ReactOS 0.4.15-dev-5664-g3bf4ef6
secure.c File Reference
#include "precomp.h"
Include dependency graph for secure.c:

Go to the source code of this file.

Macros

#define SEC_MODULUS_SIZE   64
 

Functions

voidrdssl_sha1_info_create (void)
 
void rdssl_sha1_info_delete (void *sha1_info)
 
void rdssl_sha1_clear (void *sha1_info)
 
void rdssl_sha1_transform (void *sha1_info, char *data, int len)
 
void rdssl_sha1_complete (void *sha1_info, char *data)
 
voidrdssl_md5_info_create (void)
 
void rdssl_md5_info_delete (void *md5_info)
 
void rdssl_md5_clear (void *md5_info)
 
void rdssl_md5_transform (void *md5_info, char *data, int len)
 
void rdssl_md5_complete (void *md5_info, char *data)
 
voidrdssl_rc4_info_create (void)
 
void rdssl_rc4_info_delete (void *rc4_info)
 
void rdssl_rc4_set_key (void *rc4_info, char *key, int len)
 
void rdssl_rc4_crypt (void *rc4_info, char *in_data, char *out_data, int len)
 
int rdssl_mod_exp (char *out, int out_len, char *in, int in_len, char *mod, int mod_len, char *exp, int exp_len)
 
int rdssl_sign_ok (char *e_data, int e_len, char *n_data, int n_len, char *sign_data, int sign_len, char *sign_data2, int sign_len2, char *testkey)
 
PCCERT_CONTEXT rdssl_cert_read (uint8 *data, uint32 len)
 
void rdssl_cert_free (PCCERT_CONTEXT context)
 
uint8rdssl_cert_to_rkey (PCCERT_CONTEXT cert, uint32 *key_len)
 
RD_BOOL rdssl_certs_ok (PCCERT_CONTEXT server_cert, PCCERT_CONTEXT cacert)
 
int rdssl_rkey_get_exp_mod (uint8 *rkey, uint8 *exponent, uint32 max_exp_len, uint8 *modulus, uint32 max_mod_len)
 
void rdssl_rkey_free (uint8 *rkey)
 
void sec_hash_48 (uint8 *out, uint8 *in, uint8 *salt1, uint8 *salt2, uint8 salt)
 
void sec_hash_16 (uint8 *out, uint8 *in, uint8 *salt1, uint8 *salt2)
 
void sec_hash_sha1_16 (uint8 *out, uint8 *in, uint8 *salt1)
 
void sec_hash_to_string (char *out, int out_size, uint8 *in, int in_size)
 
static void sec_make_40bit (uint8 *key)
 
static void sec_generate_keys (uint8 *client_random, uint8 *server_random, int rc4_key_size)
 
void buf_out_uint32 (uint8 *buffer, uint32 value)
 
void sec_sign (uint8 *signature, int siglen, uint8 *session_key, int keylen, uint8 *data, int datalen)
 
static void sec_update (uint8 *key, uint8 *update_key)
 
static void sec_encrypt (uint8 *data, int length)
 
void sec_decrypt (uint8 *data, int length)
 
static void sec_rsa_encrypt (uint8 *out, uint8 *in, int len, uint32 modulus_size, uint8 *modulus, uint8 *exponent)
 
STREAM sec_init (uint32 flags, int maxlen)
 
void sec_send_to_channel (STREAM s, uint32 flags, uint16 channel)
 
void sec_send (STREAM s, uint32 flags)
 
static void sec_establish_key (void)
 
static void sec_out_mcs_data (STREAM s, uint32 selected_protocol)
 
static RD_BOOL sec_parse_public_key (STREAM s, uint8 *modulus, uint8 *exponent)
 
static RD_BOOL sec_parse_public_sig (STREAM s, uint32 len, uint8 *modulus, uint8 *exponent)
 
static RD_BOOL sec_parse_crypt_info (STREAM s, uint32 *rc4_key_size, uint8 **server_random, uint8 *modulus, uint8 *exponent)
 
static void sec_process_crypt_info (STREAM s)
 
static void sec_process_srv_info (STREAM s)
 
void sec_process_mcs_data (STREAM s)
 
STREAM sec_recv (uint8 *rdpver)
 
RD_BOOL sec_connect (char *server, char *username, char *domain, char *password, RD_BOOL reconnect)
 
void sec_disconnect (void)
 
void sec_reset_state (void)
 

Variables

char g_hostname [16]
 
int g_width
 
int g_height
 
unsigned int g_keylayout
 
int g_keyboard_type
 
int g_keyboard_subtype
 
int g_keyboard_functionkeys
 
RD_BOOL g_encryption
 
RD_BOOL g_licence_issued
 
RD_BOOL g_licence_error_result
 
RDP_VERSION g_rdp_version
 
RD_BOOL g_console_session
 
uint32 g_redirect_session_id
 
int g_server_depth
 
VCHANNEL g_channels []
 
unsigned int g_num_channels
 
uint8 g_client_random [SEC_RANDOM_SIZE]
 
static int g_rc4_key_len
 
static voidg_rc4_decrypt_key
 
static voidg_rc4_encrypt_key
 
static uint32 g_server_public_key_len
 
static uint8 g_sec_sign_key [16]
 
static uint8 g_sec_decrypt_key [16]
 
static uint8 g_sec_encrypt_key [16]
 
static uint8 g_sec_decrypt_update_key [16]
 
static uint8 g_sec_encrypt_update_key [16]
 
static uint8 g_sec_crypted_random [SEC_MAX_MODULUS_SIZE]
 
uint16 g_server_rdp_version = 0
 
static int g_sec_encrypt_use_count = 0
 
static int g_sec_decrypt_use_count = 0
 
static uint8 g_testkey [176]
 
static uint8 pad_54 [40]
 
static uint8 pad_92 [48]
 

Macro Definition Documentation

◆ SEC_MODULUS_SIZE

#define SEC_MODULUS_SIZE   64

Definition at line 111 of file secure.c.

Function Documentation

◆ buf_out_uint32()

void buf_out_uint32 ( uint8 buffer,
uint32  value 
)

Definition at line 304 of file secure.c.

305{
306 buffer[0] = (value) & 0xff;
307 buffer[1] = (value >> 8) & 0xff;
308 buffer[2] = (value >> 16) & 0xff;
309 buffer[3] = (value >> 24) & 0xff;
310}
GLuint buffer
Definition: glext.h:5915
Definition: pdh_main.c:94

Referenced by sec_sign().

◆ rdssl_cert_free()

void rdssl_cert_free ( PCCERT_CONTEXT  context)

Definition at line 1656 of file ssl_calls.c.

1657{
1658 if (context)
1660}
BOOL WINAPI CertFreeCertificateContext(PCCERT_CONTEXT pCertContext)
Definition: cert.c:371
Definition: http.c:7252

Referenced by sec_parse_crypt_info().

◆ rdssl_cert_read()

PCCERT_CONTEXT rdssl_cert_read ( uint8 data,
uint32  len 
)

Definition at line 1639 of file ssl_calls.c.

1640{
1642 if (!data || !len)
1643 {
1644 error("rdssl_cert_read %p %ld\n", data, len);
1645 return NULL;
1646 }
1648 if (!res)
1649 {
1650 error("CertCreateCertificateContext call failed with %lx\n", GetLastError());
1651 }
1652 return res;
1653}
#define NULL
Definition: types.h:112
PCCERT_CONTEXT WINAPI CertCreateCertificateContext(DWORD dwCertEncodingType, const BYTE *pbCertEncoded, DWORD cbCertEncoded)
Definition: cert.c:316
GLint GLenum GLsizei GLsizei GLsizei GLint GLsizei const GLvoid * data
Definition: gl.h:1950
GLuint res
Definition: glext.h:9613
GLenum GLsizei len
Definition: glext.h:6722
#define error(str)
Definition: mkdosfs.c:1605
DWORD WINAPI GetLastError(void)
Definition: except.c:1040
#define X509_ASN_ENCODING
Definition: wincrypt.h:2297
#define PKCS_7_ASN_ENCODING
Definition: wincrypt.h:2299

Referenced by sec_parse_crypt_info().

◆ rdssl_cert_to_rkey()

uint8 * rdssl_cert_to_rkey ( PCCERT_CONTEXT  cert,
uint32 key_len 
)

Definition at line 1663 of file ssl_calls.c.

