strongly declared types and stick to them. This is a glimpse of the difference, and yet it does show how Delphi is comparable in memory safety if and only if the Delphi developer was experienced (as Dalija said) enough to not make such mistakes or ready to write many lines to ensure safety, also Delphi compiler does not help much with warning, as example ..it will eat any integer for an index without a problem and only will offer runtime checks when the boundaries are violated. Also Delphi doesn't use the stack for instances and this is huge safety on its own. So if you want an pseudo answer for this It is safer then C and C++ and you need to pay more for the extra work to make it comparable to Rust. But for real most the switching to Rust is due the security not the memory safety per se. Hope that was clear.

She, and i am sorry missed that, but HKLM does exist for all users, only if they have access to it, here form my registry Everyone can read form the root of HKLM, other users registry are in HK_USERS and the needed registry is there in one of them, the only problem is : unless the user for IIS is listed in one of the allowed groups, no ISAPI can read these users. Also a fun fact : HKEY_CURRENT_USER is just a virtual copy (shadow) for one (and one only) of these listed in HKEY_USERS.

He can and that is the problem, he can and there is a result but it is for different user as IIS (the host of the ISAPI) run in its own user, so most likely the error is the path doesn't exist or something. IIS run starts and runs in separated own user privileges, hence the complete different registry local user, also it deliberately has limited file access to prevent ISAPI from doing nasty stuff, or when things got broken and hacked that ISAPI can't compromise the system in whole. Also there is IIS isolation mode https://learn.microsoft.com/en-us/iis/manage/configuring-security/ensure-security-isolation-for-web-sites which spawn different hosting process with another different security context. @Sebastiana the best way to solve this right, is to ditch the registry and switch to either file ( in a guaranteed access directory for this ISAPI), or run a separated windows service to serve the registry to the ISAPI using some IPC, if there is an legacy code that is running on the same machine then it is possible to make it serve these data to the ISAPI, away form that it will be just ugly workarounds and most likely will break later due some changes in IIS or as always some hardening tools that change policies for IIS and running ISAPI's.

@Sebastiana from https://learn.microsoft.com/en-us/windows/win32/api/winreg/nf-winreg-regopenkeyexa If your service or application impersonates different users, do not use this function with HKEY_CURRENT_USER. Instead, call the RegOpenCurrentUser function. And your ISAPI is running under different user most likely the is the limited IIS_IUSRS, you need to use RegOpenCurrentUser https://learn.microsoft.com/en-us/windows/win32/api/winreg/nf-winreg-regopencurrentuser https://learn.microsoft.com/en-us/windows/win32/sysinfo/registry-key-security-and-access-rights

I do use FileZilla for years now, but can't remember the last time i downloaded it from its site ! And from the screenshot of VirusTotal, the classified it as AdWare, RiskWare... not really as malicious as it sound but yet there is a BundleWare (have the ability to download and run) that comes from different developer included in that setup. I recommend to use the portable version from https://portableapps.com/apps/internet/filezilla_portable But by using only the portable application we lose the ability to update in time, so i recommend to use portable platform itself, it does manage these applications nicely, https://portableapps.com/ The selling points of this: 1) they are in one place, and with one click the launcher can check and update them. 2) They are portable, meaning if you switch windows or copied that folder in its whole, it will work on any Windows with all the settings, history... as the user used it.

I did that many times in very similar needs, but instead of MessageBox which also i in the past used, now i do exception in a loop with Sleep(1) with check for global boolean variable, this will stop that thread specially if i am after the main thread. In some cases starting the debugging process is very slow if i don't know exactly when it will happen, like hunting these loch ness situations, but with that loop i don't have the message box, where the main thread had altered stack or touched, attach the process to the debugger then it will break in place, then change that global to exit the loop.

Hyper-V Server 2019 is free LTSC and will stay like that until January 2029, which is its EOL https://learn.microsoft.com/en-us/lifecycle/products/hyperv-server-2019 https://www.microsoft.com/en-us/evalcenter/evaluate-hyper-v-server-2019

The answer is easy for this one : Because hitting Delete on file using an application is not equal to hitting Shift+Delete on that application ! See, hitting Delete with or without Shift in Windows Explorer, will perform what Windows Explorer designed to do, in most case as in default Delete a file using Windows Explorer is simple move to Recycle Bin, and if that explorer is broken by an update then Microsoft had broken many things, on other hand the Explorer is the main target to abuse by every AV out there, as it is the users default UI, they hook it and then break it.

