librex 0.0.68 → 0.0.70

data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_function.rb

@@ -34,67 +34,77 @@ module Railgun
 # represents one function, e.g. MessageBoxW
 #
 class DLLFunction
-	@@allowed_datatypes = {
-		"VOID"   => ["return"],
-		"BOOL"   => ["in", "return"],
-		"DWORD"  => ["in", "return"],
-		"WORD"   => ["in", "return"],
-		"BYTE"   => ["in", "return"],
-		"LPVOID" => ["in", "return"], # sf: for specifying a memory address (e.g. VirtualAlloc/HeapAlloc/...) where we dont want ot back it up with actuall mem ala PBLOB
-		"HANDLE" => ["in", "return"],
-		"PDWORD" => ["in", "out", "inout"], # todo: support for functions that return pointers to strings
-		"PWCHAR" => ["in", "out", "inout"],
-		"PCHAR"  => ["in", "out", "inout"],
-		"PBLOB"  => ["in", "out", "inout"],
-	}.freeze
-
-	@@directions = ["in", "out", "inout", "return"].freeze
-
-	attr_reader :return_type,  :params, :windows_name
-
-	def initialize(return_type, params, windows_name)
-		check_return_type(return_type) # we do error checking as early as possible so the library is easier to use
-		check_params(params)
-		@return_type = return_type
-		@params = params
-		@windows_name = windows_name
-	end
-
-	private
-
-	def check_type_exists (type)
-		if not @@allowed_datatypes.has_key?(type)
-			raise ArgumentError, "Type unknown: #{type}. Allowed types: #{PP.pp(@@allowed_datatypes.keys, "")}"
-		end
-	end
-
-	def check_return_type (type)
-		check_type_exists(type)
-		if not @@allowed_datatypes[type].include?("return")
-			raise ArgumentError, "#{type} is not allowed as a return type"
-		end
-	end
-
-	def check_params (params)
-		params.each do |param|
-			raise ArgumentError, "each param must be descriped by a three-tuple [type,name,direction]" unless param.length == 3
-			type = param[0]
-			direction = param[2]
-
-			# Assert a valid type
-			check_type_exists(type)
-
-			# Only our set of predefined directions are valid
-			unless @@directions.include?(direction)
-				raise ArgumentError, "invalid direction: #{direction}"
-			end
-
-			# 'return' is not a valid direction in this context
-			unless direction != "return"
-				raise "direction 'return' is only for the return value of the function."
-			end
-		end
-	end
+  @@allowed_datatypes = {
+    "VOID"   => ["return"],
+    "BOOL"   => ["in", "return"],
+    "DWORD"  => ["in", "return"],
+    "WORD"   => ["in", "return"],
+    "BYTE"   => ["in", "return"],
+    "LPVOID" => ["in", "return"], # sf: for specifying a memory address (e.g. VirtualAlloc/HeapAlloc/...) where we dont want ot back it up with actuall mem ala PBLOB
+    "HANDLE" => ["in", "return"],
+    "PDWORD" => ["in", "out", "inout"], # todo: support for functions that return pointers to strings
+    "PWCHAR" => ["in", "out", "inout"],
+    "PCHAR"  => ["in", "out", "inout"],
+    "PBLOB"  => ["in", "out", "inout"],
+  }.freeze
+
+  @@allowed_convs = ["stdcall", "cdecl"]
+
+  @@directions = ["in", "out", "inout", "return"].freeze
+
+  attr_reader :return_type,  :params, :windows_name, :calling_conv
+
+  def initialize(return_type, params, windows_name, calling_conv="stdcall")
+    check_return_type(return_type) # we do error checking as early as possible so the library is easier to use
+    check_params(params)
+    check_calling_conv(calling_conv)
+    @return_type = return_type
+    @params = params
+    @windows_name = windows_name
+    @calling_conv = calling_conv
+  end
+
+  private
+
+  def check_calling_conv(conv)
+    if not @@allowed_convs.include?(conv)
+      raise ArgumentError, "Calling convention unknown: #{conv}."
+    end
+  end
+
+  def check_type_exists (type)
+    if not @@allowed_datatypes.has_key?(type)
+      raise ArgumentError, "Type unknown: #{type}. Allowed types: #{PP.pp(@@allowed_datatypes.keys, "")}"
+    end
+  end
+
+  def check_return_type (type)
+    check_type_exists(type)
+    if not @@allowed_datatypes[type].include?("return")
+      raise ArgumentError, "#{type} is not allowed as a return type"
+    end
+  end
+
+  def check_params (params)
+    params.each do |param|
+      raise ArgumentError, "each param must be descriped by a three-tuple [type,name,direction]" unless param.length == 3
+      type = param[0]
+      direction = param[2]
+
+      # Assert a valid type
+      check_type_exists(type)
+
+      # Only our set of predefined directions are valid
+      unless @@directions.include?(direction)
+        raise ArgumentError, "invalid direction: #{direction}"
+      end
+
+      # 'return' is not a valid direction in this context
+      unless direction != "return"
+        raise "direction 'return' is only for the return value of the function."
+      end
+    end
+  end
 
 end
 

data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_helper.rb

@@ -36,113 +36,113 @@ module Railgun
 #
 module DLLHelper
 
-	# converts ruby string to zero-terminated ASCII string
-	def str_to_ascii_z(str)
-		return str+"\x00"
-	end
+  # converts ruby string to zero-terminated ASCII string
+  def str_to_ascii_z(str)
+    return str+"\x00"
+  end
 
-	# converts 0-terminated ASCII string to ruby string
-	def asciiz_to_str(asciiz)
-		zero_byte_idx = asciiz.index("\x00")
-		if zero_byte_idx != nil
-			return asciiz[0, zero_byte_idx]
-		else
-			return asciiz
-		end
-	end
+  # converts 0-terminated ASCII string to ruby string
+  def asciiz_to_str(asciiz)
+    zero_byte_idx = asciiz.index("\x00")
+    if zero_byte_idx != nil
+      return asciiz[0, zero_byte_idx]
+    else
+      return asciiz
+    end
+  end
 
-	# converts ruby string to zero-terminated WCHAR string
-	def str_to_uni_z(str)
-		enc = str.unpack("C*").pack("v*")
-		enc += "\x00\x00"
-		return enc
-	end
+  # converts ruby string to zero-terminated WCHAR string
+  def str_to_uni_z(str)
+    enc = str.unpack("C*").pack("v*")
+    enc += "\x00\x00"
+    return enc
+  end
 
-	# converts 0-terminated UTF16 to ruby string
-	def uniz_to_str(uniz)
-		uniz.unpack("v*").pack("C*").unpack("A*")[0]
-	end
+  # converts 0-terminated UTF16 to ruby string
+  def uniz_to_str(uniz)
+    uniz.unpack("v*").pack("C*").unpack("A*")[0]
+  end
 
-	# parses a number param and returns the value
-	# raises an exception if the param cannot be converted to a number
-	# examples:
-	#   nil => 0
-	#   3 => 3
-	#   "MB_OK" => 0
-	#   "SOME_CONSTANT | OTHER_CONSTANT" => 17
-	#   "tuna" => !!!!!!!!!!Exception
-	#
-	# Parameter "win_consts" is a WinConstantManager
-	def param_to_number(v, win_consts = @win_consts)
-		if v.class == NilClass then
-			return 0
-		elsif v.class == Fixnum then
-			return v # ok, it's already a number
-		elsif v.class == Bignum then
-			return v # ok, it's already a number
-		elsif v.class == String then
-			dw = win_consts.parse(v) # might raise an exception
-			if dw != nil
-				return dw
-			else
-				raise ArgumentError, "Param #{v} (class #{v.class}) cannot be converted to a number. It's a string but matches no constants I know."
-			end
-		else
-			raise "Param #{v} (class #{v.class}) should be a number but isn't"
-		end
-	end
+  # parses a number param and returns the value
+  # raises an exception if the param cannot be converted to a number
+  # examples:
+  #   nil => 0
+  #   3 => 3
+  #   "MB_OK" => 0
+  #   "SOME_CONSTANT | OTHER_CONSTANT" => 17
+  #   "tuna" => !!!!!!!!!!Exception
+  #
+  # Parameter "win_consts" is a WinConstantManager
+  def param_to_number(v, win_consts = @win_consts)
+    if v.class == NilClass then
+      return 0
+    elsif v.class == Fixnum then
+      return v # ok, it's already a number
+    elsif v.class == Bignum then
+      return v # ok, it's already a number
+    elsif v.class == String then
+      dw = win_consts.parse(v) # might raise an exception
+      if dw != nil
+        return dw
+      else
+        raise ArgumentError, "Param #{v} (class #{v.class}) cannot be converted to a number. It's a string but matches no constants I know."
+      end
+    else
+      raise "Param #{v} (class #{v.class}) should be a number but isn't"
+    end
+  end
 
-	# assembles the buffers "in" and "inout"
-	def assemble_buffer(direction, function, args)
-		layout = {} # paramName => BufferItem
-		blob = ""
-		#puts " building buffer: #{direction}"
-		function.params.each_with_index do |param_desc, param_idx|
-			#puts "  processing #{param_desc[0]} #{param_desc[1]} #{param_desc[2]}"
-			# we care only about inout buffers
-			if param_desc[2] == direction
-				buffer = nil
-				# Special case:
-				# The user can choose to supply a Null pointer instead of a buffer
-				# in this case we don't need space in any heap buffer
-				if param_desc[0][0,1] == 'P' # type is a pointer
-					if args[param_idx] == nil
-						next
-					end
-				end
+  # assembles the buffers "in" and "inout"
+  def assemble_buffer(direction, function, args)
+    layout = {} # paramName => BufferItem
+    blob = ""
+    #puts " building buffer: #{direction}"
+    function.params.each_with_index do |param_desc, param_idx|
+      #puts "  processing #{param_desc[0]} #{param_desc[1]} #{param_desc[2]}"
+      # we care only about inout buffers
+      if param_desc[2] == direction
+        buffer = nil
+        # Special case:
+        # The user can choose to supply a Null pointer instead of a buffer
+        # in this case we don't need space in any heap buffer
+        if param_desc[0][0,1] == 'P' # type is a pointer
+          if args[param_idx] == nil
+            next
+          end
+        end
 