1664{
1665 HCRYPTPROV hCryptProv;
1667 BOOL ret;
1668 BYTE * rkey;
1670 ret = CryptAcquireContext(&hCryptProv,
1671 NULL,
1674 0);
1675 if (!ret)
1676 {
1677 dwErr = GetLastError();
1678 if (dwErr == NTE_BAD_KEYSET)
1679 {
1680 ret = CryptAcquireContext(&hCryptProv,
1681 L"MSTSC",
1685 }
1686 }
1687 if (!ret)
1688 {
1689 dwErr = GetLastError();
1690 error("CryptAcquireContext call failed with %lx\n", dwErr);
1691 return NULL;
1692 }
1693 ret = CryptImportPublicKeyInfoEx(hCryptProv,
1695 &(cert->pCertInfo->SubjectPublicKeyInfo),
1696 0,
1697 0,
1698 NULL,
1699 &hKey);
1700 if (!ret)
1701 {
1702 dwErr = GetLastError();
1703 CryptReleaseContext(hCryptProv, 0);
1704 error("CryptImportPublicKeyInfoEx call failed with %lx\n", dwErr);
1705 return NULL;
1706 }
1708 0,
1710 0,
1711 NULL,
1712 &dwSize);
1713 if (!ret)
1714 {
1715 dwErr = GetLastError();
1717 CryptReleaseContext(hCryptProv, 0);
1718 error("CryptExportKey call failed with %lx\n", dwErr);
1719 return NULL;
1720 }
1721 rkey = g_malloc(dwSize, 0);
1723 0,
1725 0,
1726 rkey,
1727 &dwSize);
1728 if (!ret)
1729 {
1730 dwErr = GetLastError();
1731 g_free(rkey);
1733 CryptReleaseContext(hCryptProv, 0);
1734 error("CryptExportKey call failed with %lx\n", dwErr);
1735 return NULL;
1736 }
1738 CryptReleaseContext(hCryptProv, 0);
1739 return rkey;
1740}
static FN_RtlMultipleFreeHeap g_free
DWORD dwErr
Definition: service.c:36
BOOL WINAPI CryptExportKey(HCRYPTKEY hKey, HCRYPTKEY hExpKey, DWORD dwBlobType, DWORD dwFlags, BYTE *pbData, DWORD *pdwDataLen)
Definition: crypt.c:1416
BOOL WINAPI CryptDestroyKey(HCRYPTKEY hKey)
Definition: crypt.c:930
BOOL WINAPI CryptReleaseContext(HCRYPTPROV hProv, DWORD dwFlags)
Definition: crypt.c:648
BOOL WINAPI CryptImportPublicKeyInfoEx(HCRYPTPROV hCryptProv, DWORD dwCertEncodingType, PCERT_PUBLIC_KEY_INFO pInfo, ALG_ID aiKeyAlg, DWORD dwFlags, void *pvAuxInfo, HCRYPTKEY *phKey)
Definition: encode.c:5044
unsigned int BOOL
Definition: ntddk_ex.h:94
unsigned long DWORD
Definition: ntddk_ex.h:95
FxAutoRegKey hKey
PSDBQUERYRESULT_VISTA PVOID DWORD * dwSize
Definition: env.c:56
static BYTE cert[]
Definition: msg.c:1437
#define L(x)
Definition: ntvdm.h:50
static void * g_malloc(int size, int zero)
Definition: ssl_calls.c:26
int ret
#define CRYPT_NEWKEYSET
Definition: wincrypt.h:2070
#define PROV_RSA_FULL
Definition: wincrypt.h:2039
ULONG_PTR HCRYPTPROV
Definition: wincrypt.h:46
#define PUBLICKEYBLOB
Definition: wincrypt.h:2240
#define MS_ENHANCED_PROV
Definition: wincrypt.h:1886
#define CryptAcquireContext
Definition: wincrypt.h:4164
ULONG_PTR HCRYPTKEY
Definition: wincrypt.h:49
#define NTE_BAD_KEYSET
Definition: winerror.h:2890
unsigned char BYTE
Definition: xxhash.c:193

Referenced by sec_parse_crypt_info().

◆ rdssl_certs_ok()

RD_BOOL rdssl_certs_ok ( PCCERT_CONTEXT  server_cert,
PCCERT_CONTEXT  cacert 
)

Definition at line 1743 of file ssl_calls.c.

1744{
1745 /* FIXME should we check for expired certificates??? */
1746 DWORD dwFlags = CERT_STORE_SIGNATURE_FLAG; /* CERT_STORE_TIME_VALIDITY_FLAG */
1748 cacert,
1749 &dwFlags);
1750 if (!ret)
1751 {
1752 error("CertVerifySubjectCertificateContext call failed with %lx\n", GetLastError());
1753 }
1754 if (dwFlags)
1755 {
1756 error("CertVerifySubjectCertificateContext check failed %lx\n", dwFlags);
1757 }
1758 return (dwFlags == 0);
1759}
BOOL WINAPI CertVerifySubjectCertificateContext(PCCERT_CONTEXT pSubject, PCCERT_CONTEXT pIssuer, DWORD *pdwFlags)
Definition: cert.c:1845
_In_ PCCERT_CONTEXT _In_ DWORD dwFlags
Definition: wincrypt.h:1176
#define CERT_STORE_SIGNATURE_FLAG
Definition: wincrypt.h:3458

Referenced by sec_parse_crypt_info().

◆ rdssl_md5_clear()

void rdssl_md5_clear ( void md5_info)

Definition at line 428 of file ssl_calls.c.

429{
431}
#define md5_info
Definition: compat-1.3.h:2038
void rdssl_hash_clear(void *hash_info, ALG_ID id)
Definition: ssl_calls.c:291
#define CALG_MD5
Definition: wincrypt.h:1805

Referenced by rdssl_sign_ok(), sec_hash_16(), sec_hash_48(), sec_sign(), and sec_update().

◆ rdssl_md5_complete()

void rdssl_md5_complete ( void md5_info,
char data 
)

Definition at line 442 of file ssl_calls.c.

443{
445}
void rdssl_hash_complete(void *hash_info, char *data)
Definition: ssl_calls.c:344

Referenced by rdssl_sign_ok(), sec_hash_16(), sec_hash_48(), sec_sign(), and sec_update().

◆ rdssl_md5_info_create()

void * rdssl_md5_info_create ( void  )

Definition at line 414 of file ssl_calls.c.

415{
417}
void * rdssl_hash_info_create(ALG_ID id)
Definition: ssl_calls.c:218

Referenced by rdssl_sign_ok(), sec_hash_16(), sec_hash_48(), sec_sign(), and sec_update().

◆ rdssl_md5_info_delete()

void rdssl_md5_info_delete ( void md5_info)

Definition at line 421 of file ssl_calls.c.

422{
424}
void rdssl_hash_info_delete(void *hash_info)
Definition: ssl_calls.c:270

Referenced by rdssl_sign_ok(), sec_hash_16(), sec_hash_48(), sec_sign(), and sec_update().

◆ rdssl_md5_transform()

void rdssl_md5_transform ( void md5_info,
char data,
int  len 
)

Definition at line 435 of file ssl_calls.c.

436{
438}
void rdssl_hash_transform(void *hash_info, char *data, int len)
Definition: ssl_calls.c:321

Referenced by rdssl_sign_ok(), sec_hash_16(), sec_hash_48(), sec_sign(), and sec_update().

◆ rdssl_mod_exp()

int rdssl_mod_exp ( char out,
int  out_len,
char in,
int  in_len,
char mod,
int  mod_len,
char exp,
int  exp_len 
)

Definition at line 1485 of file ssl_calls.c.

1487{
1488 /* Computes y = x ^ e mod m */
1489 /* Binary left-to-right method */
1490 DIGIT_T mask;
1491 DIGIT_T* e;
1492 DIGIT_T* x;
1493 DIGIT_T* y;
1494 DIGIT_T* m;
1495 unsigned int n;
1496 int max_size;
1497 char* l_out;
1498 char* l_in;
1499 char* l_mod;
1500 char* l_exp;
1501
1502 if (in_len > out_len || in_len == 0 ||
1503 out_len == 0 || mod_len == 0 || exp_len == 0)
1504 {
1505 return 0;
1506 }
1507 max_size = out_len;
1508 if (in_len > max_size)
1509 {
1510 max_size = in_len;
1511 }
1512 if (mod_len > max_size)
1513 {
1514 max_size = mod_len;
1515 }
1516 if (exp_len > max_size)
1517 {
1518 max_size = exp_len;
1519 }
1520 l_out = (char*)g_malloc(max_size, 1);
1521 l_in = (char*)g_malloc(max_size, 1);
1522 l_mod = (char*)g_malloc(max_size, 1);
1523 l_exp = (char*)g_malloc(max_size, 1);
1524 memcpy(l_in, in, in_len);
1525 memcpy(l_mod, mod, mod_len);
1526 memcpy(l_exp, exp, exp_len);
1527 e = (DIGIT_T*)l_exp;
1528 x = (DIGIT_T*)l_in;
1529 y = (DIGIT_T*)l_out;
1530 m = (DIGIT_T*)l_mod;
1531 /* Find second-most significant bit in e */
1532 n = mpSizeof(e, max_size / 4);
1533 for (mask = HIBITMASK; mask > 0; mask >>= 1)
1534 {
1535 if (e[n - 1] & mask)
1536 {
1537 break;
1538 }
1539 }
1541 /* Set y = x */
1542 mpSetEqual(y, x, max_size / 4);
1543 /* For bit j = k - 2 downto 0 step -1 */
1544 while (n)
1545 {
1546 mpModMult(y, y, y, m, max_size / 4); /* Square */
1547 if (e[n - 1] & mask)
1548 {
1549 mpModMult(y, y, x, m, max_size / 4); /* Multiply */
1550 }
1551 /* Move to next bit */
1553 }
1554 memcpy(out, l_out, out_len);
1555 g_free(l_out);
1556 g_free(l_in);
1557 g_free(l_mod);
1558 g_free(l_exp);
1559 return out_len;
1560}
static INT max_size
Definition: history.c:51
GLint GLint GLint GLint GLint x
Definition: gl.h:1548
GLint GLint GLint GLint GLint GLint y
Definition: gl.h:1548
GLdouble n
Definition: glext.h:7729
GLenum GLint GLuint mask
Definition: glext.h:6028
GLuint in
Definition: glext.h:9616
const GLfloat * m
Definition: glext.h:10848
static int mod
Definition: i386-dis.c:1289
#define e
Definition: ke_i.h:82
#define memcpy(s1, s2, n)
Definition: mkisofs.h:878
DWORD exp
Definition: msg.c:16058
static FILE * out
Definition: regtests2xml.c:44
#define mpNEXTBITMASK(mask, n)
Definition: ssl_calls.c:684
static unsigned int mpSizeof(DIGIT_T *a, unsigned int ndigits)
Definition: ssl_calls.c:795
static int mpModMult(DIGIT_T *a, DIGIT_T *x, DIGIT_T *y, DIGIT_T *m, unsigned int ndigits)
Definition: ssl_calls.c:1469
static void mpSetEqual(DIGIT_T *a, DIGIT_T *b, unsigned int ndigits)
Definition: ssl_calls.c:783
#define HIBITMASK
Definition: ssl_calls.c:674
unsigned int DIGIT_T
Definition: ssl_calls.c:673

Referenced by rdssl_sign_ok(), and sec_rsa_encrypt().

◆ rdssl_rc4_crypt()

void rdssl_rc4_crypt ( void rc4_info,
char in_data,
char out_data,
int  len 
)

Definition at line 173 of file ssl_calls.c.