Hi, though i have never used DCP i have looked at this https://github.com/SnakeDoctor/DCPcrypt and can elaborate here. Of course it is !, and what is wide ? thoughts here : 1) there is no wide definition Cipher Blocks algorithms against the usual, there is no such thing, for BlowFish and its SelfTest it is only 64bit (8 bytes) as it should be. 2) BlowFish is 8 bytes block cipher, and you are misunderstood the context of this self test, from what i see this self test looks well defined, and you can't (and must not) introduce or use (for block cipher like blowfish ) a key with 32 bytes, that is wrong, these (almost all) block ciphers algorithms are not standardized (or defined) to handle a key with arbitrary size. 3) same as above (2) only with the data blocks, they are also have specific size with BlowFish it is 8 bytes, with TwoFish and AES is 16 .... Here i am assuming you want to your own self test, or introduce different Test Vectors, so you need the higher level of this implementation for this cipher, the one encapsulate this algorithm, which from what i can see it is TDCP_cipher, this one implement the supported algorithms though TDCP_blockcipher64 or TDCP_blockcipher128, these two does the functionality of longer data handling, aka multiple blocks of data, yet you can't use them, so you really should only use TDCP_cipher for your not only tests but in every usage. Using TDCP_blowfish directly is for only for the who really know what they are doing or who will either stick to only one block or will implement their own higher level encapsulation. Now an important thing to keep in mind and remember always, Block Ciphers works only with defined key length and they can't handle arbitrary key length without introducing another algorithm preferably a standardized one, so stick to the key length for each algorithm, if you are trying to make compatible encryption with different library that is using/accepting arbitrary key length, then you need to emulate/reproduce that part of key trimming/expanding to the accepted key length. in case you want arbitrary key length, then you should look up PBKDF2 algorithm or the less recommended KDF, i can't see these in DCP, so either i don't where to look, you you can just ditch DCP and switch to another library, here comes others who can suggest libraries for you after you extend you need exactly, for me i would not suggest BlowFish for anything, unless there is a legacy data (yes data and not an application), legacy applications should use more modern and more secure algorithms. Hope that was clear.

Will work, but will need lot of details to be ugly. I am suggesting as Remy suggested, switch all the CobmoBoxes to custom draw (virtual mode) and solve this for good.

Good point, but remember invoking/calling CreateThread from local thread doesn't require specific privileges but while injecting (almost always ) with CreateRemoteThreads does require security privileges. This is interesting https://github.com/stephenfewer/ReflectiveDLLInjection/pull/17 FireFox indeed tries (tried in the past i don't know the current code) to protect itself from remote injection by hooking the BaseThreadInitThunk not the RtlUserThreadStart, for the same reason that RtlUserThreadStart is not always the start point. More hmmm. Doesn't really tell me much with regard to the source of the thread. Well you are diving deeper into OS kernel, so to make sure we are on the same page first let clear the separation of the functions in the OS as whole Kernel part and kernel user part. In Windows there is 3 levels of functions, and they are named little differently, sometimes the difference is only with Nt or Zw against nothing, or completely different name encapsulating multi functionality. eg CreateThread is for RTL user mode, this will internally call NtCreateThread we still in the kernel but in the user part which is lower than user process but higher than the kernel itself (the hidden and protected one), then comes ZwCreateThread which reside in the kernel and this one is system call not system function, meaning the execution is not done by simple assembly branching instruction like JMP or CALL, no this is done by SYSCALL and SYSENTER https://www.felixcloutier.com/x86/syscall https://www.felixcloutier.com/x86/sysenter This page https://learn.microsoft.com/en-us/windows-hardware/drivers/kernel/using-nt-and-zw-versions-of-the-native-system-services-routines explain the difference but still hard to grasp or understand it from one reading, hence i am trying (or failing) to make clearer a little. With each level different checks are performed for security, errors, ... Zw calls are essentially to be called directly and exclusively form drivers and the kernel, Nt calls are less strict yet these Nt call are the ones that will check for privileges to perform/acces from User more process, while Zw are the ultimate to decide as there is many of them will simply refuse to execute because the calling thread is not kernel one, Nt will refuse to execute if you don't have user mode privileges. Take as example CloseHandle, this function does close almost everything yet it called CloseHandle, there is NtCloseHandle, but there is no ZwCloseHandle, there is ZwClose that perform all the closing in the kernel. Now i drifted far form the question and your comment (but for IMO good reason), NtCreateThreadEx is the real function behind CreateThread (which in fact is calling NtCreateThread) from the User Mode and will perform the same functionality but it does have the last check for privileges and context to execute or invoke a new thread. Not sure if this was clear, i just hope.