-				case param_desc[0] # required argument type
-					when "PDWORD"
-						dw = param_to_number(args[param_idx])
-						buffer = [dw].pack('V')
-					when "PWCHAR"
-						raise "param #{param_desc[1]}: string expected" unless args[param_idx].class == String
-						buffer = str_to_uni_z(args[param_idx])
-					when "PCHAR"
-						raise "param #{param_desc[1]}: string expected" unless args[param_idx].class == String
-						buffer = str_to_ascii_z(args[param_idx])
-					when "PBLOB"
-						raise "param #{param_desc[1]}: please supply your BLOB as string!" unless args[param_idx].class == String
-						buffer = args[param_idx]
-					# other types (non-pointers) don't reference buffers
-					# and don't need any treatment here
-				end
+        case param_desc[0] # required argument type
+          when "PDWORD"
+            dw = param_to_number(args[param_idx])
+            buffer = [dw].pack('V')
+          when "PWCHAR"
+            raise "param #{param_desc[1]}: string expected" unless args[param_idx].class == String
+            buffer = str_to_uni_z(args[param_idx])
+          when "PCHAR"
+            raise "param #{param_desc[1]}: string expected" unless args[param_idx].class == String
+            buffer = str_to_ascii_z(args[param_idx])
+          when "PBLOB"
+            raise "param #{param_desc[1]}: please supply your BLOB as string!" unless args[param_idx].class == String
+            buffer = args[param_idx]
+          # other types (non-pointers) don't reference buffers
+          # and don't need any treatment here
+        end
 
-				if buffer != nil
-					#puts "   adding #{buffer.length} bytes to heap blob"
-					layout[param_desc[1]] = BufferItem.new(param_idx, blob.length, buffer.length, param_desc[0])
-					blob += buffer
-					# sf: force 8 byte alignment to satisfy x64, wont matter on x86.
-					while( blob.length % 8 != 0 )
-						blob += "\x00"
-					end
-					#puts "   heap blob size now #{blob.length}"
-				end
-			end
-		end
-		#puts "  built buffer: #{direction}"
-		return [layout, blob]
-	end
+        if buffer != nil
+          #puts "   adding #{buffer.length} bytes to heap blob"
+          layout[param_desc[1]] = BufferItem.new(param_idx, blob.length, buffer.length, param_desc[0])
+          blob += buffer
+          # sf: force 8 byte alignment to satisfy x64, wont matter on x86.
+          while( blob.length % 8 != 0 )
+            blob += "\x00"
+          end
+          #puts "   heap blob size now #{blob.length}"
+        end
+      end
+    end
+    #puts "  built buffer: #{direction}"
+    return [layout, blob]
+  end
 
 end
 

data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_wrapper.rb

@@ -6,22 +6,22 @@ module Extensions
 module Stdapi
 module Railgun
 class DLLWrapper
-	attr_reader :_client, :_dll
+  attr_reader :_client, :_dll
 
-	def initialize(dll, client)
-		@_dll    = dll
-		@_client = client
-	end
+  def initialize(dll, client)
+    @_dll    = dll
+    @_client = client
+  end
 
-	# For backwards compatability. People check if functions are added this way
-	# XXX: Depricate this
-	def functions
-		# warn 'Depricated.'
-		_dll.functions
-	end
+  # For backwards compatability. People check if functions are added this way
+  # XXX: Depricate this
+  def functions
+    # warn 'Depricated.'
+    _dll.functions
+  end
 
-	def method_missing(sym, *args)
-		_dll.call_function(sym, args, _client)
-	end
+  def method_missing(sym, *args)
+    _dll.call_function(sym, args, _client)
+  end
 end
 end; end; end; end; end; end

data/lib/rex/post/meterpreter/extensions/stdapi/railgun/mock_magic.rb

@@ -14,501 +14,501 @@ require 'rex/post/meterpreter/extensions/stdapi/railgun/tlv'
 #
 module MockMagic
 
-	TLV_TYPE_NAMES = {
-		TLV_TYPE_RAILGUN_SIZE_OUT => "TLV_TYPE_RAILGUN_SIZE_OUT",
-		TLV_TYPE_RAILGUN_STACKBLOB => "TLV_TYPE_RAILGUN_STACKBLOB",
-		TLV_TYPE_RAILGUN_BUFFERBLOB_IN => "TLV_TYPE_RAILGUN_BUFFERBLOB_IN",
-		TLV_TYPE_RAILGUN_BUFFERBLOB_INOUT => "TLV_TYPE_RAILGUN_BUFFERBLOB_INOUT",
-		TLV_TYPE_RAILGUN_DLLNAME => "TLV_TYPE_RAILGUN_DLLNAME",
-		TLV_TYPE_RAILGUN_FUNCNAME => "TLV_TYPE_RAILGUN_FUNCNAME",
-	}
+  TLV_TYPE_NAMES = {
+    TLV_TYPE_RAILGUN_SIZE_OUT => "TLV_TYPE_RAILGUN_SIZE_OUT",
+    TLV_TYPE_RAILGUN_STACKBLOB => "TLV_TYPE_RAILGUN_STACKBLOB",
+    TLV_TYPE_RAILGUN_BUFFERBLOB_IN => "TLV_TYPE_RAILGUN_BUFFERBLOB_IN",
+    TLV_TYPE_RAILGUN_BUFFERBLOB_INOUT => "TLV_TYPE_RAILGUN_BUFFERBLOB_INOUT",
+    TLV_TYPE_RAILGUN_DLLNAME => "TLV_TYPE_RAILGUN_DLLNAME",
+    TLV_TYPE_RAILGUN_FUNCNAME => "TLV_TYPE_RAILGUN_FUNCNAME",
+  }
 
-	class MockRailgunClient
-		attr_reader :platform, :check_request, :response_tlvs
+  class MockRailgunClient
+    attr_reader :platform, :check_request, :response_tlvs
 
-		def initialize(platform, response_tlvs, check_request)
-			@check_request = check_request
-			@response_tlvs = response_tlvs
-			@platform = platform
-		end
+    def initialize(platform, response_tlvs, check_request)
+      @check_request = check_request
+      @response_tlvs = response_tlvs
+      @platform = platform
+    end
 
-		def send_request(request)
-			check_request.call(request)
+    def send_request(request)
+      check_request.call(request)
 
-			(Class.new do
-				def initialize(response_tlvs)
-					@response_tlvs = response_tlvs
-				end
-				def get_tlv_value(type)
-					return @response_tlvs[type]
-				end
-			end).new(@response_tlvs)
-		end
-	end
+      (Class.new do
+        def initialize(response_tlvs)
+          @response_tlvs = response_tlvs
+        end
+        def get_tlv_value(type)
+          return @response_tlvs[type]
+        end
+      end).new(@response_tlvs)
+    end
+  end
 
-	def make_mock_client(platform = "x86/win32", target_request_tlvs = [], response_tlvs = [])
-		check_request = lambda do |request|
-			target_request_tlvs.each_pair do |type, target_value|
-				assert_equal(target_value, request.get_tlv_value(type),
-					"process_function_call should send to client appropriate #{TLV_TYPE_NAMES[type]}")
-			end
-		end
+  def make_mock_client(platform = "x86/win32", target_request_tlvs = [], response_tlvs = [])
+    check_request = lambda do |request|
+      target_request_tlvs.each_pair do |type, target_value|
+        assert_equal(target_value, request.get_tlv_value(type),
+          "process_function_call should send to client appropriate #{TLV_TYPE_NAMES[type]}")
+      end
+    end
 
-		return  MockRailgunClient.new(platform, response_tlvs, check_request)
-	end
+    return  MockRailgunClient.new(platform, response_tlvs, check_request)
+  end
 