174{
175 struct rc4_state *info = rc4_info;
176 BOOL ret;
177 DWORD dwErr;
178 BYTE * intermediate_data;
179 DWORD dwLen = len;
180 if (!rc4_info || !in_data || !out_data || !len || !info->hKey)
181 {
182 error("rdssl_rc4_crypt %p %p %p %d\n", rc4_info, in_data, out_data, len);
183 return;
184 }
185 intermediate_data = g_malloc(len, 0);
186 if (!intermediate_data)
187 {
188 error("rdssl_rc4_set_key no memory\n");
189 return;
190 }
191 memcpy(intermediate_data, in_data, len);
192 ret = CryptEncrypt(info->hKey,
193 0,
194 FALSE,
195 0,
196 intermediate_data,
197 &dwLen,
198 dwLen);
199 if (!ret)
200 {
202 g_free(intermediate_data);
203 error("CryptEncrypt failed with %lx\n", dwErr);
204 return;
205 }
206 memcpy(out_data, intermediate_data, len);
207 g_free(intermediate_data);
208}
#define FALSE
Definition: types.h:117
BOOL WINAPI CryptEncrypt(HCRYPTKEY hKey, HCRYPTHASH hHash, BOOL Final, DWORD dwFlags, BYTE *pbData, DWORD *pdwDataLen, DWORD dwBufLen)
Definition: crypt.c:1093

Referenced by sec_decrypt(), sec_encrypt(), and sec_update().

◆ rdssl_rc4_info_create()

void * rdssl_rc4_info_create ( void  )

Definition at line 51 of file ssl_calls.c.

52{
53 struct rc4_state *info = g_malloc(sizeof(struct rc4_state), 1);
54 BOOL ret;
56 if (!info)
57 {
58 error("rdssl_rc4_info_create no memory\n");
59 return NULL;
60 }
61 ret = CryptAcquireContext(&info->hCryptProv,
62 L"MSTSC",
65 0);
66 if (!ret)
67 {
69 if (dwErr == NTE_BAD_KEYSET)
70 {
71 ret = CryptAcquireContext(&info->hCryptProv,
72 L"MSTSC",
76 }
77 }
78 if (!ret)
79 {
81 error("CryptAcquireContext failed with %lx\n", dwErr);
82 g_free(info);
83 return NULL;
84 }
85 return info;
86}

Referenced by sec_generate_keys(), and sec_update().

◆ rdssl_rc4_info_delete()

void rdssl_rc4_info_delete ( void rc4_info)

Definition at line 90 of file ssl_calls.c.

91{
92 struct rc4_state *info = rc4_info;
93 BOOL ret = TRUE;
95 if (!info)
96 {
97 //error("rdssl_rc4_info_delete rc4_info is null\n");
98 return;
99 }
100 if (info->hKey)
101 {
102 ret = CryptDestroyKey(info->hKey);
103 if (!ret)
104 {
106 error("CryptDestroyKey failed with %lx\n", dwErr);
107 }
108 }
109 if (info->hCryptProv)
110 {
111 ret = CryptReleaseContext(info->hCryptProv, 0);
112 if (!ret)
113 {
115 error("CryptReleaseContext failed with %lx\n", dwErr);
116 }
117 }
118 g_free(rc4_info);
119}
#define TRUE
Definition: types.h:120

Referenced by sec_generate_keys(), and sec_update().

◆ rdssl_rc4_set_key()

void rdssl_rc4_set_key ( void rc4_info,
char key,
int  len 
)

Definition at line 123 of file ssl_calls.c.

124{
125 struct rc4_state *info = rc4_info;
126 BOOL ret;
127 DWORD dwErr;
128 BYTE * blob;
130 DWORD * keySize;
131 BYTE * keyBuf;
132 if (!rc4_info || !key || !len || !info->hCryptProv)
133 {
134 error("rdssl_rc4_set_key %p %p %d\n", rc4_info, key, len);
135 return;
136 }
137 blob = g_malloc(sizeof(PUBLICKEYSTRUC) + sizeof(DWORD) + len, 0);
138 if (!blob)
139 {
140 error("rdssl_rc4_set_key no memory\n");
141 return;
142 }
144 keySize = (DWORD *)(blob + sizeof(PUBLICKEYSTRUC));
145 keyBuf = blob + sizeof(PUBLICKEYSTRUC) + sizeof(DWORD);
146 desc->aiKeyAlg = CALG_RC4;
147 desc->bType = PLAINTEXTKEYBLOB;
148 desc->bVersion = CUR_BLOB_VERSION;
149 desc->reserved = 0;
150 *keySize = len;
151 memcpy(keyBuf, key, len);
152 if (info->hKey)
153 {
154 CryptDestroyKey(info->hKey);
155 info->hKey = 0;
156 }
157 ret = CryptImportKey(info->hCryptProv,
158 blob,
159 sizeof(PUBLICKEYSTRUC) + sizeof(DWORD) + len,
160 0,
162 &info->hKey);
163 g_free(blob);
164 if (!ret)
165 {
167 error("CryptImportKey failed with %lx\n", dwErr);
168 }
169}
BOOL WINAPI CryptImportKey(HCRYPTPROV hProv, const BYTE *pbData, DWORD dwDataLen, HCRYPTKEY hPubKey, DWORD dwFlags, HCRYPTKEY *phKey)
Definition: crypt.c:1850
static const WCHAR desc[]
Definition: protectdata.c:36
Definition: image.c:134
Definition: copy.c:22
#define PLAINTEXTKEYBLOB
Definition: wincrypt.h:2242
#define CALG_RC4
Definition: wincrypt.h:1837
struct _PUBLICKEYSTRUC PUBLICKEYSTRUC
#define CRYPT_EXPORTABLE
Definition: wincrypt.h:2206
#define CUR_BLOB_VERSION
Definition: wincrypt.h:2247

Referenced by sec_decrypt(), sec_encrypt(), sec_generate_keys(), and sec_update().

◆ rdssl_rkey_free()

void rdssl_rkey_free ( uint8 rkey)

Definition at line 1777 of file ssl_calls.c.

1778{
1779 if (!rkey)
1780 {
1781 error("rdssl_rkey_free rkey is null\n");
1782 return;
1783 }
1784 g_free(rkey);
1785}

Referenced by sec_parse_crypt_info().

◆ rdssl_rkey_get_exp_mod()

int rdssl_rkey_get_exp_mod ( uint8 rkey,
uint8 exponent,
uint32  max_exp_len,
uint8 modulus,
uint32  max_mod_len 
)

Definition at line 1762 of file ssl_calls.c.

1764{
1765 RSAPUBKEY *desc = (RSAPUBKEY *)(rkey + sizeof(PUBLICKEYSTRUC));
1766 if (!rkey || !exponent || !max_exp_len || !modulus || !max_mod_len)
1767 {
1768 error("rdssl_rkey_get_exp_mod %p %p %ld %p %ld\n", rkey, exponent, max_exp_len, modulus, max_mod_len);
1769 return -1;
1770 }
1771 memcpy (exponent, &desc->pubexp, max_exp_len);
1772 memcpy (modulus, rkey + sizeof(PUBLICKEYSTRUC) + sizeof(RSAPUBKEY), max_mod_len);
1773 return 0;
1774}

Referenced by sec_parse_crypt_info().

◆ rdssl_sha1_clear()

void rdssl_sha1_clear ( void sha1_info)

Definition at line 393 of file ssl_calls.c.

394{
396}
#define sha1_info
Definition: compat-1.3.h:2265
#define CALG_SHA1
Definition: wincrypt.h:1807

Referenced by sec_hash_48(), sec_hash_sha1_16(), sec_sign(), and sec_update().

◆ rdssl_sha1_complete()

void rdssl_sha1_complete ( void sha1_info,
char data 
)

Definition at line 407 of file ssl_calls.c.

Referenced by sec_hash_48(), sec_hash_sha1_16(), sec_sign(), and sec_update().

◆ rdssl_sha1_info_create()

void * rdssl_sha1_info_create ( void  )

Definition at line 379 of file ssl_calls.c.

380{
382}

Referenced by sec_hash_48(), sec_hash_sha1_16(), sec_sign(), and sec_update().

◆ rdssl_sha1_info_delete()

void rdssl_sha1_info_delete ( void sha1_info)

Definition at line 386 of file ssl_calls.c.

Referenced by sec_hash_48(), sec_hash_sha1_16(), sec_sign(), and sec_update().

◆ rdssl_sha1_transform()

void rdssl_sha1_transform ( void sha1_info,
char data,
int  len 
)

Definition at line 400 of file ssl_calls.c.

Referenced by sec_hash_48(), sec_hash_sha1_16(), sec_sign(), and sec_update().

◆ rdssl_sign_ok()

int rdssl_sign_ok ( char e_data,
int  e_len,
char n_data,
int  n_len,
char sign_data,
int  sign_len,
char sign_data2,
int  sign_len2,
char testkey 
)

Definition at line 1594 of file ssl_calls.c.