What to say, i have pasted the link and mentioned many times 😎 For more powerful tool i use, different but more invasive/intrusive i use CheatEngine https://www.cheatengine.org/ https://github.com/cheat-engine/cheat-engine Written mostly in FreePascal, and it is for games, yet it is so much powerful with its monitoring and even capturing low level event like executing a specific assembly code or passing though (executing) specific address or even accessing a block of memory (read or write), also there is LUA scripting... In short it is really useful to master and use.

Hours and hours digging into Windows kernel, also the name of that first in the stack function is very specific and very familiar RtlUserThreadStart, as example, CreateRemoteThread doesn't invoke this one. Lastly from old readings, i can't find many resources but have a look here http://www.nynaeve.net/?p=200

@aehimself use ApiMonitor to find these not-yours threads http://www.rohitab.com/apimonitor NT Native -> Process and Threads -> Ntdll.dll for lower level functions and Process and Threads -> Thread -> Kernel32.dll for higher level function (your usual user mode functions aka RTL)

Yes there is, but in this case the RtlUserThreadStart from the kernel user mode (ntdll) is the one supplied with ThreadProc from CreateThread from this running process.

Evidently it is from Delphi code and started with CreateThread , see the UserThreadStart ? that is it. So this thread in particular is create from library you are using, it could be VCL or RTL or 3rd party or some unit you included, but without any doubt it is started from CreateThread there is high chance to be from TThread somewhere, but this is an encapsulation after all. There is also a chance it is from a DLL your code is calling, but again this thread is created from user space code not the kernel, also from the stack itself it is deep nested with 7 levels in your EXE, so it should be easy to identify.

I didn't say it is SSL/TLS issue, i used that error (issue) to make some logic (deduce) about failed synchronization or wrongly sent buffers due faulty destination assignments between threads and sockets.

Right. Microsoft define its literals strictly in most cases, yet the compiler has well defined behavior, both for the best outcome from using the SDK. Look at this no problem and no warning. Here the compiler warns but compile, and the IDE didn't show anything different for the other DWORD and INT32 But here with lets say HANDLE Things are very different, as HANDLE are defined as struct as you know, specially to prevent the code from doing constant assignment. Like this Now why it is an integer: i think because it had been misunderstood as very big value (not the biggest though 0x80000000) instead of lowest possible negative value in 32bit, it could simply been declared as -1 and called a day, but who knows might be some legacy issue.

Sorry, I can't agree on the rightness of this, heck.. i might call it rightmess ! Is Delphi 12 compiler handling (and generating machine code for) untyped numerical constant (literal) to be evaluated at runtime ? That is wrong. It would be great if you or anyone shared these warnings, i only can imagine what could be the case(s), but still when and where the compiler draw the line for such runtime evaluations yet it does accept them at compile time ? Also on side note how the compiler will handle such constants without a type when used in 64bit (Int64 and UInt64) ? See, the idea of being typed by a modifier after the "=" for numerical constant is disturbing me.

assuming these cores doing near nothing except your stress test, right ? If you tried to open FireFox while doing such stress test looking for weak and missed situations to break, open it then try few tabs with Youtube playing videos, then see how that probability goes 100 times to 1/350, cores here will not help you as different application running on that server can easily make OS thread scheduler switch in different and biased way, this is the same case if you have your application running on server and then some like 2 Hyper-V guests booted on that device, it is doesn't worth to gamble. The role is one gamble like this and literally your application needs to restart at best case scenario, while the worst it will cost money like lost hours of work or simply corrupted data.