-	# These are sample descriptions of functions to use for testing.
-	# the definitions include everything needed to mock and end to end test
-	def mock_function_descriptions
-		[
-			{
-				:platform => "x86/win32",
-				:name => "LookupAccountSidA",
-				:params => [
-					["PCHAR","lpSystemName","in"],
-					["LPVOID","Sid","in"],
-					["PCHAR","Name","out"],
-					["PDWORD","cchName","inout"],
-					["PCHAR","ReferencedDomainName","out"],
-					["PDWORD","cchReferencedDomainName","inout"],
-					["PBLOB","peUse","out"],
-				],
-				:return_type => "BOOL",
-				:dll_name => "advapi32",
-				:ruby_args => [nil, 1371864, 100, 100, 100, 100, 1],
-				:request_to_client => {
-					TLV_TYPE_RAILGUN_SIZE_OUT => 201,
-					TLV_TYPE_RAILGUN_STACKBLOB => "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xD8\xEE\x14\x00\x02\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00d\x00\x00\x00\x03\x00\x00\x00\b\x00\x00\x00\x02\x00\x00\x00\xC8\x00\x00\x00",
-					TLV_TYPE_RAILGUN_BUFFERBLOB_IN => "",
-					TLV_TYPE_RAILGUN_BUFFERBLOB_INOUT => "d\x00\x00\x00\x00\x00\x00\x00d\x00\x00\x00\x00\x00\x00\x00",
-					TLV_TYPE_RAILGUN_DLLNAME => "advapi32",
-					TLV_TYPE_RAILGUN_FUNCNAME => "LookupAccountSidA"
-				},
-				:response_from_client => {
-					TLV_TYPE_RAILGUN_BACK_BUFFERBLOB_INOUT => "\x06\x00\x00\x00\x00\x00\x00\x00\f\x00\x00\x00\x00\x00\x00\x00",
-					TLV_TYPE_RAILGUN_BACK_BUFFERBLOB_OUT => "SYSTEM\x00AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANT AUTHORITY\x00AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\x05",
-					TLV_TYPE_RAILGUN_BACK_RET => 1,
-					TLV_TYPE_RAILGUN_BACK_ERR => 997
-				},
-				:returned_hash => {
-					"GetLastError" => 997,
-					"return" => true,
-					"Name" => "SYSTEM",
-					"ReferencedDomainName" => "NT AUTHORITY",
-					"peUse" => "\x05",
-					"cchName" => 6,
-					"cchReferencedDomainName" => 12
-				},
-			},
-			{
-				:platform => 'x64/win64',
-				:name => 'LookupAccountSidA',
-				:params => [
-					["PCHAR", "lpSystemName", "in"],
-					["LPVOID", "Sid", "in"],
-					["PCHAR", "Name", "out"],
-					["PDWORD", "cchName", "inout"],
-					["PCHAR", "ReferencedDomainName", "out"],
-					["PDWORD", "cchReferencedDomainName", "inout"],
-					["PBLOB", "peUse", "out"]
-				],
-				:return_type => 'BOOL',
-				:dll_name => 'advapi32',
-				:ruby_args => [nil, 1631552, 100, 100, 100, 100, 1],
-				:request_to_client => {
-					TLV_TYPE_RAILGUN_SIZE_OUT => 201,
-					TLV_TYPE_RAILGUN_STACKBLOB => "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00@\xE5\x18\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00d\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\b\x00\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\xC8\x00\x00\x00\x00\x00\x00\x00",
-					TLV_TYPE_RAILGUN_BUFFERBLOB_IN => "",
-					TLV_TYPE_RAILGUN_BUFFERBLOB_INOUT => "d\x00\x00\x00\x00\x00\x00\x00d\x00\x00\x00\x00\x00\x00\x00",
-					TLV_TYPE_RAILGUN_DLLNAME => 'advapi32',
-					TLV_TYPE_RAILGUN_FUNCNAME => 'LookupAccountSidA',
-				},
-				:response_from_client => {
-					TLV_TYPE_RAILGUN_BACK_BUFFERBLOB_INOUT => "\x06\x00\x00\x00\x00\x00\x00\x00\f\x00\x00\x00\x00\x00\x00\x00",
-					TLV_TYPE_RAILGUN_BACK_BUFFERBLOB_OUT => "SYSTEM\x00AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANT AUTHORITY\x00AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\x05",
-					TLV_TYPE_RAILGUN_BACK_RET => 1,
-					TLV_TYPE_RAILGUN_BACK_ERR => 0,
-				},
-				:returned_hash => {
-					"GetLastError"=>0,
-					"return"=>true,
-					"Name"=>"SYSTEM",
-					"ReferencedDomainName"=>"NT AUTHORITY",
-					"peUse"=>"\x05",
-					"cchName"=>6,
-					"cchReferencedDomainName"=>12
-				},
-			},
-			{
-				:platform => 'x86/win32',
-				:name => 'CryptAcquireContextW',
-				:params => [["PDWORD", "phProv", "out"], ["PWCHAR", "pszContainer", "in"], ["PWCHAR", "pszProvider", "in"], ["DWORD", "dwProvType", "in"], ["DWORD", "dwflags", "in"]],
-				:return_type => 'BOOL',
-				:dll_name => 'advapi32',
-				:ruby_args => [4, nil, "Microsoft Enhanced Cryptographic Provider v1.0", 1, 4026531840],
-				:request_to_client => {
-					TLV_TYPE_RAILGUN_SIZE_OUT => 4,
-					TLV_TYPE_RAILGUN_STACKBLOB => "\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xF0",
-					TLV_TYPE_RAILGUN_BUFFERBLOB_IN => "M\x00i\x00c\x00r\x00o\x00s\x00o\x00f\x00t\x00 \x00E\x00n\x00h\x00a\x00n\x00c\x00e\x00d\x00 \x00C\x00r\x00y\x00p\x00t\x00o\x00g\x00r\x00a\x00p\x00h\x00i\x00c\x00 \x00P\x00r\x00o\x00v\x00i\x00d\x00e\x00r\x00 \x00v\x001\x00.\x000\x00\x00\x00\x00\x00",
-					TLV_TYPE_RAILGUN_BUFFERBLOB_INOUT => "",
-					TLV_TYPE_RAILGUN_DLLNAME => 'advapi32',
-					TLV_TYPE_RAILGUN_FUNCNAME => 'CryptAcquireContextW',
-				},
-				:response_from_client => {
-					TLV_TYPE_RAILGUN_BACK_BUFFERBLOB_INOUT => "",
-					TLV_TYPE_RAILGUN_BACK_BUFFERBLOB_OUT => "\xC8\xEB\x14\x00",
-					TLV_TYPE_RAILGUN_BACK_RET => 1,
-					TLV_TYPE_RAILGUN_BACK_ERR => 0,
-				},
-				:returned_hash => {"GetLastError"=>0, "return"=>true, "phProv"=>1371080},
-			},
-			{
-				:platform => 'x86/win32',
-				:name => 'CryptCreateHash',
-				:params => [["LPVOID", "hProv", "in"], ["DWORD", "Algid", "in"], ["LPVOID", "hKey", "in"], ["DWORD", "dwFlags", "in"], ["PDWORD", "phHash", "out"]],
-				:return_type => 'BOOL',
-				:dll_name => 'advapi32',
-				:ruby_args => [1371080, 32771, 0, 0, 4],
-				:request_to_client => {
-					TLV_TYPE_RAILGUN_SIZE_OUT => 4,
-					TLV_TYPE_RAILGUN_STACKBLOB => "\x00\x00\x00\x00\xC8\xEB\x14\x00\x00\x00\x00\x00\x03\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00",
-					TLV_TYPE_RAILGUN_BUFFERBLOB_IN => "",
-					TLV_TYPE_RAILGUN_BUFFERBLOB_INOUT => "",
-					TLV_TYPE_RAILGUN_DLLNAME => 'advapi32',
-					TLV_TYPE_RAILGUN_FUNCNAME => 'CryptCreateHash',
-				},
-				:response_from_client => {
-					TLV_TYPE_RAILGUN_BACK_BUFFERBLOB_INOUT => "",
-					TLV_TYPE_RAILGUN_BACK_BUFFERBLOB_OUT => "p\xEA\x14\x00",
-					TLV_TYPE_RAILGUN_BACK_RET => 1,
-					TLV_TYPE_RAILGUN_BACK_ERR => 0,
-				},
-				:returned_hash => {"GetLastError"=>0, "return"=>true, "phHash"=>1370736},
-			},
-			{
-				:platform => 'x86/win32',
-				:name => 'CryptHashData',
-				:params => [["LPVOID", "hHash", "in"], ["PWCHAR", "pbData", "in"], ["DWORD", "dwDataLen", "in"], ["DWORD", "dwFlags", "in"]],
-				:return_type => 'BOOL',
-				:dll_name => 'advapi32',
-				:ruby_args => [1370736, "SmartFTP", 16, 0],
-				:request_to_client => {
-					TLV_TYPE_RAILGUN_SIZE_OUT => 0,
-					TLV_TYPE_RAILGUN_STACKBLOB => "\x00\x00\x00\x00p\xEA\x14\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
-					TLV_TYPE_RAILGUN_BUFFERBLOB_IN => "S\x00m\x00a\x00r\x00t\x00F\x00T\x00P\x00\x00\x00\x00\x00\x00\x00\x00\x00",
-					TLV_TYPE_RAILGUN_BUFFERBLOB_INOUT => "",
-					TLV_TYPE_RAILGUN_DLLNAME => 'advapi32',
-					TLV_TYPE_RAILGUN_FUNCNAME => 'CryptHashData',
-				},
-				:response_from_client => {
-					TLV_TYPE_RAILGUN_BACK_BUFFERBLOB_INOUT => "",
-					TLV_TYPE_RAILGUN_BACK_BUFFERBLOB_OUT => "",
-					TLV_TYPE_RAILGUN_BACK_RET => 1,
-					TLV_TYPE_RAILGUN_BACK_ERR => 0,
-				},
-				:returned_hash => {"GetLastError"=>0, "return"=>true},
-			},
-			{
-				:platform => 'x86/win32',
-				:name => 'CryptDeriveKey',