1596{
1597 char* key;
1598 char* md5_final;
1599 void* md5;
1600
1601 if ((e_len != 4) || (n_len != 64) || (sign_len != 64) || (sign_len2 != 64))
1602 {
1603 return 1;
1604 }
1606 if (!md5)
1607 {
1608 return 1;
1609 }
1610 key = (char*)xmalloc(176);
1611 md5_final = (char*)xmalloc(64);
1612 // copy the test key
1613 memcpy(key, testkey, 176);
1614 // replace e and n
1615 memcpy(key + 32, e_data, 4);
1616 memcpy(key + 36, n_data, 64);
1618 // the first 108 bytes
1620 // set the whole thing with 0xff
1621 memset(md5_final, 0xff, 64);
1622 // digest 16 bytes
1623 rdssl_md5_complete(md5, md5_final);
1624 // set non 0xff array items
1625 md5_final[16] = 0;
1626 md5_final[62] = 1;
1627 md5_final[63] = 0;
1628 // encrypt
1629 rdssl_mod_exp(sign_data, 64, md5_final, 64, (char*)g_ppk_n, 64,
1630 (char*)g_ppk_d, 64);
1631 // cleanup
1633 xfree(key);
1634 xfree(md5_final);
1635 return memcmp(sign_data, sign_data2, sign_len2);
1636}
int memcmp(void *Buffer1, void *Buffer2, ACPI_SIZE Count)
Definition: utclib.c:112
void xfree(void *mem)
Definition: uimain.c:758
void * xmalloc(int size)
Definition: uimain.c:747
#define md5
Definition: compat-1.3.h:2034
#define memset(x, y, z)
Definition: compat.h:39
static uint8 g_ppk_n[72]
Definition: ssl_calls.c:1562
void rdssl_md5_clear(void *md5_info)
Definition: ssl_calls.c:428
static uint8 g_ppk_d[108]
Definition: ssl_calls.c:1575
void rdssl_md5_transform(void *md5_info, char *data, int len)
Definition: ssl_calls.c:435
void rdssl_md5_complete(void *md5_info, char *data)
Definition: ssl_calls.c:442
void rdssl_md5_info_delete(void *md5_info)
Definition: ssl_calls.c:421
void * rdssl_md5_info_create(void)
Definition: ssl_calls.c:414
int rdssl_mod_exp(char *out, int out_len, char *in, int in_len, char *mod, int mod_len, char *exp, int exp_len)
Definition: ssl_calls.c:1485

Referenced by sec_parse_public_sig().

◆ sec_connect()

RD_BOOL sec_connect ( char server,
char username,
char domain,
char password,
RD_BOOL  reconnect 
)

Definition at line 1005 of file secure.c.

1006{
1007 uint32 selected_proto;
1008 struct stream mcs_data;
1009
1010 /* Start a MCS connect sequence */
1011 if (!mcs_connect_start(server, username, domain, password, reconnect, &selected_proto))
1012 return False;
1013
1014 /* We exchange some RDP data during the MCS-Connect */
1015 mcs_data.size = 512;
1016 mcs_data.p = mcs_data.data = (uint8 *) xmalloc(mcs_data.size);
1017 sec_out_mcs_data(&mcs_data, selected_proto);
1018
1019 /* finalize the MCS connect sequence */
1020 if (!mcs_connect_finalize(&mcs_data))
1021 return False;
1022
1023 /* sec_process_mcs_data(&mcs_data); */
1024 if (g_encryption)
1026 xfree(mcs_data.data);
1027 return True;
1028}
RD_BOOL mcs_connect_start(char *server, char *username, char *domain, char *password, RD_BOOL reconnect, uint32 *selected_protocol)
Definition: mcs.c:311
RD_BOOL mcs_connect_finalize(STREAM mcs_data)
Definition: mcs.c:318
static void sec_out_mcs_data(STREAM s, uint32 selected_protocol)
Definition: secure.c:498
RD_BOOL g_encryption
Definition: uimain.c:40
static void sec_establish_key(void)
Definition: secure.c:480
unsigned int uint32
Definition: types.h:32
#define False
Definition: types.h:25
#define True
Definition: types.h:24
unsigned char uint8
Definition: types.h:28
static WCHAR password[]
Definition: url.c:33
static WCHAR username[]
Definition: url.c:32
Definition: cookie.c:42
Definition: parse.h:23
static rfbScreenInfoPtr server
Definition: vnc.c:74

Referenced by rdp_connect().

◆ sec_decrypt()

void sec_decrypt ( uint8 data,
int  length 
)

Definition at line 396 of file secure.c.

397{
398 if (g_sec_decrypt_use_count == 4096)
399 {
403 }
404
407}
static int g_rc4_key_len
Definition: secure.c:93
void rdssl_rc4_crypt(void *rc4_info, char *in_data, char *out_data, int len)
Definition: ssl_calls.c:173
static void * g_rc4_decrypt_key
Definition: secure.c:94
void rdssl_rc4_set_key(void *rc4_info, char *key, int len)
Definition: ssl_calls.c:123
static uint8 g_sec_decrypt_key[16]
Definition: secure.c:99
static int g_sec_decrypt_use_count
Definition: secure.c:109
static uint8 g_sec_decrypt_update_key[16]
Definition: secure.c:101
static void sec_update(uint8 *key, uint8 *update_key)
Definition: secure.c:346
GLuint GLsizei GLsizei * length
Definition: glext.h:6040

Referenced by sec_recv().

◆ sec_disconnect()

void sec_disconnect ( void  )

Definition at line 1032 of file secure.c.

1033{
1035}
void mcs_disconnect(void)
Definition: mcs.c:356

Referenced by rdp_disconnect().

◆ sec_encrypt()

static void sec_encrypt ( uint8 data,
int  length 
)
static

Definition at line 381 of file secure.c.

382{
383 if (g_sec_encrypt_use_count == 4096)
384 {
388 }
389
392}
static uint8 g_sec_encrypt_update_key[16]
Definition: secure.c:102
static int g_sec_encrypt_use_count
Definition: secure.c:108
static uint8 g_sec_encrypt_key[16]
Definition: secure.c:100
static void * g_rc4_encrypt_key
Definition: secure.c:95

Referenced by sec_send_to_channel().

◆ sec_establish_key()

static void sec_establish_key ( void  )
static

Definition at line 480 of file secure.c.

481{
484 STREAM s;
485
486 s = sec_init(flags, length + 4);
487
491
492 s_mark_end(s);
493 sec_send(s, flags);
494}
#define SEC_PADDING_SIZE
Definition: constants.h:94
#define SEC_EXCHANGE_PKT
Definition: constants.h:98
#define s_mark_end(s)
Definition: parse.h:41
#define out_uint32_le(s, v)
Definition: parse.h:59
#define out_uint8s(s, n)
Definition: parse.h:95
#define out_uint8p(s, v, n)
Definition: parse.h:93
static uint32 g_server_public_key_len
Definition: secure.c:96
static uint8 g_sec_crypted_random[SEC_MAX_MODULUS_SIZE]
Definition: secure.c:103
void sec_send(STREAM s, uint32 flags)
Definition: secure.c:472
STREAM sec_init(uint32 flags, int maxlen)
Definition: secure.c:419
GLdouble s
Definition: gl.h:2039
GLbitfield flags
Definition: glext.h:7161

Referenced by sec_connect(), and sec_reconnect().

◆ sec_generate_keys()

static void sec_generate_keys ( uint8 client_random,
uint8 server_random,
int  rc4_key_size 
)
static

Definition at line 238 of file secure.c.

239{
240 uint8 pre_master_secret[48];
241 uint8 master_secret[48];
242 uint8 key_block[48];
243
244 /* Construct pre-master secret */
245 memcpy(pre_master_secret, client_random, 24);
246 memcpy(pre_master_secret + 24, server_random, 24);
247
248 /* Generate master secret and then key material */
249 sec_hash_48(master_secret, pre_master_secret, client_random, server_random, 'A');
250 sec_hash_48(key_block, master_secret, client_random, server_random, 'X');
251
252 /* First 16 bytes of key material is MAC secret */
253 memcpy(g_sec_sign_key, key_block, 16);
254
255 /* Generate export keys from next two blocks of 16 bytes */
256 sec_hash_16(g_sec_decrypt_key, &key_block[16], client_random, server_random);
257 sec_hash_16(g_sec_encrypt_key, &key_block[32], client_random, server_random);
258
259 if (rc4_key_size == 1)
260 {
261 DEBUG(("40-bit encryption enabled\n"));
265 g_rc4_key_len = 8;
266 }
267 else
268 {
269 DEBUG(("rc_4_key_size == %d, 128-bit encryption enabled\n", rc4_key_size));
270 g_rc4_key_len = 16;
271 }
272
273 /* Save initial RC4 keys as update keys */
276
277 /* Initialise RC4 state arrays */
278
282
286}
#define DEBUG(args)
Definition: rdesktop.h:129
static uint8 g_sec_sign_key[16]
Definition: secure.c:98
void * rdssl_rc4_info_create(void)
Definition: ssl_calls.c:51
void sec_hash_48(uint8 *out, uint8 *in, uint8 *salt1, uint8 *salt2, uint8 salt)
Definition: secure.c:155
static void sec_make_40bit(uint8 *key)
Definition: secure.c:229
void sec_hash_16(uint8 *out, uint8 *in, uint8 *salt1, uint8 *salt2)
Definition: secure.c:187
void rdssl_rc4_info_delete(void *rc4_info)
Definition: ssl_calls.c:90

Referenced by sec_process_crypt_info().

◆ sec_hash_16()

void sec_hash_16 ( uint8 out,
uint8 in,
uint8 salt1,
uint8 salt2 
)

Definition at line 187 of file secure.c.

188{
189 void * md5;
190
193 rdssl_md5_transform(md5, (char *)in, 16);
194 rdssl_md5_transform(md5, (char *)salt1, 32);
195 rdssl_md5_transform(md5, (char *)salt2, 32);
196 rdssl_md5_complete(md5, (char *)out);
198}
void rdssl_md5_clear(void *md5_info)
Definition: ssl_calls.c:428
void rdssl_md5_transform(void *md5_info, char *data, int len)
Definition: ssl_calls.c:435
void rdssl_md5_complete(void *md5_info, char *data)
Definition: ssl_calls.c:442
void rdssl_md5_info_delete(void *md5_info)
Definition: ssl_calls.c:421
void * rdssl_md5_info_create(void)
Definition: ssl_calls.c:414

Referenced by sec_generate_keys().

◆ sec_hash_48()

void sec_hash_48 ( uint8 out,
uint8 in,
uint8 salt1,
uint8 salt2,
uint8  salt 
)

Definition at line 155 of file secure.c.

156{
157 uint8 shasig[20];
158 uint8 pad[4];
159 void * sha;
160 void * md5;
161 int i;
162
163 for (i = 0; i < 3; i++)
164 {
165 memset(pad, salt + i, i + 1);
168 rdssl_sha1_transform(sha, (char *)pad, i + 1);
169 rdssl_sha1_transform(sha, (char *)in, 48);
170 rdssl_sha1_transform(sha, (char *)salt1, 32);
171 rdssl_sha1_transform(sha, (char *)salt2, 32);
172 rdssl_sha1_complete(sha, (char *)shasig);
176 rdssl_md5_transform(md5, (char *)in, 48);
177 rdssl_md5_transform(md5, (char *)shasig, 20);
178 rdssl_md5_complete(md5, (char *)out + i * 16);
180 }
181}
void rdssl_sha1_clear(void *sha1_info)
Definition: ssl_calls.c:393
void rdssl_sha1_transform(void *sha1_info, char *data, int len)
Definition: ssl_calls.c:400
void rdssl_sha1_info_delete(void *sha1_info)
Definition: ssl_calls.c:386
void rdssl_sha1_complete(void *sha1_info, char *data)
Definition: ssl_calls.c:407
void * rdssl_sha1_info_create(void)
Definition: ssl_calls.c:379
static const WCHAR sha[]
Definition: oid.c:1218
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248

Referenced by sec_generate_keys().

◆ sec_hash_sha1_16()

void sec_hash_sha1_16 ( uint8 out,
uint8 in,
uint8 salt1 
)

Definition at line 204 of file secure.c.

205{
206 void * sha;
209 rdssl_sha1_transform(&sha, (char *)in, 16);
210 rdssl_sha1_transform(&sha, (char *)salt1, 16);
211 rdssl_sha1_complete(&sha, (char *)out);
213}

◆ sec_hash_to_string()

void sec_hash_to_string ( char out,
int  out_size,
uint8 in,
int  in_size 
)

Definition at line 217 of file secure.c.

218{
219 int k;
220 memset(out, 0, out_size);
221 for (k = 0; k < in_size; k++, out += 2)
222 {
223 sprintf(out, "%.2x", in[k]);
224 }
225}
#define sprintf(buf, format,...)
Definition: sprintf.c:55
static HANDLE PIO_APC_ROUTINE PVOID PIO_STATUS_BLOCK ULONG PVOID ULONG PVOID ULONG out_size
Definition: file.c:100
static HANDLE PIO_APC_ROUTINE PVOID PIO_STATUS_BLOCK ULONG PVOID ULONG in_size
Definition: file.c:100
int k
Definition: mpi.c:3369

◆ sec_init()

STREAM sec_init ( uint32  flags,
int  maxlen 
)

Definition at line 419 of file secure.c.

420{
421 int hdrlen;
422 STREAM s;
423
425 hdrlen = (flags & SEC_ENCRYPT) ? 12 : 4;
426 else
427 hdrlen = (flags & SEC_ENCRYPT) ? 12 : 0;
428 s = mcs_init(maxlen + hdrlen);
429 s_push_layer(s, sec_hdr, hdrlen);
430
431 return s;
432}
#define SEC_ENCRYPT
Definition: constants.h:101
STREAM mcs_init(int length)
Definition: mcs.c:242
#define s_push_layer(s, h, n)
Definition: parse.h:39
RD_BOOL g_licence_issued
Definition: licence.c:44
RD_BOOL g_licence_error_result
Definition: licence.c:45

Referenced by channel_init(), channel_send(), licence_info(), licence_present(), licence_send_authresp(), licence_send_new_licence_request(), licence_send_platform_challenge_response(), licence_send_request(), rdp_init_data(), rdp_send_confirm_active(), rdp_send_logon_info(), and sec_establish_key().

◆ sec_make_40bit()

static void sec_make_40bit ( uint8 key)
static

Definition at line 229 of file secure.c.

230{
231 key[0] = 0xd1;
232 key[1] = 0x26;
233 key[2] = 0x9e;
234}

Referenced by sec_generate_keys(), and sec_update().

◆ sec_out_mcs_data()

static void sec_out_mcs_data ( STREAM  s,
uint32  selected_protocol 
)
static

Definition at line 498 of file secure.c.

499{
500 int hostlen = 2 * strlen(g_hostname);
501 int length = 162 + 76 + 12 + 4;
502 unsigned int i;
503 uint32 cluster_flags = 0;
504
505 if (g_num_channels > 0)
506 length += g_num_channels * 12 + 8;
507
508 if (hostlen > 30)
509 hostlen = 30;
510
511 /* Generic Conference Control (T.124) ConferenceCreateRequest */
512 out_uint16_be(s, 5);
513 out_uint16_be(s, 0x14);
514 out_uint8(s, 0x7c);
515 out_uint16_be(s, 1);
516
517 out_uint16_be(s, (length | 0x8000)); /* remaining length */
518
519 out_uint16_be(s, 8); /* length? */
520 out_uint16_be(s, 16);
521 out_uint8(s, 0);
522 out_uint16_le(s, 0xc001);
523 out_uint8(s, 0);
524
525 out_uint32_le(s, 0x61637544); /* OEM ID: "Duca", as in Ducati. */
526 out_uint16_be(s, ((length - 14) | 0x8000)); /* remaining length */
527
528 /* Client information */
530 out_uint16_le(s, 216); /* length */
531 out_uint16_le(s, (g_rdp_version >= RDP_V5) ? 4 : 1); /* RDP version. 1 == RDP4, 4 >= RDP5 to RDP8 */
532 out_uint16_le(s, 8);
535 out_uint16_le(s, 0xca01);
536 out_uint16_le(s, 0xaa03);
538 out_uint32_le(s, 2600); /* Client build. We are now 2600 compatible :-) */
539
540 /* Unicode name of client, padded to 32 bytes */
541 rdp_out_unistr(s, g_hostname, hostlen);
542 out_uint8s(s, 30 - hostlen);
543
544 /* See
545 http://msdn.microsoft.com/library/default.asp?url=/library/en-us/wceddk40/html/cxtsksupportingremotedesktopprotocol.asp */
549 out_uint8s(s, 64); /* reserved? 4 + 12 doublewords */
550 out_uint16_le(s, 0xca01); /* colour depth? */
551 out_uint16_le(s, 1);
552
553 out_uint32(s, 0);
555 out_uint16_le(s, 0x0700);
556 out_uint8(s, 0);
557 out_uint32_le(s, 1);
558 out_uint8s(s, 64);
559 out_uint32_le(s, selected_protocol); /* End of client info */
560
561 /* Write a Client Cluster Data (TS_UD_CS_CLUSTER) */
562 out_uint16_le(s, SEC_TAG_CLI_CLUSTER); /* header.type */
563 out_uint16_le(s, 12); /* length */
564
565 cluster_flags |= SEC_CC_REDIRECTION_SUPPORTED;
566 cluster_flags |= (SEC_CC_REDIRECT_VERSION_3 << 2);
567
570
571 out_uint32_le(s, cluster_flags);
573
574 /* Client encryption settings */
576 out_uint16_le(s, 12); /* length */
577 out_uint32_le(s, g_encryption ? 0x3 : 0); /* encryption supported, 128-bit supported */
578 out_uint32(s, 0); /* Unknown */
579
580 DEBUG_RDP5(("g_num_channels is %d\n", g_num_channels));
581 if (g_num_channels > 0)
582 {
584 out_uint16_le(s, g_num_channels * 12 + 8); /* length */
585 out_uint32_le(s, g_num_channels); /* number of virtual channels */
586 for (i = 0; i < g_num_channels; i++)
587 {
588 DEBUG_RDP5(("Requesting channel %s\n", g_channels[i].name));
591 }
592 }
593
594 s_mark_end(s);
595}
ACPI_SIZE strlen(const char *String)
Definition: utclib.c:269
#define SEC_TAG_CLI_CRYPT
Definition: constants.h:120
#define SEC_CC_REDIRECT_VERSION_3
Definition: constants.h:135
#define SEC_CC_REDIRECT_SESSIONID_FIELD_VALID
Definition: constants.h:131
#define SEC_CC_REDIRECTION_SUPPORTED
Definition: constants.h:130
#define SEC_TAG_CLI_CHANNELS
Definition: constants.h:121
#define SEC_TAG_CLI_CLUSTER
Definition: constants.h:122
#define SEC_TAG_CLI_INFO
Definition: constants.h:119
#define out_uint32_be(s, v)
Definition: parse.h:78
#define out_uint8(s, v)
Definition: parse.h:92
#define out_uint16_be(s, v)
Definition: parse.h:77
#define out_uint16_le(s, v)
Definition: parse.h:58
#define out_uint32(s, v)
Definition: parse.h:85
#define out_uint8a(s, v, n)
Definition: parse.h:94
void rdp_out_unistr(STREAM s, char *string, int len)
Definition: rdp.c:188
#define DEBUG_RDP5(args)
Definition: rdesktop.h:141
int g_server_depth
Definition: uimain.c:41
int g_width
Definition: uimain.c:42
int g_height
Definition: uimain.c:43
int g_keyboard_type
Definition: uimain.c:45
int g_keyboard_functionkeys
Definition: uimain.c:47
unsigned int g_keylayout
Definition: uimain.c:44
char g_hostname[16]
Definition: uimain.c:26
RDP_VERSION g_rdp_version
Definition: uimain.c:74
int g_keyboard_subtype
Definition: uimain.c:46
uint32 g_redirect_session_id
Definition: uimain.c:67
unsigned int g_num_channels
Definition: channels.c:33
RD_BOOL g_console_session
Definition: uimain.c:48
VCHANNEL g_channels[]
Definition: channels.c:32
@ RDP_V5
Definition: types.h:44
Definition: name.c:39

Referenced by sec_connect(), and sec_reconnect().

◆ sec_parse_crypt_info()

static RD_BOOL sec_parse_crypt_info ( STREAM  s,
uint32 rc4_key_size,
uint8 **  server_random,
uint8 modulus,
uint8 exponent 
)
static

Definition at line 652 of file secure.c.