-				:params => [["LPVOID", "hProv", "in"], ["DWORD", "Algid", "in"], ["LPVOID", "hBaseData", "in"], ["DWORD", "dwFlags", "in"], ["PDWORD", "phKey", "inout"]],
-				:return_type => 'BOOL',
-				:dll_name => 'advapi32',
-				:ruby_args => [1371080, 26625, 1370736, 8388608, 4],
-				:request_to_client => {
-					TLV_TYPE_RAILGUN_SIZE_OUT => 0,
-					TLV_TYPE_RAILGUN_STACKBLOB => "\x00\x00\x00\x00\xC8\xEB\x14\x00\x00\x00\x00\x00\x01h\x00\x00\x00\x00\x00\x00p\xEA\x14\x00\x00\x00\x00\x00\x00\x00\x80\x00\x03\x00\x00\x00\x00\x00\x00\x00",
-					TLV_TYPE_RAILGUN_BUFFERBLOB_IN => "",
-					TLV_TYPE_RAILGUN_BUFFERBLOB_INOUT => "\x04\x00\x00\x00\x00\x00\x00\x00",
-					TLV_TYPE_RAILGUN_DLLNAME => 'advapi32',
-					TLV_TYPE_RAILGUN_FUNCNAME => 'CryptDeriveKey',
-				},
-				:response_from_client => {
-					TLV_TYPE_RAILGUN_BACK_BUFFERBLOB_INOUT => "\xA0\x9C\x15\x00\x00\x00\x00\x00",
-					TLV_TYPE_RAILGUN_BACK_BUFFERBLOB_OUT => "",
-					TLV_TYPE_RAILGUN_BACK_RET => 1,
-					TLV_TYPE_RAILGUN_BACK_ERR => 0,
-				},
-				:returned_hash => {"GetLastError"=>0, "return"=>true, "phKey"=>1416352},
-			},
-			{
-				:platform => 'x86/win32',
-				:name => 'CryptDecrypt',
-				:params => [["LPVOID", "hKey", "in"], ["LPVOID", "hHash", "in"], ["BOOL", "Final", "in"], ["DWORD", "dwFlags", "in"], ["PBLOB", "pbData", "inout"], ["PDWORD", "pdwDataLen", "inout"]],
-				:return_type => 'BOOL',
-				:dll_name => 'advapi32',
-				:ruby_args => [1416352, 0, true, 0, "\x96\"\x83/\xCE|", 6],
-				:request_to_client => {
-					TLV_TYPE_RAILGUN_SIZE_OUT => 0,
-					TLV_TYPE_RAILGUN_STACKBLOB => "\x00\x00\x00\x00\xA0\x9C\x15\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\b\x00\x00\x00",
-					TLV_TYPE_RAILGUN_BUFFERBLOB_IN => "",
-					TLV_TYPE_RAILGUN_BUFFERBLOB_INOUT => "\x96\"\x83/\xCE|\x00\x00\x06\x00\x00\x00\x00\x00\x00\x00",
-					TLV_TYPE_RAILGUN_DLLNAME => 'advapi32',
-					TLV_TYPE_RAILGUN_FUNCNAME => 'CryptDecrypt',
-				},
-				:response_from_client => {
-					TLV_TYPE_RAILGUN_BACK_BUFFERBLOB_INOUT => "q\x00u\x00x\x00\x00\x00\x06\x00\x00\x00\x00\x00\x00\x00",
-					TLV_TYPE_RAILGUN_BACK_BUFFERBLOB_OUT => "",
-					TLV_TYPE_RAILGUN_BACK_RET => 1,
-					TLV_TYPE_RAILGUN_BACK_ERR => 0,
-				},
-				:returned_hash => {"GetLastError"=>0, "return"=>true, "pbData"=>"q\x00u\x00x\x00", "pdwDataLen"=>6},
-			},
-			{
-				:platform => 'x86/win32',
-				:name => 'CryptDestroyHash',
-				:params => [["LPVOID", "hHash", "in"]],
-				:return_type => 'BOOL',
-				:dll_name => 'advapi32',
-				:ruby_args => [1370736],
-				:request_to_client => {
-					TLV_TYPE_RAILGUN_SIZE_OUT => 0,
-					TLV_TYPE_RAILGUN_STACKBLOB => "\x00\x00\x00\x00p\xEA\x14\x00",
-					TLV_TYPE_RAILGUN_BUFFERBLOB_IN => "",
-					TLV_TYPE_RAILGUN_BUFFERBLOB_INOUT => "",
-					TLV_TYPE_RAILGUN_DLLNAME => 'advapi32',
-					TLV_TYPE_RAILGUN_FUNCNAME => 'CryptDestroyHash',
-				},
-				:response_from_client => {
-					TLV_TYPE_RAILGUN_BACK_BUFFERBLOB_INOUT => "",
-					TLV_TYPE_RAILGUN_BACK_BUFFERBLOB_OUT => "",
-					TLV_TYPE_RAILGUN_BACK_RET => 1,
-					TLV_TYPE_RAILGUN_BACK_ERR => 0,
-				},
-				:returned_hash => {"GetLastError"=>0, "return"=>true},
-			},
-			{
-				:platform => 'x86/win32',
-				:name => 'CryptDestroyKey',
-				:params => [["LPVOID", "hKey", "in"]],
-				:return_type => 'BOOL',
-				:dll_name => 'advapi32',
-				:ruby_args => [1416352],
-				:request_to_client => {
-					TLV_TYPE_RAILGUN_SIZE_OUT => 0,
-					TLV_TYPE_RAILGUN_STACKBLOB => "\x00\x00\x00\x00\xA0\x9C\x15\x00",
-					TLV_TYPE_RAILGUN_BUFFERBLOB_IN => "",
-					TLV_TYPE_RAILGUN_BUFFERBLOB_INOUT => "",
-					TLV_TYPE_RAILGUN_DLLNAME => 'advapi32',
-					TLV_TYPE_RAILGUN_FUNCNAME => 'CryptDestroyKey',
-				},
-				:response_from_client => {
-					TLV_TYPE_RAILGUN_BACK_BUFFERBLOB_INOUT => "",
-					TLV_TYPE_RAILGUN_BACK_BUFFERBLOB_OUT => "",
-					TLV_TYPE_RAILGUN_BACK_RET => 1,
-					TLV_TYPE_RAILGUN_BACK_ERR => 0,
-				},
-				:returned_hash => {"GetLastError"=>0, "return"=>true},
-			},
-			{
-				:platform => 'x86/win32',
-				:name => 'CryptReleaseContext',
-				:params => [["LPVOID", "hProv", "in"], ["DWORD", "dwFlags", "in"]],
-				:return_type => 'BOOL',
-				:dll_name => 'advapi32',
-				:ruby_args => [1371080, 0],
-				:request_to_client => {
-					TLV_TYPE_RAILGUN_SIZE_OUT => 0,
-					TLV_TYPE_RAILGUN_STACKBLOB => "\x00\x00\x00\x00\xC8\xEB\x14\x00\x00\x00\x00\x00\x00\x00\x00\x00",
-					TLV_TYPE_RAILGUN_BUFFERBLOB_IN => "",
-					TLV_TYPE_RAILGUN_BUFFERBLOB_INOUT => "",
-					TLV_TYPE_RAILGUN_DLLNAME => 'advapi32',
-					TLV_TYPE_RAILGUN_FUNCNAME => 'CryptReleaseContext',
-				},
-				:response_from_client => {
-					TLV_TYPE_RAILGUN_BACK_BUFFERBLOB_INOUT => "",
-					TLV_TYPE_RAILGUN_BACK_BUFFERBLOB_OUT => "",
-					TLV_TYPE_RAILGUN_BACK_RET => 1,
-					TLV_TYPE_RAILGUN_BACK_ERR => 0,
-				},
-				:returned_hash => {"GetLastError"=>0, "return"=>true},
-			},
-			{
-				:platform => 'x64/win64',
-				:name => 'CryptAcquireContextW',
-				:params => [["PDWORD", "phProv", "out"], ["PWCHAR", "pszContainer", "in"], ["PWCHAR", "pszProvider", "in"], ["DWORD", "dwProvType", "in"], ["DWORD", "dwflags", "in"]],
-				:return_type => 'BOOL',
-				:dll_name => 'advapi32',
-				:ruby_args => [8, nil, "Microsoft Enhanced Cryptographic Provider v1.0", 1, 4026531840],
-				:request_to_client => {
-					TLV_TYPE_RAILGUN_SIZE_OUT => 8,
-					TLV_TYPE_RAILGUN_STACKBLOB => "\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xF0\x00\x00\x00\x00",
-					TLV_TYPE_RAILGUN_BUFFERBLOB_IN => "M\x00i\x00c\x00r\x00o\x00s\x00o\x00f\x00t\x00 \x00E\x00n\x00h\x00a\x00n\x00c\x00e\x00d\x00 \x00C\x00r\x00y\x00p\x00t\x00o\x00g\x00r\x00a\x00p\x00h\x00i\x00c\x00 \x00P\x00r\x00o\x00v\x00i\x00d\x00e\x00r\x00 \x00v\x001\x00.\x000\x00\x00\x00\x00\x00",
-					TLV_TYPE_RAILGUN_BUFFERBLOB_INOUT => "",
-					TLV_TYPE_RAILGUN_DLLNAME => 'advapi32',
-					TLV_TYPE_RAILGUN_FUNCNAME => 'CryptAcquireContextW',
-				},
-				:response_from_client => {
-					TLV_TYPE_RAILGUN_BACK_BUFFERBLOB_INOUT => "",
-					TLV_TYPE_RAILGUN_BACK_BUFFERBLOB_OUT => "\x80\xCE\x1A\x00\x00\x00\x00\x00",
-					TLV_TYPE_RAILGUN_BACK_RET => 1,
-					TLV_TYPE_RAILGUN_BACK_ERR => 0,
-				},
-				:returned_hash => {"GetLastError"=>0, "return"=>true, "phProv"=>1756800},
-			},
-			{
-				:platform => 'x64/win64',
-				:name => 'CryptCreateHash',
-				:params => [["LPVOID", "hProv", "in"], ["DWORD", "Algid", "in"], ["LPVOID", "hKey", "in"], ["DWORD", "dwFlags", "in"], ["PDWORD", "phHash", "out"]],
-				:return_type => 'BOOL',
-				:dll_name => 'advapi32',
-				:ruby_args => [1756800, 32771, 0, 0, 8],
-				:request_to_client => {
-					TLV_TYPE_RAILGUN_SIZE_OUT => 8,
-					TLV_TYPE_RAILGUN_STACKBLOB => "\x00\x00\x00\x00\x00\x00\x00\x00\x80\xCE\x1A\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
-					TLV_TYPE_RAILGUN_BUFFERBLOB_IN => "",
-					TLV_TYPE_RAILGUN_BUFFERBLOB_INOUT => "",
-					TLV_TYPE_RAILGUN_DLLNAME => 'advapi32',
-					TLV_TYPE_RAILGUN_FUNCNAME => 'CryptCreateHash',
-				},
-				:response_from_client => {
-					TLV_TYPE_RAILGUN_BACK_BUFFERBLOB_INOUT => "",
-					TLV_TYPE_RAILGUN_BACK_BUFFERBLOB_OUT => "\x00\xA3\x19\x00\x00\x00\x00\x00",
-					TLV_TYPE_RAILGUN_BACK_RET => 1,
-					TLV_TYPE_RAILGUN_BACK_ERR => 0,
-				},
-				:returned_hash => {"GetLastError"=>0, "return"=>true, "phHash"=>1680128},