654{
655 uint32 crypt_level, random_len, rsa_info_len;
656 uint32 cacert_len, cert_len, flags;
657 PCCERT_CONTEXT cacert, server_cert;
658 BYTE *server_public_key;
660 uint8 *next_tag, *end;
661
662 in_uint32_le(s, *rc4_key_size); /* 1 = 40-bit, 2 = 128-bit */
663 in_uint32_le(s, crypt_level); /* 1 = low, 2 = medium, 3 = high */
664 if (crypt_level == 0)
665 {
666 /* no encryption */
667 return False;
668 }
669
670 in_uint32_le(s, random_len);
671 in_uint32_le(s, rsa_info_len);
672
673 if (random_len != SEC_RANDOM_SIZE)
674 {
675 error("random len %d, expected %d\n", random_len, SEC_RANDOM_SIZE);
676 return False;
677 }
678
679 in_uint8p(s, *server_random, random_len);
680
681 /* RSA info */
682 end = s->p + rsa_info_len;
683 if (end > s->end)
684 return False;
685
686 in_uint32_le(s, flags); /* 1 = RDP4-style, 0x80000002 = X.509 */
687 if (flags & 1)
688 {
689 DEBUG_RDP5(("We're going for the RDP4-style encryption\n"));
690 in_uint8s(s, 8); /* unknown */
691
692 while (s->p < end)
693 {
696
697 next_tag = s->p + length;
698
699 switch (tag)
700 {
701 case SEC_TAG_PUBKEY:
702 if (!sec_parse_public_key(s, modulus, exponent))
703 return False;
704 DEBUG_RDP5(("Got Public key, RDP4-style\n"));
705
706 break;
707
708 case SEC_TAG_KEYSIG:
709 if (!sec_parse_public_sig(s, length, modulus, exponent))
710 return False;
711 break;
712
713 default:
714 unimpl("crypt tag 0x%x\n", tag);
715 }
716
717 s->p = next_tag;
718 }
719 }
720 else
721 {
722 uint32 certcount;
723
724 DEBUG_RDP5(("We're going for the RDP5-style encryption\n"));
725 in_uint32_le(s, certcount); /* Number of certificates */
726 if (certcount < 2)
727 {
728 error("Server didn't send enough X509 certificates\n");
729 return False;
730 }
731 for (; certcount > 2; certcount--)
732 { /* ignore all the certificates between the root and the signing CA */
733 uint32 ignorelen;
734 PCCERT_CONTEXT ignorecert;
735
736 DEBUG_RDP5(("Ignored certs left: %d\n", certcount));
737 in_uint32_le(s, ignorelen);
738 DEBUG_RDP5(("Ignored Certificate length is %d\n", ignorelen));
739 ignorecert = rdssl_cert_read(s->p, ignorelen);
740 in_uint8s(s, ignorelen);
741 if (ignorecert == NULL)
742 { /* XXX: error out? */
743 DEBUG_RDP5(("got a bad cert: this will probably screw up the rest of the communication\n"));
744 }
745
746#ifdef WITH_DEBUG_RDP5
747 DEBUG_RDP5(("cert #%d (ignored):\n", certcount));
748 rdssl_cert_print_fp(stdout, ignorecert);
749#endif
750 }
751 /* Do da funky X.509 stuffy
752
753 "How did I find out about this? I looked up and saw a
754 bright light and when I came to I had a scar on my forehead
755 and knew about X.500"
756 - Peter Gutman in a early version of
757 http://www.cs.auckland.ac.nz/~pgut001/pubs/x509guide.txt
758 */
759 in_uint32_le(s, cacert_len);
760 DEBUG_RDP5(("CA Certificate length is %d\n", cacert_len));
761 cacert = rdssl_cert_read(s->p, cacert_len);
762 in_uint8s(s, cacert_len);
763 if (NULL == cacert)
764 {
765 error("Couldn't load CA Certificate from server\n");
766 return False;
767 }
768 in_uint32_le(s, cert_len);
769 DEBUG_RDP5(("Certificate length is %d\n", cert_len));
770 server_cert = rdssl_cert_read(s->p, cert_len);
771 in_uint8s(s, cert_len);
772 if (NULL == server_cert)
773 {
774 rdssl_cert_free(cacert);
775 error("Couldn't load Certificate from server\n");
776 return False;
777 }
778 if (!rdssl_certs_ok(server_cert, cacert))
779 {
780 rdssl_cert_free(server_cert);
781 rdssl_cert_free(cacert);
782 error("Security error CA Certificate invalid\n");
783 return False;
784 }
785 rdssl_cert_free(cacert);
786 in_uint8s(s, 16); /* Padding */
787 server_public_key = rdssl_cert_to_rkey(server_cert, &g_server_public_key_len);
788 if (NULL == server_public_key)
789 {
790 DEBUG_RDP5(("Didn't parse X509 correctly\n"));
791 rdssl_cert_free(server_cert);
792 return False;
793 }
794 rdssl_cert_free(server_cert);
797 {
798 error("Bad server public key size (%u bits)\n",
800 rdssl_rkey_free(server_public_key);
801 return False;
802 }
803 if (rdssl_rkey_get_exp_mod(server_public_key, exponent, SEC_EXPONENT_SIZE,
805 {
806 error("Problem extracting RSA exponent, modulus");
807 rdssl_rkey_free(server_public_key);
808 return False;
809 }
810 rdssl_rkey_free(server_public_key);
811 return True; /* There's some garbage here we don't care about */
812 }
813 return s_check_end(s);
814}
#define SEC_EXPONENT_SIZE
Definition: constants.h:95
#define SEC_TAG_KEYSIG
Definition: constants.h:125
#define SEC_TAG_PUBKEY
Definition: constants.h:124
#define SEC_MAX_MODULUS_SIZE
Definition: constants.h:93
#define SEC_RANDOM_SIZE
Definition: constants.h:91
#define in_uint16_le(s, v)
Definition: parse.h:55
#define in_uint8p(s, v, n)
Definition: parse.h:89
#define s_check_end(s)
Definition: parse.h:44
#define in_uint8s(s, n)
Definition: parse.h:91
#define in_uint32_le(s, v)
Definition: parse.h:56
void unimpl(char *format,...)
Definition: uimain.c:801
static RD_BOOL sec_parse_public_sig(STREAM s, uint32 len, uint8 *modulus, uint8 *exponent)
Definition: secure.c:629
void rdssl_rkey_free(uint8 *rkey)
Definition: ssl_calls.c:1777
int rdssl_rkey_get_exp_mod(uint8 *rkey, uint8 *exponent, uint32 max_exp_len, uint8 *modulus, uint32 max_mod_len)
Definition: ssl_calls.c:1762
PCCERT_CONTEXT rdssl_cert_read(uint8 *data, uint32 len)
Definition: ssl_calls.c:1639
static RD_BOOL sec_parse_public_key(STREAM s, uint8 *modulus, uint8 *exponent)
Definition: secure.c:599
void rdssl_cert_free(PCCERT_CONTEXT context)
Definition: ssl_calls.c:1656
RD_BOOL rdssl_certs_ok(PCCERT_CONTEXT server_cert, PCCERT_CONTEXT cacert)
Definition: ssl_calls.c:1743
uint8 * rdssl_cert_to_rkey(PCCERT_CONTEXT cert, uint32 *key_len)
Definition: ssl_calls.c:1663
#define SEC_MODULUS_SIZE
Definition: secure.c:111
unsigned short uint16
Definition: types.h:30
GLuint GLuint end
Definition: gl.h:1545
#define stdout
Definition: stdio.h:99
Definition: ecma_167.h:138

Referenced by sec_process_crypt_info().

◆ sec_parse_public_key()

static RD_BOOL sec_parse_public_key ( STREAM  s,
uint8 modulus,
uint8 exponent 
)
static

Definition at line 599 of file secure.c.

600{
601 uint32 magic, modulus_len;
602
604 if (magic != SEC_RSA_MAGIC)
605 {
606 error("RSA magic 0x%x\n", magic);
607 return False;
608 }
609
610 in_uint32_le(s, modulus_len);
611 modulus_len -= SEC_PADDING_SIZE;
612 if ((modulus_len < SEC_MODULUS_SIZE) || (modulus_len > SEC_MAX_MODULUS_SIZE))
613 {
614 error("Bad server public key size (%u bits)\n", modulus_len * 8);
615 return False;
616 }
617
618 in_uint8s(s, 8); /* modulus_bits, unknown */
619 in_uint8a(s, exponent, SEC_EXPONENT_SIZE);
620 in_uint8a(s, modulus, modulus_len);
622 g_server_public_key_len = modulus_len;
623
624 return s_check(s);
625}
#define SEC_RSA_MAGIC
Definition: constants.h:127
#define s_check(s)
Definition: parse.h:42
#define in_uint8a(s, v, n)
Definition: parse.h:90
u32_t magic(void)

Referenced by sec_parse_crypt_info().

◆ sec_parse_public_sig()

static RD_BOOL sec_parse_public_sig ( STREAM  s,
uint32  len,
uint8 modulus,
uint8 exponent 
)
static

Definition at line 629 of file secure.c.

630{
631 uint8 signature[SEC_MAX_MODULUS_SIZE];
632 uint8 signature_[SEC_MAX_MODULUS_SIZE];
633 uint32 sig_len;
634
635 if (len != 72)
636 {
637 return True;
638 }
639 memset(signature, 0, sizeof(signature));
640 sig_len = len - 8;
641 in_uint8a(s, signature, sig_len);
642 if(rdssl_sign_ok((char *)exponent, SEC_EXPONENT_SIZE, (char *)modulus, g_server_public_key_len,
643 (char *)signature_, SEC_MODULUS_SIZE, (char *)signature, sig_len, (char *)g_testkey))
644 {
645 DEBUG_RDP5(("key signature doesn't match test key\n"));
646 }
647 return s_check(s);
648}
int rdssl_sign_ok(char *e_data, int e_len, char *n_data, int n_len, char *sign_data, int sign_len, char *sign_data2, int sign_len2, char *testkey)
Definition: ssl_calls.c:1594
static uint8 g_testkey[176]
Definition: secure.c:113

Referenced by sec_parse_crypt_info().