-			},
-			{
-				:platform => 'x64/win64',
-				:name => 'CryptHashData',
-				:params => [["LPVOID", "hHash", "in"], ["PWCHAR", "pbData", "in"], ["DWORD", "dwDataLen", "in"], ["DWORD", "dwFlags", "in"]],
-				:return_type => 'BOOL',
-				:dll_name => 'advapi32',
-				:ruby_args => [1680128, "SmartFTP", 16, 0],
-				:request_to_client => {
-					TLV_TYPE_RAILGUN_SIZE_OUT => 0,
-					TLV_TYPE_RAILGUN_STACKBLOB => "\x00\x00\x00\x00\x00\x00\x00\x00\x00\xA3\x19\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
-					TLV_TYPE_RAILGUN_BUFFERBLOB_IN => "S\x00m\x00a\x00r\x00t\x00F\x00T\x00P\x00\x00\x00\x00\x00\x00\x00\x00\x00",
-					TLV_TYPE_RAILGUN_BUFFERBLOB_INOUT => "",
-					TLV_TYPE_RAILGUN_DLLNAME => 'advapi32',
-					TLV_TYPE_RAILGUN_FUNCNAME => 'CryptHashData',
-				},
-				:response_from_client => {
-					TLV_TYPE_RAILGUN_BACK_BUFFERBLOB_INOUT => "",
-					TLV_TYPE_RAILGUN_BACK_BUFFERBLOB_OUT => "",
-					TLV_TYPE_RAILGUN_BACK_RET => 1,
-					TLV_TYPE_RAILGUN_BACK_ERR => 0,
-				},
-				:returned_hash => {"GetLastError"=>0, "return"=>true},
-			},
-			{
-				:platform => 'x64/win64',
-				:name => 'CryptDeriveKey',
-				:params => [["LPVOID", "hProv", "in"], ["DWORD", "Algid", "in"], ["LPVOID", "hBaseData", "in"], ["DWORD", "dwFlags", "in"], ["PDWORD", "phKey", "inout"]],
-				:return_type => 'BOOL',
-				:dll_name => 'advapi32',
-				:ruby_args => [1756800, 26625, 1680128, 8388608, 4],
-				:request_to_client => {
-					TLV_TYPE_RAILGUN_SIZE_OUT => 0,
-					TLV_TYPE_RAILGUN_STACKBLOB => "\x00\x00\x00\x00\x00\x00\x00\x00\x80\xCE\x1A\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01h\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xA3\x19\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
-					TLV_TYPE_RAILGUN_BUFFERBLOB_IN => "",
-					TLV_TYPE_RAILGUN_BUFFERBLOB_INOUT => "\x04\x00\x00\x00\x00\x00\x00\x00",
-					TLV_TYPE_RAILGUN_DLLNAME => 'advapi32',
-					TLV_TYPE_RAILGUN_FUNCNAME => 'CryptDeriveKey',
-				},
-				:response_from_client => {
-					TLV_TYPE_RAILGUN_BACK_BUFFERBLOB_INOUT => "p\xA3\x19\x00\x00\x00\x00\x00",
-					TLV_TYPE_RAILGUN_BACK_BUFFERBLOB_OUT => "",
-					TLV_TYPE_RAILGUN_BACK_RET => 1,
-					TLV_TYPE_RAILGUN_BACK_ERR => 0,
-				},
-				:returned_hash => {"GetLastError"=>0, "return"=>true, "phKey"=>1680240},
-			},
-			{
-				:platform => 'x64/win64',
-				:name => 'CryptDecrypt',
-				:params => [["LPVOID", "hKey", "in"], ["LPVOID", "hHash", "in"], ["BOOL", "Final", "in"], ["DWORD", "dwFlags", "in"], ["PBLOB", "pbData", "inout"], ["PDWORD", "pdwDataLen", "inout"]],
-				:return_type => 'BOOL',
-				:dll_name => 'advapi32',
-				:ruby_args => [1680240, 0, true, 0, "\x85\"\x97/\xCC|", 6],
-				:request_to_client => {
-					TLV_TYPE_RAILGUN_SIZE_OUT => 0,
-					TLV_TYPE_RAILGUN_STACKBLOB => "\x00\x00\x00\x00\x00\x00\x00\x00p\xA3\x19\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\b\x00\x00\x00\x00\x00\x00\x00",
-					TLV_TYPE_RAILGUN_BUFFERBLOB_IN => "",
-					TLV_TYPE_RAILGUN_BUFFERBLOB_INOUT => "\x85\"\x97/\xCC|\x00\x00\x06\x00\x00\x00\x00\x00\x00\x00",
-					TLV_TYPE_RAILGUN_DLLNAME => 'advapi32',
-					TLV_TYPE_RAILGUN_FUNCNAME => 'CryptDecrypt',
-				},
-				:response_from_client => {
-					TLV_TYPE_RAILGUN_BACK_BUFFERBLOB_INOUT => "b\x00a\x00z\x00\x00\x00\x06\x00\x00\x00\x00\x00\x00\x00",
-					TLV_TYPE_RAILGUN_BACK_BUFFERBLOB_OUT => "",
-					TLV_TYPE_RAILGUN_BACK_RET => 1,
-					TLV_TYPE_RAILGUN_BACK_ERR => 0,
-				},
-				:returned_hash => {"GetLastError"=>0, "return"=>true, "pbData"=>"b\x00a\x00z\x00", "pdwDataLen"=>6},
-			},
-			{
-				:platform => 'x64/win64',
-				:name => 'CryptDestroyHash',
-				:params => [["LPVOID", "hHash", "in"]],
-				:return_type => 'BOOL',
-				:dll_name => 'advapi32',
-				:ruby_args => [1680128],
-				:request_to_client => {
-					TLV_TYPE_RAILGUN_SIZE_OUT => 0,
-					TLV_TYPE_RAILGUN_STACKBLOB => "\x00\x00\x00\x00\x00\x00\x00\x00\x00\xA3\x19\x00\x00\x00\x00\x00",
-					TLV_TYPE_RAILGUN_BUFFERBLOB_IN => "",
-					TLV_TYPE_RAILGUN_BUFFERBLOB_INOUT => "",
-					TLV_TYPE_RAILGUN_DLLNAME => 'advapi32',
-					TLV_TYPE_RAILGUN_FUNCNAME => 'CryptDestroyHash',
-				},
-				:response_from_client => {
-					TLV_TYPE_RAILGUN_BACK_BUFFERBLOB_INOUT => "",
-					TLV_TYPE_RAILGUN_BACK_BUFFERBLOB_OUT => "",
-					TLV_TYPE_RAILGUN_BACK_RET => 1,
-					TLV_TYPE_RAILGUN_BACK_ERR => 0,
-				},
-				:returned_hash => {"GetLastError"=>0, "return"=>true},
-			},
-			{
-				:platform => 'x64/win64',
-				:name => 'CryptDestroyKey',
-				:params => [["LPVOID", "hKey", "in"]],
-				:return_type => 'BOOL',
-				:dll_name => 'advapi32',
-				:ruby_args => [1680240],
-				:request_to_client => {
-					TLV_TYPE_RAILGUN_SIZE_OUT => 0,
-					TLV_TYPE_RAILGUN_STACKBLOB => "\x00\x00\x00\x00\x00\x00\x00\x00p\xA3\x19\x00\x00\x00\x00\x00",
-					TLV_TYPE_RAILGUN_BUFFERBLOB_IN => "",
-					TLV_TYPE_RAILGUN_BUFFERBLOB_INOUT => "",
-					TLV_TYPE_RAILGUN_DLLNAME => 'advapi32',
-					TLV_TYPE_RAILGUN_FUNCNAME => 'CryptDestroyKey',
-				},
-				:response_from_client => {
-					TLV_TYPE_RAILGUN_BACK_BUFFERBLOB_INOUT => "",
-					TLV_TYPE_RAILGUN_BACK_BUFFERBLOB_OUT => "",
-					TLV_TYPE_RAILGUN_BACK_RET => 1,
-					TLV_TYPE_RAILGUN_BACK_ERR => 0,
-				},
-				:returned_hash => {"GetLastError"=>0, "return"=>true},
-			},
-			{
-				:platform => 'x64/win64',
-				:name => 'CryptReleaseContext',
-				:params => [["LPVOID", "hProv", "in"], ["DWORD", "dwFlags", "in"]],
-				:return_type => 'BOOL',
-				:dll_name => 'advapi32',
-				:ruby_args => [1756800, 0],
-				:request_to_client => {
-					TLV_TYPE_RAILGUN_SIZE_OUT => 0,
-					TLV_TYPE_RAILGUN_STACKBLOB => "\x00\x00\x00\x00\x00\x00\x00\x00\x80\xCE\x1A\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
-					TLV_TYPE_RAILGUN_BUFFERBLOB_IN => "",
-					TLV_TYPE_RAILGUN_BUFFERBLOB_INOUT => "",
-					TLV_TYPE_RAILGUN_DLLNAME => 'advapi32',
-					TLV_TYPE_RAILGUN_FUNCNAME => 'CryptReleaseContext',
-				},
-				:response_from_client => {
-					TLV_TYPE_RAILGUN_BACK_BUFFERBLOB_INOUT => "",
-					TLV_TYPE_RAILGUN_BACK_BUFFERBLOB_OUT => "",
-					TLV_TYPE_RAILGUN_BACK_RET => 1,
-					TLV_TYPE_RAILGUN_BACK_ERR => 0,
-				},
-				:returned_hash => {"GetLastError"=>0, "return"=>true},
-			},
-		]
-	end
+  # These are sample descriptions of functions to use for testing.
+  # the definitions include everything needed to mock and end to end test
+  def mock_function_descriptions
+    [
+      {
+        :platform => "x86/win32",
+        :name => "LookupAccountSidA",
+        :params => [
+          ["PCHAR","lpSystemName","in"],
+          ["LPVOID","Sid","in"],
+          ["PCHAR","Name","out"],
+          ["PDWORD","cchName","inout"],
+          ["PCHAR","ReferencedDomainName","out"],
+          ["PDWORD","cchReferencedDomainName","inout"],
+          ["PBLOB","peUse","out"],
+        ],
+        :return_type => "BOOL",
+        :dll_name => "advapi32",
+        :ruby_args => [nil, 1371864, 100, 100, 100, 100, 1],
+        :request_to_client => {
+          TLV_TYPE_RAILGUN_SIZE_OUT => 201,
+          TLV_TYPE_RAILGUN_STACKBLOB => "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xD8\xEE\x14\x00\x02\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00d\x00\x00\x00\x03\x00\x00\x00\b\x00\x00\x00\x02\x00\x00\x00\xC8\x00\x00\x00",
+          TLV_TYPE_RAILGUN_BUFFERBLOB_IN => "",
+          TLV_TYPE_RAILGUN_BUFFERBLOB_INOUT => "d\x00\x00\x00\x00\x00\x00\x00d\x00\x00\x00\x00\x00\x00\x00",
+          TLV_TYPE_RAILGUN_DLLNAME => "advapi32",
+          TLV_TYPE_RAILGUN_FUNCNAME => "LookupAccountSidA"
+        },
+        :response_from_client => {
+          TLV_TYPE_RAILGUN_BACK_BUFFERBLOB_INOUT => "\x06\x00\x00\x00\x00\x00\x00\x00\f\x00\x00\x00\x00\x00\x00\x00",
+          TLV_TYPE_RAILGUN_BACK_BUFFERBLOB_OUT => "SYSTEM\x00AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANT AUTHORITY\x00AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\x05",
+          TLV_TYPE_RAILGUN_BACK_RET => 1,
+          TLV_TYPE_RAILGUN_BACK_ERR => 997
+        },
+        :returned_hash => {
+          "GetLastError" => 997,
+          "return" => true,
+          "Name" => "SYSTEM",
+          "ReferencedDomainName" => "NT AUTHORITY",
+          "peUse" => "\x05",
+          "cchName" => 6,
+          "cchReferencedDomainName" => 12
+        },
+      },
+      {
+        :platform => 'x64/win64',
+        :name => 'LookupAccountSidA',
+        :params => [
+          ["PCHAR", "lpSystemName", "in"],
+          ["LPVOID", "Sid", "in"],
+          ["PCHAR", "Name", "out"],
+          ["PDWORD", "cchName", "inout"],
+          ["PCHAR", "ReferencedDomainName", "out"],
+          ["PDWORD", "cchReferencedDomainName", "inout"],
+          ["PBLOB", "peUse", "out"]
+        ],
+        :return_type => 'BOOL',
+        :dll_name => 'advapi32',
+        :ruby_args => [nil, 1631552, 100, 100, 100, 100, 1],
+        :request_to_client => {
+          TLV_TYPE_RAILGUN_SIZE_OUT => 201,
+          TLV_TYPE_RAILGUN_STACKBLOB => "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00@\xE5\x18\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00d\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\b\x00\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\xC8\x00\x00\x00\x00\x00\x00\x00",
+          TLV_TYPE_RAILGUN_BUFFERBLOB_IN => "",
+          TLV_TYPE_RAILGUN_BUFFERBLOB_INOUT => "d\x00\x00\x00\x00\x00\x00\x00d\x00\x00\x00\x00\x00\x00\x00",
+          TLV_TYPE_RAILGUN_DLLNAME => 'advapi32',
+          TLV_TYPE_RAILGUN_FUNCNAME => 'LookupAccountSidA',
+        },
+        :response_from_client => {
+          TLV_TYPE_RAILGUN_BACK_BUFFERBLOB_INOUT => "\x06\x00\x00\x00\x00\x00\x00\x00\f\x00\x00\x00\x00\x00\x00\x00",
+          TLV_TYPE_RAILGUN_BACK_BUFFERBLOB_OUT => "SYSTEM\x00AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANT AUTHORITY\x00AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\x05",
+          TLV_TYPE_RAILGUN_BACK_RET => 1,
+          TLV_TYPE_RAILGUN_BACK_ERR => 0,
+        },
+        :returned_hash => {
+          "GetLastError"=>0,
+          "return"=>true,
+          "Name"=>"SYSTEM",
+          "ReferencedDomainName"=>"NT AUTHORITY",
+          "peUse"=>"\x05",
+          "cchName"=>6,
+          "cchReferencedDomainName"=>12
+        },
+      },
+      {
+        :platform => 'x86/win32',
+        :name => 'CryptAcquireContextW',
+        :params => [["PDWORD", "phProv", "out"], ["PWCHAR", "pszContainer", "in"], ["PWCHAR", "pszProvider", "in"], ["DWORD", "dwProvType", "in"], ["DWORD", "dwflags", "in"]],
+        :return_type => 'BOOL',
+        :dll_name => 'advapi32',
+        :ruby_args => [4, nil, "Microsoft Enhanced Cryptographic Provider v1.0", 1, 4026531840],
+        :request_to_client => {
+          TLV_TYPE_RAILGUN_SIZE_OUT => 4,
+          TLV_TYPE_RAILGUN_STACKBLOB => "\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xF0",
+          TLV_TYPE_RAILGUN_BUFFERBLOB_IN => "M\x00i\x00c\x00r\x00o\x00s\x00o\x00f\x00t\x00 \x00E\x00n\x00h\x00a\x00n\x00c\x00e\x00d\x00 \x00C\x00r\x00y\x00p\x00t\x00o\x00g\x00r\x00a\x00p\x00h\x00i\x00c\x00 \x00P\x00r\x00o\x00v\x00i\x00d\x00e\x00r\x00 \x00v\x001\x00.\x000\x00\x00\x00\x00\x00",
+          TLV_TYPE_RAILGUN_BUFFERBLOB_INOUT => "",
+          TLV_TYPE_RAILGUN_DLLNAME => 'advapi32',
+          TLV_TYPE_RAILGUN_FUNCNAME => 'CryptAcquireContextW',
+        },
+        :response_from_client => {
+          TLV_TYPE_RAILGUN_BACK_BUFFERBLOB_INOUT => "",
+          TLV_TYPE_RAILGUN_BACK_BUFFERBLOB_OUT => "\xC8\xEB\x14\x00",
+          TLV_TYPE_RAILGUN_BACK_RET => 1,
+          TLV_TYPE_RAILGUN_BACK_ERR => 0,
+        },
+        :returned_hash => {"GetLastError"=>0, "return"=>true, "phProv"=>1371080},
+      },
+      {
+        :platform => 'x86/win32',
+        :name => 'CryptCreateHash',
+        :params => [["LPVOID", "hProv", "in"], ["DWORD", "Algid", "in"], ["LPVOID", "hKey", "in"], ["DWORD", "dwFlags", "in"], ["PDWORD", "phHash", "out"]],
+        :return_type => 'BOOL',
+        :dll_name => 'advapi32',
+        :ruby_args => [1371080, 32771, 0, 0, 4],
+        :request_to_client => {
+          TLV_TYPE_RAILGUN_SIZE_OUT => 4,
+          TLV_TYPE_RAILGUN_STACKBLOB => "\x00\x00\x00\x00\xC8\xEB\x14\x00\x00\x00\x00\x00\x03\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00",
+          TLV_TYPE_RAILGUN_BUFFERBLOB_IN => "",
+          TLV_TYPE_RAILGUN_BUFFERBLOB_INOUT => "",
+          TLV_TYPE_RAILGUN_DLLNAME => 'advapi32',
+          TLV_TYPE_RAILGUN_FUNCNAME => 'CryptCreateHash',
+        },
+        :response_from_client => {
+          TLV_TYPE_RAILGUN_BACK_BUFFERBLOB_INOUT => "",
+          TLV_TYPE_RAILGUN_BACK_BUFFERBLOB_OUT => "p\xEA\x14\x00",
+          TLV_TYPE_RAILGUN_BACK_RET => 1,
+          TLV_TYPE_RAILGUN_BACK_ERR => 0,
+        },
+        :returned_hash => {"GetLastError"=>0, "return"=>true, "phHash"=>1370736},
+      },
+      {
+        :platform => 'x86/win32',
+        :name => 'CryptHashData',
+        :params => [["LPVOID", "hHash", "in"], ["PWCHAR", "pbData", "in"], ["DWORD", "dwDataLen", "in"], ["DWORD", "dwFlags", "in"]],
+        :return_type => 'BOOL',
+        :dll_name => 'advapi32',
+        :ruby_args => [1370736, "SmartFTP", 16, 0],
+        :request_to_client => {
+          TLV_TYPE_RAILGUN_SIZE_OUT => 0,
+          TLV_TYPE_RAILGUN_STACKBLOB => "\x00\x00\x00\x00p\xEA\x14\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
+          TLV_TYPE_RAILGUN_BUFFERBLOB_IN => "S\x00m\x00a\x00r\x00t\x00F\x00T\x00P\x00\x00\x00\x00\x00\x00\x00\x00\x00",
+          TLV_TYPE_RAILGUN_BUFFERBLOB_INOUT => "",
+          TLV_TYPE_RAILGUN_DLLNAME => 'advapi32',
+          TLV_TYPE_RAILGUN_FUNCNAME => 'CryptHashData',
+        },
+        :response_from_client => {
+          TLV_TYPE_RAILGUN_BACK_BUFFERBLOB_INOUT => "",
+          TLV_TYPE_RAILGUN_BACK_BUFFERBLOB_OUT => "",
+          TLV_TYPE_RAILGUN_BACK_RET => 1,
+          TLV_TYPE_RAILGUN_BACK_ERR => 0,
+        },
+        :returned_hash => {"GetLastError"=>0, "return"=>true},
+      },
+      {
+        :platform => 'x86/win32',
+        :name => 'CryptDeriveKey',
+        :params => [["LPVOID", "hProv", "in"], ["DWORD", "Algid", "in"], ["LPVOID", "hBaseData", "in"], ["DWORD", "dwFlags", "in"], ["PDWORD", "phKey", "inout"]],
+        :return_type => 'BOOL',
+        :dll_name => 'advapi32',
+        :ruby_args => [1371080, 26625, 1370736, 8388608, 4],
+        :request_to_client => {
+          TLV_TYPE_RAILGUN_SIZE_OUT => 0,