◆ sec_process_crypt_info()

static void sec_process_crypt_info ( STREAM  s)
static

Definition at line 818 of file secure.c.

819{
820 uint8 *server_random = NULL;
822 uint8 exponent[SEC_EXPONENT_SIZE];
823 uint32 rc4_key_size;
824
825 memset(modulus, 0, sizeof(modulus));
826 memset(exponent, 0, sizeof(exponent));
827 if (!sec_parse_crypt_info(s, &rc4_key_size, &server_random, modulus, exponent))
828 {
829 DEBUG(("Failed to parse crypt info\n"));
830 return;
831 }
832 DEBUG(("Generating client random\n"));
836 sec_generate_keys(g_client_random, server_random, rc4_key_size);
837}
void generate_random(uint8 *random)
Definition: uimain.c:709
static void sec_generate_keys(uint8 *client_random, uint8 *server_random, int rc4_key_size)
Definition: secure.c:238
static RD_BOOL sec_parse_crypt_info(STREAM s, uint32 *rc4_key_size, uint8 **server_random, uint8 *modulus, uint8 *exponent)
Definition: secure.c:652
uint8 g_client_random[SEC_RANDOM_SIZE]
Definition: uimain.c:78
static void sec_rsa_encrypt(uint8 *out, uint8 *in, int len, uint32 modulus_size, uint8 *modulus, uint8 *exponent)
Definition: secure.c:411

Referenced by sec_process_mcs_data().

◆ sec_process_mcs_data()

void sec_process_mcs_data ( STREAM  s)

Definition at line 856 of file secure.c.

857{
859 uint8 *next_tag;
860 uint8 len;
861
862 in_uint8s(s, 21); /* header (T.124 ConferenceCreateResponse) */
863 in_uint8(s, len);
864 if (len & 0x80)
865 in_uint8(s, len);
866
867 while (s->p < s->end)
868 {
871
872 if (length <= 4)
873 return;
874
875 next_tag = s->p + length - 4;
876
877 switch (tag)
878 {
879 case SEC_TAG_SRV_INFO:
881 break;
882
885 break;
886
888 /* FIXME: We should parse this information and
889 use it to map RDP5 channels to MCS
890 channels */
891 break;
892
893 default:
894 unimpl("response tag 0x%x\n", tag);
895 }
896
897 s->p = next_tag;
898 }
899}
#define SEC_TAG_SRV_INFO
Definition: constants.h:115
#define SEC_TAG_SRV_CRYPT
Definition: constants.h:116
#define SEC_TAG_SRV_CHANNELS
Definition: constants.h:117
#define in_uint8(s, v)
Definition: parse.h:88
static void sec_process_srv_info(STREAM s)
Definition: secure.c:842
static void sec_process_crypt_info(STREAM s)
Definition: secure.c:818

Referenced by mcs_recv_connect_response().

◆ sec_process_srv_info()

static void sec_process_srv_info ( STREAM  s)
static

Definition at line 842 of file secure.c.

843{
845 DEBUG_RDP5(("Server RDP version is %d\n", g_server_rdp_version));
846 if (1 == g_server_rdp_version)
847 {
849 g_server_depth = 8;
850 }
851}
uint16 g_server_rdp_version
Definition: secure.c:105
@ RDP_V4
Definition: types.h:43

Referenced by sec_process_mcs_data().

◆ sec_recv()

STREAM sec_recv ( uint8 rdpver)

Definition at line 903 of file secure.c.

904{
905 uint16 sec_flags;
906 /* uint16 sec_flags_hi; */
907 uint16 channel;
908 STREAM s;
909
910 while ((s = mcs_recv(&channel, rdpver)) != NULL)
911 {
912 if (rdpver != NULL)
913 {
914 if (*rdpver != 3)
915 {
916 if (*rdpver & 0x80)
917 {
918 in_uint8s(s, 8); /* signature */
919 sec_decrypt(s->p, s->end - s->p);
920 }
921 return s;
922 }
923 }
925 {
926 /* TS_SECURITY_HEADER */
927 in_uint16_le(s, sec_flags);
928 in_uint8s(s, 2); /* sec_flags_hi */
929
930 if (g_encryption)
931 {
932 if (sec_flags & SEC_ENCRYPT)
933 {
934 in_uint8s(s, 8); /* signature */
935 sec_decrypt(s->p, s->end - s->p);
936 }
937
938 if (sec_flags & SEC_LICENSE_PKT)
939 {
941 continue;
942 }
943
944 if (sec_flags & SEC_REDIRECTION_PKT) /* SEC_REDIRECT_ENCRYPT */
945 {
946 uint8 swapbyte;
947
948 in_uint8s(s, 8); /* signature */
949 sec_decrypt(s->p, s->end - s->p);
950
951 /* Check for a redirect packet, starts with 00 04 */
952 if (s->p[0] == 0 && s->p[1] == 4)
953 {
954 /* for some reason the PDU and the length seem to be swapped.
955 This isn't good, but we're going to do a byte for byte
956 swap. So the first four values appear as: 00 04 XX YY,
957 where XX YY is the little endian length. We're going to
958 use 04 00 as the PDU type, so after our swap this will look
959 like: XX YY 04 00 */
960 swapbyte = s->p[0];
961 s->p[0] = s->p[2];
962 s->p[2] = swapbyte;
963
964 swapbyte = s->p[1];
965 s->p[1] = s->p[3];
966 s->p[3] = swapbyte;
967
968 swapbyte = s->p[2];
969 s->p[2] = s->p[3];
970 s->p[3] = swapbyte;
971 }
972#ifdef WITH_DEBUG
973 /* warning! this debug statement will show passwords in the clear! */
974 hexdump(s->p, s->end - s->p);
975#endif
976 }
977 }
978 else
979 {
980 if (sec_flags & SEC_LICENSE_PKT)
981 {
983 continue;
984 }
985 s->p -= 4;
986 }
987 }
988
989 if (channel != MCS_GLOBAL_CHANNEL)
990 {
991 channel_process(s, channel);
992 if (rdpver != NULL)
993 *rdpver = 0xff;
994 return s;
995 }
996
997 return s;
998 }
999
1000 return NULL;
1001}
void channel_process(STREAM s, uint16 mcs_channel)
Definition: channels.c:138
#define SEC_LICENSE_PKT
Definition: constants.h:105
#define SEC_REDIRECTION_PKT
Definition: constants.h:108
#define MCS_GLOBAL_CHANNEL
Definition: constants.h:87
void licence_process(STREAM s)
Definition: licence.c:378
STREAM mcs_recv(uint16 *channel, uint8 *rdpver)
Definition: mcs.c:280
void hexdump(unsigned char *p, unsigned int len)
Definition: shimdbg.c:234
void sec_decrypt(uint8 *data, int length)
Definition: secure.c:396

Referenced by rdp_recv().

◆ sec_reset_state()

void sec_reset_state ( void  )

Definition at line 1039 of file secure.c.

1040{
1044 g_licence_issued = 0;
1047}
void mcs_reset_state(void)
Definition: mcs.c:363

Referenced by rdp_reset_state().

◆ sec_rsa_encrypt()

static void sec_rsa_encrypt ( uint8 out,
uint8 in,
int  len,
uint32  modulus_size,
uint8 modulus,
uint8 exponent 
)
static

Definition at line 411 of file secure.c.

413{
414 rdssl_mod_exp((char *)out, 64, (char *)in, 32, (char *)modulus, 64, (char *)exponent, 4);
415}
int rdssl_mod_exp(char *out, int out_len, char *in, int in_len, char *mod, int mod_len, char *exp, int exp_len)
Definition: ssl_calls.c:1485

Referenced by sec_process_crypt_info().

◆ sec_send()

◆ sec_send_to_channel()

void sec_send_to_channel ( STREAM  s,
uint32  flags,
uint16  channel 
)

Definition at line 436 of file secure.c.

437{
438 int datalen;
439
440#ifdef WITH_SCARD
442#endif
443
444 s_pop_layer(s, sec_hdr);
447
448 if (flags & SEC_ENCRYPT)
449 {
450 flags &= ~SEC_ENCRYPT;
451 datalen = s->end - s->p - 8;
452
453#ifdef WITH_DEBUG
454 DEBUG(("Sending encrypted packet:\n"));
455 hexdump(s->p + 8, datalen);
456#endif
457
459 sec_encrypt(s->p + 8, datalen);
460 }
461
462 mcs_send_to_channel(s, channel);
463
464#ifdef WITH_SCARD
466#endif
467}
#define SCARD_LOCK_SEC
Definition: constants.h:580
void mcs_send_to_channel(STREAM s, uint16 channel)
Definition: mcs.c:254
#define s_pop_layer(s, h)
Definition: parse.h:40
void scard_lock(int lock)
void scard_unlock(int lock)
static void sec_encrypt(uint8 *data, int length)
Definition: secure.c:381
void sec_sign(uint8 *signature, int siglen, uint8 *session_key, int keylen, uint8 *data, int datalen)
Definition: secure.c:314
int const JOCTET unsigned int datalen
Definition: jpeglib.h:1031

Referenced by channel_send(), and sec_send().

◆ sec_sign()

void sec_sign ( uint8 signature,
int  siglen,
uint8 session_key,
int  keylen,
uint8 data,
int  datalen 
)

Definition at line 314 of file secure.c.

315{
316 uint8 shasig[20];
317 uint8 md5sig[16];
318 uint8 lenhdr[4];
319 void * sha;
320 void * md5;
321
322 buf_out_uint32(lenhdr, datalen);
323
326 rdssl_sha1_transform(sha, (char *)session_key, keylen);
327 rdssl_sha1_transform(sha, (char *)pad_54, 40);
328 rdssl_sha1_transform(sha, (char *)lenhdr, 4);
330 rdssl_sha1_complete(sha, (char *)shasig);
332
335 rdssl_md5_transform(md5, (char *)session_key, keylen);
336 rdssl_md5_transform(md5, (char *)pad_92, 48);
337 rdssl_md5_transform(md5, (char *)shasig, 20);
338 rdssl_md5_complete(md5, (char *)md5sig);
340
341 memcpy(signature, md5sig, siglen);
342}
void buf_out_uint32(uint8 *buffer, uint32 value)
Definition: secure.c:304
static uint8 pad_54[40]
Definition: secure.c:288
static uint8 pad_92[48]
Definition: secure.c:295

Referenced by sec_send_to_channel().

◆ sec_update()

static void sec_update ( uint8 key,
uint8 update_key 
)
static

Definition at line 346 of file secure.c.

347{
348 uint8 shasig[20];
349 void * sha;
350 void * md5;
351 void * update;
352
355 rdssl_sha1_transform(sha, (char *)update_key, g_rc4_key_len);
356 rdssl_sha1_transform(sha, (char *)pad_54, 40);
358 rdssl_sha1_complete(sha, (char *)shasig);
360
363 rdssl_md5_transform(md5, (char *)update_key, g_rc4_key_len);
364 rdssl_md5_transform(md5, (char *)pad_92, 48);
365 rdssl_md5_transform(md5, (char *)shasig, 20);
366 rdssl_md5_complete(md5, (char *)key);
368
369
370 update = rdssl_rc4_info_create();
371 rdssl_rc4_set_key(update, (char *)key, g_rc4_key_len);
372 rdssl_rc4_crypt(update, (char *)key, (char *)key, g_rc4_key_len);
373 rdssl_rc4_info_delete(update);
374
375 if (g_rc4_key_len == 8)
377}

Referenced by sec_decrypt(), and sec_encrypt().

Variable Documentation

◆ g_channels

VCHANNEL g_channels[]
extern

Definition at line 32 of file channels.c.

Referenced by channel_process(), channel_register(), and sec_out_mcs_data().

◆ g_client_random

uint8 g_client_random[SEC_RANDOM_SIZE]
extern

Definition at line 78 of file uimain.c.

Referenced by sec_process_crypt_info().

◆ g_console_session

RD_BOOL g_console_session
extern

Definition at line 48 of file uimain.c.

Referenced by parse_parameters(), and sec_out_mcs_data().

◆ g_encryption

RD_BOOL g_encryption
extern

Definition at line 40 of file uimain.c.

Referenced by sec_connect(), sec_out_mcs_data(), and sec_recv().

◆ g_height

int g_height
extern

Definition at line 43 of file uimain.c.

Referenced by sec_out_mcs_data().

◆ g_hostname

char g_hostname[16]
extern

Definition at line 26 of file uimain.c.

Referenced by sec_out_mcs_data().

◆ g_keyboard_functionkeys

int g_keyboard_functionkeys
extern

Definition at line 47 of file uimain.c.

Referenced by sec_out_mcs_data().

◆ g_keyboard_subtype

int g_keyboard_subtype
extern

Definition at line 46 of file uimain.c.

Referenced by sec_out_mcs_data().

◆ g_keyboard_type

int g_keyboard_type
extern

Definition at line 45 of file uimain.c.

Referenced by sec_out_mcs_data().

◆ g_keylayout

unsigned int g_keylayout
extern

Definition at line 44 of file uimain.c.

Referenced by sec_out_mcs_data().

◆ g_licence_error_result

RD_BOOL g_licence_error_result
extern

◆ g_licence_issued

◆ g_num_channels

unsigned int g_num_channels
extern

Definition at line 33 of file channels.c.

Referenced by channel_process(), channel_register(), and sec_out_mcs_data().

◆ g_rc4_decrypt_key

void* g_rc4_decrypt_key
static

Definition at line 94 of file secure.c.

Referenced by sec_decrypt(), and sec_generate_keys().

◆ g_rc4_encrypt_key

void* g_rc4_encrypt_key
static

Definition at line 95 of file secure.c.

Referenced by sec_encrypt(), and sec_generate_keys().

◆ g_rc4_key_len

int g_rc4_key_len
static

Definition at line 93 of file secure.c.

Referenced by sec_decrypt(), sec_encrypt(), sec_generate_keys(), sec_send_to_channel(), and sec_update().

◆ g_rdp_version

RDP_VERSION g_rdp_version
extern

Definition at line 74 of file uimain.c.

Referenced by sec_out_mcs_data(), and sec_process_srv_info().

◆ g_redirect_session_id

uint32 g_redirect_session_id
extern

Definition at line 67 of file uimain.c.

Referenced by sec_out_mcs_data().

◆ g_sec_crypted_random

uint8 g_sec_crypted_random[SEC_MAX_MODULUS_SIZE]
static

Definition at line 103 of file secure.c.

Referenced by sec_establish_key(), and sec_process_crypt_info().

◆ g_sec_decrypt_key

uint8 g_sec_decrypt_key[16]
static

Definition at line 99 of file secure.c.

Referenced by sec_decrypt(), and sec_generate_keys().

◆ g_sec_decrypt_update_key

uint8 g_sec_decrypt_update_key[16]
static

Definition at line 101 of file secure.c.

Referenced by sec_decrypt(), and sec_generate_keys().

◆ g_sec_decrypt_use_count

int g_sec_decrypt_use_count = 0
static

Definition at line 109 of file secure.c.

Referenced by sec_decrypt(), and sec_reset_state().

◆ g_sec_encrypt_key

uint8 g_sec_encrypt_key[16]
static

Definition at line 100 of file secure.c.

Referenced by sec_encrypt(), and sec_generate_keys().

◆ g_sec_encrypt_update_key

uint8 g_sec_encrypt_update_key[16]
static

Definition at line 102 of file secure.c.

Referenced by sec_encrypt(), and sec_generate_keys().

◆ g_sec_encrypt_use_count

int g_sec_encrypt_use_count = 0
static

Definition at line 108 of file secure.c.

Referenced by sec_encrypt(), and sec_reset_state().

◆ g_sec_sign_key

uint8 g_sec_sign_key[16]
static

Definition at line 98 of file secure.c.

Referenced by sec_generate_keys(), and sec_send_to_channel().

◆ g_server_depth

int g_server_depth
extern

Definition at line 41 of file uimain.c.

Referenced by sec_out_mcs_data(), and sec_process_srv_info().

◆ g_server_public_key_len

uint32 g_server_public_key_len
static

◆ g_server_rdp_version

uint16 g_server_rdp_version = 0

Definition at line 105 of file secure.c.

Referenced by rdp_send_logon_info(), sec_process_srv_info(), and sec_reset_state().

◆ g_testkey

uint8 g_testkey[176]
static
Initial value:
=
{
0x01, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00,
0x01, 0x00, 0x00, 0x00, 0x06, 0x00, 0x5c, 0x00,
0x52, 0x53, 0x41, 0x31, 0x48, 0x00, 0x00, 0x00,
0x00, 0x02, 0x00, 0x00, 0x3f, 0x00, 0x00, 0x00,
0x01, 0x00, 0x01, 0x00, 0x79, 0x6f, 0xb4, 0xdf,
0xa6, 0x95, 0xb9, 0xa9, 0x61, 0xe3, 0xc4, 0x5e,
0xff, 0x6b, 0xd8, 0x81, 0x8a, 0x12, 0x4a, 0x93,
0x42, 0x97, 0x18, 0x93, 0xac, 0xd1, 0x3a, 0x38,
0x3c, 0x68, 0x50, 0x19, 0x31, 0xb6, 0x84, 0x51,
0x79, 0xfb, 0x1c, 0xe7, 0xe3, 0x99, 0x20, 0xc7,
0x84, 0xdf, 0xd1, 0xaa, 0xb5, 0x15, 0xef, 0x47,
0x7e, 0xfc, 0x88, 0xeb, 0x29, 0xc3, 0x27, 0x5a,
0x35, 0xf8, 0xfd, 0xaa, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00,
0x08, 0x00, 0x48, 0x00,
0x32, 0x3b, 0xde, 0x6f, 0x18, 0x97, 0x1e, 0xc3,
0x6b, 0x2b, 0x2d, 0xe4, 0xfc, 0x2d, 0xa2, 0x8e,
0x32, 0x3c, 0xf3, 0x1b, 0x24, 0x90, 0x57, 0x4d,
0x8e, 0xe4, 0x69, 0xfc, 0x16, 0x8d, 0x41, 0x92,
0x78, 0xc7, 0x9c, 0xb4, 0x26, 0xff, 0xe8, 0x3e,
0xa1, 0x8a, 0xf5, 0x57, 0xc0, 0x7f, 0x3e, 0x21,
0x17, 0x32, 0x30, 0x6f, 0x79, 0xe1, 0x36, 0xcd,
0xb6, 0x8e, 0xbe, 0x57, 0x57, 0xd2, 0xa9, 0x36
}

Definition at line 113 of file secure.c.

Referenced by sec_parse_public_sig().

◆ g_width

int g_width
extern

Definition at line 42 of file uimain.c.

Referenced by sec_out_mcs_data().

◆ pad_54

uint8 pad_54[40]
static
Initial value:
= {
54, 54, 54, 54, 54, 54, 54, 54, 54, 54, 54, 54, 54, 54, 54, 54, 54,
54, 54, 54,
54, 54, 54, 54, 54, 54, 54, 54, 54, 54, 54, 54, 54, 54, 54, 54, 54,
54, 54, 54
}

Definition at line 288 of file secure.c.

Referenced by sec_sign(), and sec_update().

◆ pad_92

uint8 pad_92[48]
static
Initial value:
= {
92, 92, 92, 92, 92, 92, 92, 92, 92, 92, 92, 92, 92, 92, 92, 92, 92,
92, 92, 92, 92, 92, 92, 92,
92, 92, 92, 92, 92, 92, 92, 92, 92, 92, 92, 92, 92, 92, 92, 92, 92,
92, 92, 92, 92, 92, 92, 92
}

Definition at line 295 of file secure.c.

Referenced by sec_sign(), and sec_update().