+          TLV_TYPE_RAILGUN_STACKBLOB => "\x00\x00\x00\x00\xC8\xEB\x14\x00\x00\x00\x00\x00\x01h\x00\x00\x00\x00\x00\x00p\xEA\x14\x00\x00\x00\x00\x00\x00\x00\x80\x00\x03\x00\x00\x00\x00\x00\x00\x00",
+          TLV_TYPE_RAILGUN_BUFFERBLOB_IN => "",
+          TLV_TYPE_RAILGUN_BUFFERBLOB_INOUT => "\x04\x00\x00\x00\x00\x00\x00\x00",
+          TLV_TYPE_RAILGUN_DLLNAME => 'advapi32',
+          TLV_TYPE_RAILGUN_FUNCNAME => 'CryptDeriveKey',
+        },
+        :response_from_client => {
+          TLV_TYPE_RAILGUN_BACK_BUFFERBLOB_INOUT => "\xA0\x9C\x15\x00\x00\x00\x00\x00",
+          TLV_TYPE_RAILGUN_BACK_BUFFERBLOB_OUT => "",
+          TLV_TYPE_RAILGUN_BACK_RET => 1,
+          TLV_TYPE_RAILGUN_BACK_ERR => 0,
+        },
+        :returned_hash => {"GetLastError"=>0, "return"=>true, "phKey"=>1416352},
+      },
+      {
+        :platform => 'x86/win32',
+        :name => 'CryptDecrypt',
+        :params => [["LPVOID", "hKey", "in"], ["LPVOID", "hHash", "in"], ["BOOL", "Final", "in"], ["DWORD", "dwFlags", "in"], ["PBLOB", "pbData", "inout"], ["PDWORD", "pdwDataLen", "inout"]],
+        :return_type => 'BOOL',
+        :dll_name => 'advapi32',
+        :ruby_args => [1416352, 0, true, 0, "\x96\"\x83/\xCE|", 6],
+        :request_to_client => {
+          TLV_TYPE_RAILGUN_SIZE_OUT => 0,
+          TLV_TYPE_RAILGUN_STACKBLOB => "\x00\x00\x00\x00\xA0\x9C\x15\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\b\x00\x00\x00",
+          TLV_TYPE_RAILGUN_BUFFERBLOB_IN => "",
+          TLV_TYPE_RAILGUN_BUFFERBLOB_INOUT => "\x96\"\x83/\xCE|\x00\x00\x06\x00\x00\x00\x00\x00\x00\x00",
+          TLV_TYPE_RAILGUN_DLLNAME => 'advapi32',
+          TLV_TYPE_RAILGUN_FUNCNAME => 'CryptDecrypt',
+        },
+        :response_from_client => {
+          TLV_TYPE_RAILGUN_BACK_BUFFERBLOB_INOUT => "q\x00u\x00x\x00\x00\x00\x06\x00\x00\x00\x00\x00\x00\x00",
+          TLV_TYPE_RAILGUN_BACK_BUFFERBLOB_OUT => "",
+          TLV_TYPE_RAILGUN_BACK_RET => 1,
+          TLV_TYPE_RAILGUN_BACK_ERR => 0,
+        },
+        :returned_hash => {"GetLastError"=>0, "return"=>true, "pbData"=>"q\x00u\x00x\x00", "pdwDataLen"=>6},
+      },
+      {
+        :platform => 'x86/win32',
+        :name => 'CryptDestroyHash',
+        :params => [["LPVOID", "hHash", "in"]],
+        :return_type => 'BOOL',
+        :dll_name => 'advapi32',
+        :ruby_args => [1370736],
+        :request_to_client => {
+          TLV_TYPE_RAILGUN_SIZE_OUT => 0,
+          TLV_TYPE_RAILGUN_STACKBLOB => "\x00\x00\x00\x00p\xEA\x14\x00",
+          TLV_TYPE_RAILGUN_BUFFERBLOB_IN => "",
+          TLV_TYPE_RAILGUN_BUFFERBLOB_INOUT => "",
+          TLV_TYPE_RAILGUN_DLLNAME => 'advapi32',
+          TLV_TYPE_RAILGUN_FUNCNAME => 'CryptDestroyHash',
+        },
+        :response_from_client => {
+          TLV_TYPE_RAILGUN_BACK_BUFFERBLOB_INOUT => "",
+          TLV_TYPE_RAILGUN_BACK_BUFFERBLOB_OUT => "",
+          TLV_TYPE_RAILGUN_BACK_RET => 1,
+          TLV_TYPE_RAILGUN_BACK_ERR => 0,
+        },
+        :returned_hash => {"GetLastError"=>0, "return"=>true},
+      },
+      {
+        :platform => 'x86/win32',
+        :name => 'CryptDestroyKey',
+        :params => [["LPVOID", "hKey", "in"]],
+        :return_type => 'BOOL',
+        :dll_name => 'advapi32',
+        :ruby_args => [1416352],
+        :request_to_client => {
+          TLV_TYPE_RAILGUN_SIZE_OUT => 0,
+          TLV_TYPE_RAILGUN_STACKBLOB => "\x00\x00\x00\x00\xA0\x9C\x15\x00",
+          TLV_TYPE_RAILGUN_BUFFERBLOB_IN => "",
+          TLV_TYPE_RAILGUN_BUFFERBLOB_INOUT => "",
+          TLV_TYPE_RAILGUN_DLLNAME => 'advapi32',
+          TLV_TYPE_RAILGUN_FUNCNAME => 'CryptDestroyKey',
+        },
+        :response_from_client => {
+          TLV_TYPE_RAILGUN_BACK_BUFFERBLOB_INOUT => "",
+          TLV_TYPE_RAILGUN_BACK_BUFFERBLOB_OUT => "",
+          TLV_TYPE_RAILGUN_BACK_RET => 1,
+          TLV_TYPE_RAILGUN_BACK_ERR => 0,
+        },
+        :returned_hash => {"GetLastError"=>0, "return"=>true},
+      },
+      {
+        :platform => 'x86/win32',
+        :name => 'CryptReleaseContext',
+        :params => [["LPVOID", "hProv", "in"], ["DWORD", "dwFlags", "in"]],
+        :return_type => 'BOOL',
+        :dll_name => 'advapi32',
+        :ruby_args => [1371080, 0],
+        :request_to_client => {
+          TLV_TYPE_RAILGUN_SIZE_OUT => 0,
+          TLV_TYPE_RAILGUN_STACKBLOB => "\x00\x00\x00\x00\xC8\xEB\x14\x00\x00\x00\x00\x00\x00\x00\x00\x00",
+          TLV_TYPE_RAILGUN_BUFFERBLOB_IN => "",
+          TLV_TYPE_RAILGUN_BUFFERBLOB_INOUT => "",
+          TLV_TYPE_RAILGUN_DLLNAME => 'advapi32',
+          TLV_TYPE_RAILGUN_FUNCNAME => 'CryptReleaseContext',
+        },
+        :response_from_client => {
+          TLV_TYPE_RAILGUN_BACK_BUFFERBLOB_INOUT => "",
+          TLV_TYPE_RAILGUN_BACK_BUFFERBLOB_OUT => "",
+          TLV_TYPE_RAILGUN_BACK_RET => 1,
+          TLV_TYPE_RAILGUN_BACK_ERR => 0,
+        },
+        :returned_hash => {"GetLastError"=>0, "return"=>true},
+      },
+      {
+        :platform => 'x64/win64',
+        :name => 'CryptAcquireContextW',
+        :params => [["PDWORD", "phProv", "out"], ["PWCHAR", "pszContainer", "in"], ["PWCHAR", "pszProvider", "in"], ["DWORD", "dwProvType", "in"], ["DWORD", "dwflags", "in"]],
+        :return_type => 'BOOL',
+        :dll_name => 'advapi32',
+        :ruby_args => [8, nil, "Microsoft Enhanced Cryptographic Provider v1.0", 1, 4026531840],
+        :request_to_client => {
+          TLV_TYPE_RAILGUN_SIZE_OUT => 8,
+          TLV_TYPE_RAILGUN_STACKBLOB => "\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xF0\x00\x00\x00\x00",
+          TLV_TYPE_RAILGUN_BUFFERBLOB_IN => "M\x00i\x00c\x00r\x00o\x00s\x00o\x00f\x00t\x00 \x00E\x00n\x00h\x00a\x00n\x00c\x00e\x00d\x00 \x00C\x00r\x00y\x00p\x00t\x00o\x00g\x00r\x00a\x00p\x00h\x00i\x00c\x00 \x00P\x00r\x00o\x00v\x00i\x00d\x00e\x00r\x00 \x00v\x001\x00.\x000\x00\x00\x00\x00\x00",
+          TLV_TYPE_RAILGUN_BUFFERBLOB_INOUT => "",
+          TLV_TYPE_RAILGUN_DLLNAME => 'advapi32',
+          TLV_TYPE_RAILGUN_FUNCNAME => 'CryptAcquireContextW',
+        },
+        :response_from_client => {
+          TLV_TYPE_RAILGUN_BACK_BUFFERBLOB_INOUT => "",
+          TLV_TYPE_RAILGUN_BACK_BUFFERBLOB_OUT => "\x80\xCE\x1A\x00\x00\x00\x00\x00",
+          TLV_TYPE_RAILGUN_BACK_RET => 1,
+          TLV_TYPE_RAILGUN_BACK_ERR => 0,
+        },
+        :returned_hash => {"GetLastError"=>0, "return"=>true, "phProv"=>1756800},
+      },
+      {
+        :platform => 'x64/win64',
+        :name => 'CryptCreateHash',
+        :params => [["LPVOID", "hProv", "in"], ["DWORD", "Algid", "in"], ["LPVOID", "hKey", "in"], ["DWORD", "dwFlags", "in"], ["PDWORD", "phHash", "out"]],
+        :return_type => 'BOOL',
+        :dll_name => 'advapi32',
+        :ruby_args => [1756800, 32771, 0, 0, 8],
+        :request_to_client => {
+          TLV_TYPE_RAILGUN_SIZE_OUT => 8,
+          TLV_TYPE_RAILGUN_STACKBLOB => "\x00\x00\x00\x00\x00\x00\x00\x00\x80\xCE\x1A\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
+          TLV_TYPE_RAILGUN_BUFFERBLOB_IN => "",
+          TLV_TYPE_RAILGUN_BUFFERBLOB_INOUT => "",
+          TLV_TYPE_RAILGUN_DLLNAME => 'advapi32',
+          TLV_TYPE_RAILGUN_FUNCNAME => 'CryptCreateHash',
+        },
+        :response_from_client => {
+          TLV_TYPE_RAILGUN_BACK_BUFFERBLOB_INOUT => "",
+          TLV_TYPE_RAILGUN_BACK_BUFFERBLOB_OUT => "\x00\xA3\x19\x00\x00\x00\x00\x00",
+          TLV_TYPE_RAILGUN_BACK_RET => 1,
+          TLV_TYPE_RAILGUN_BACK_ERR => 0,
+        },
+        :returned_hash => {"GetLastError"=>0, "return"=>true, "phHash"=>1680128},
+      },
+      {
+        :platform => 'x64/win64',
+        :name => 'CryptHashData',
+        :params => [["LPVOID", "hHash", "in"], ["PWCHAR", "pbData", "in"], ["DWORD", "dwDataLen", "in"], ["DWORD", "dwFlags", "in"]],
+        :return_type => 'BOOL',
+        :dll_name => 'advapi32',
+        :ruby_args => [1680128, "SmartFTP", 16, 0],
+        :request_to_client => {
+          TLV_TYPE_RAILGUN_SIZE_OUT => 0,
+          TLV_TYPE_RAILGUN_STACKBLOB => "\x00\x00\x00\x00\x00\x00\x00\x00\x00\xA3\x19\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
+          TLV_TYPE_RAILGUN_BUFFERBLOB_IN => "S\x00m\x00a\x00r\x00t\x00F\x00T\x00P\x00\x00\x00\x00\x00\x00\x00\x00\x00",
+          TLV_TYPE_RAILGUN_BUFFERBLOB_INOUT => "",
+          TLV_TYPE_RAILGUN_DLLNAME => 'advapi32',
+          TLV_TYPE_RAILGUN_FUNCNAME => 'CryptHashData',
+        },
+        :response_from_client => {
+          TLV_TYPE_RAILGUN_BACK_BUFFERBLOB_INOUT => "",
+          TLV_TYPE_RAILGUN_BACK_BUFFERBLOB_OUT => "",
+          TLV_TYPE_RAILGUN_BACK_RET => 1,
+          TLV_TYPE_RAILGUN_BACK_ERR => 0,
+        },
+        :returned_hash => {"GetLastError"=>0, "return"=>true},
+      },
+      {
+        :platform => 'x64/win64',
+        :name => 'CryptDeriveKey',
+        :params => [["LPVOID", "hProv", "in"], ["DWORD", "Algid", "in"], ["LPVOID", "hBaseData", "in"], ["DWORD", "dwFlags", "in"], ["PDWORD", "phKey", "inout"]],
+        :return_type => 'BOOL',
+        :dll_name => 'advapi32',
+        :ruby_args => [1756800, 26625, 1680128, 8388608, 4],
+        :request_to_client => {
+          TLV_TYPE_RAILGUN_SIZE_OUT => 0,
+          TLV_TYPE_RAILGUN_STACKBLOB => "\x00\x00\x00\x00\x00\x00\x00\x00\x80\xCE\x1A\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01h\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xA3\x19\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
+          TLV_TYPE_RAILGUN_BUFFERBLOB_IN => "",
+          TLV_TYPE_RAILGUN_BUFFERBLOB_INOUT => "\x04\x00\x00\x00\x00\x00\x00\x00",
+          TLV_TYPE_RAILGUN_DLLNAME => 'advapi32',
+          TLV_TYPE_RAILGUN_FUNCNAME => 'CryptDeriveKey',
+        },
+        :response_from_client => {
+          TLV_TYPE_RAILGUN_BACK_BUFFERBLOB_INOUT => "p\xA3\x19\x00\x00\x00\x00\x00",
+          TLV_TYPE_RAILGUN_BACK_BUFFERBLOB_OUT => "",
+          TLV_TYPE_RAILGUN_BACK_RET => 1,
+          TLV_TYPE_RAILGUN_BACK_ERR => 0,
+        },
+        :returned_hash => {"GetLastError"=>0, "return"=>true, "phKey"=>1680240},
+      },
+      {
+        :platform => 'x64/win64',
+        :name => 'CryptDecrypt',
+        :params => [["LPVOID", "hKey", "in"], ["LPVOID", "hHash", "in"], ["BOOL", "Final", "in"], ["DWORD", "dwFlags", "in"], ["PBLOB", "pbData", "inout"], ["PDWORD", "pdwDataLen", "inout"]],
+        :return_type => 'BOOL',
+        :dll_name => 'advapi32',
+        :ruby_args => [1680240, 0, true, 0, "\x85\"\x97/\xCC|", 6],
+        :request_to_client => {
+          TLV_TYPE_RAILGUN_SIZE_OUT => 0,
+          TLV_TYPE_RAILGUN_STACKBLOB => "\x00\x00\x00\x00\x00\x00\x00\x00p\xA3\x19\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\b\x00\x00\x00\x00\x00\x00\x00",
+          TLV_TYPE_RAILGUN_BUFFERBLOB_IN => "",
+          TLV_TYPE_RAILGUN_BUFFERBLOB_INOUT => "\x85\"\x97/\xCC|\x00\x00\x06\x00\x00\x00\x00\x00\x00\x00",
+          TLV_TYPE_RAILGUN_DLLNAME => 'advapi32',
+          TLV_TYPE_RAILGUN_FUNCNAME => 'CryptDecrypt',
+        },
+        :response_from_client => {
+          TLV_TYPE_RAILGUN_BACK_BUFFERBLOB_INOUT => "b\x00a\x00z\x00\x00\x00\x06\x00\x00\x00\x00\x00\x00\x00",
+          TLV_TYPE_RAILGUN_BACK_BUFFERBLOB_OUT => "",
+          TLV_TYPE_RAILGUN_BACK_RET => 1,
+          TLV_TYPE_RAILGUN_BACK_ERR => 0,
+        },
+        :returned_hash => {"GetLastError"=>0, "return"=>true, "pbData"=>"b\x00a\x00z\x00", "pdwDataLen"=>6},
+      },
+      {
+        :platform => 'x64/win64',
+        :name => 'CryptDestroyHash',
+        :params => [["LPVOID", "hHash", "in"]],
+        :return_type => 'BOOL',
+        :dll_name => 'advapi32',
+        :ruby_args => [1680128],
+        :request_to_client => {
+          TLV_TYPE_RAILGUN_SIZE_OUT => 0,
+          TLV_TYPE_RAILGUN_STACKBLOB => "\x00\x00\x00\x00\x00\x00\x00\x00\x00\xA3\x19\x00\x00\x00\x00\x00",
+          TLV_TYPE_RAILGUN_BUFFERBLOB_IN => "",
+          TLV_TYPE_RAILGUN_BUFFERBLOB_INOUT => "",
+          TLV_TYPE_RAILGUN_DLLNAME => 'advapi32',
+          TLV_TYPE_RAILGUN_FUNCNAME => 'CryptDestroyHash',
+        },
+        :response_from_client => {
+          TLV_TYPE_RAILGUN_BACK_BUFFERBLOB_INOUT => "",
+          TLV_TYPE_RAILGUN_BACK_BUFFERBLOB_OUT => "",
+          TLV_TYPE_RAILGUN_BACK_RET => 1,
+          TLV_TYPE_RAILGUN_BACK_ERR => 0,
+        },
+        :returned_hash => {"GetLastError"=>0, "return"=>true},
+      },
+      {
+        :platform => 'x64/win64',
+        :name => 'CryptDestroyKey',
+        :params => [["LPVOID", "hKey", "in"]],
+        :return_type => 'BOOL',
+        :dll_name => 'advapi32',
+        :ruby_args => [1680240],
+        :request_to_client => {
+          TLV_TYPE_RAILGUN_SIZE_OUT => 0,
+          TLV_TYPE_RAILGUN_STACKBLOB => "\x00\x00\x00\x00\x00\x00\x00\x00p\xA3\x19\x00\x00\x00\x00\x00",
+          TLV_TYPE_RAILGUN_BUFFERBLOB_IN => "",
+          TLV_TYPE_RAILGUN_BUFFERBLOB_INOUT => "",
+          TLV_TYPE_RAILGUN_DLLNAME => 'advapi32',
+          TLV_TYPE_RAILGUN_FUNCNAME => 'CryptDestroyKey',
+        },
+        :response_from_client => {
+          TLV_TYPE_RAILGUN_BACK_BUFFERBLOB_INOUT => "",
+          TLV_TYPE_RAILGUN_BACK_BUFFERBLOB_OUT => "",
+          TLV_TYPE_RAILGUN_BACK_RET => 1,
+          TLV_TYPE_RAILGUN_BACK_ERR => 0,
+        },
+        :returned_hash => {"GetLastError"=>0, "return"=>true},
+      },
+      {
+        :platform => 'x64/win64',
+        :name => 'CryptReleaseContext',
+        :params => [["LPVOID", "hProv", "in"], ["DWORD", "dwFlags", "in"]],
+        :return_type => 'BOOL',
+        :dll_name => 'advapi32',
+        :ruby_args => [1756800, 0],
+        :request_to_client => {
+          TLV_TYPE_RAILGUN_SIZE_OUT => 0,
+          TLV_TYPE_RAILGUN_STACKBLOB => "\x00\x00\x00\x00\x00\x00\x00\x00\x80\xCE\x1A\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
+          TLV_TYPE_RAILGUN_BUFFERBLOB_IN => "",
+          TLV_TYPE_RAILGUN_BUFFERBLOB_INOUT => "",
+          TLV_TYPE_RAILGUN_DLLNAME => 'advapi32',
+          TLV_TYPE_RAILGUN_FUNCNAME => 'CryptReleaseContext',
+        },
+        :response_from_client => {
+          TLV_TYPE_RAILGUN_BACK_BUFFERBLOB_INOUT => "",
+          TLV_TYPE_RAILGUN_BACK_BUFFERBLOB_OUT => "",
+          TLV_TYPE_RAILGUN_BACK_RET => 1,
+          TLV_TYPE_RAILGUN_BACK_ERR => 0,
+        },
+        :returned_hash => {"GetLastError"=>0, "return"=>true},
+      },
+    ]
+  end
 
 end