ReactOS  0.4.14-dev-52-g6116262
secure.c File Reference
#include "precomp.h"
Include dependency graph for secure.c:

Go to the source code of this file.

Macros

#define SEC_MODULUS_SIZE   64
 

Functions

voidrdssl_sha1_info_create (void)
 
void rdssl_sha1_info_delete (void *sha1_info)
 
void rdssl_sha1_clear (void *sha1_info)
 
void rdssl_sha1_transform (void *sha1_info, char *data, int len)
 
void rdssl_sha1_complete (void *sha1_info, char *data)
 
voidrdssl_md5_info_create (void)
 
void rdssl_md5_info_delete (void *md5_info)
 
void rdssl_md5_clear (void *md5_info)
 
void rdssl_md5_transform (void *md5_info, char *data, int len)
 
void rdssl_md5_complete (void *md5_info, char *data)
 
voidrdssl_rc4_info_create (void)
 
void rdssl_rc4_info_delete (void *rc4_info)
 
void rdssl_rc4_set_key (void *rc4_info, char *key, int len)
 
void rdssl_rc4_crypt (void *rc4_info, char *in_data, char *out_data, int len)
 
int rdssl_mod_exp (char *out, int out_len, char *in, int in_len, char *mod, int mod_len, char *exp, int exp_len)
 
int rdssl_sign_ok (char *e_data, int e_len, char *n_data, int n_len, char *sign_data, int sign_len, char *sign_data2, int sign_len2, char *testkey)
 
PCCERT_CONTEXT rdssl_cert_read (uint8 *data, uint32 len)
 
void rdssl_cert_free (PCCERT_CONTEXT context)
 
uint8rdssl_cert_to_rkey (PCCERT_CONTEXT cert, uint32 *key_len)
 
RD_BOOL rdssl_certs_ok (PCCERT_CONTEXT server_cert, PCCERT_CONTEXT cacert)
 
int rdssl_rkey_get_exp_mod (uint8 *rkey, uint8 *exponent, uint32 max_exp_len, uint8 *modulus, uint32 max_mod_len)
 
void rdssl_rkey_free (uint8 *rkey)
 
void sec_hash_48 (uint8 *out, uint8 *in, uint8 *salt1, uint8 *salt2, uint8 salt)
 
void sec_hash_16 (uint8 *out, uint8 *in, uint8 *salt1, uint8 *salt2)
 
void sec_hash_sha1_16 (uint8 *out, uint8 *in, uint8 *salt1)
 
void sec_hash_to_string (char *out, int out_size, uint8 *in, int in_size)
 
static void sec_make_40bit (uint8 *key)
 
static void sec_generate_keys (uint8 *client_random, uint8 *server_random, int rc4_key_size)
 
void buf_out_uint32 (uint8 *buffer, uint32 value)
 
void sec_sign (uint8 *signature, int siglen, uint8 *session_key, int keylen, uint8 *data, int datalen)
 
static void sec_update (uint8 *key, uint8 *update_key)
 
static void sec_encrypt (uint8 *data, int length)
 
void sec_decrypt (uint8 *data, int length)
 
static void sec_rsa_encrypt (uint8 *out, uint8 *in, int len, uint32 modulus_size, uint8 *modulus, uint8 *exponent)
 
STREAM sec_init (uint32 flags, int maxlen)
 
void sec_send_to_channel (STREAM s, uint32 flags, uint16 channel)
 
void sec_send (STREAM s, uint32 flags)
 
static void sec_establish_key (void)
 
static void sec_out_mcs_data (STREAM s, uint32 selected_protocol)
 
static RD_BOOL sec_parse_public_key (STREAM s, uint8 *modulus, uint8 *exponent)
 
static RD_BOOL sec_parse_public_sig (STREAM s, uint32 len, uint8 *modulus, uint8 *exponent)
 
static RD_BOOL sec_parse_crypt_info (STREAM s, uint32 *rc4_key_size, uint8 **server_random, uint8 *modulus, uint8 *exponent)
 
static void sec_process_crypt_info (STREAM s)
 
static void sec_process_srv_info (STREAM s)
 
void sec_process_mcs_data (STREAM s)
 
STREAM sec_recv (uint8 *rdpver)
 
RD_BOOL sec_connect (char *server, char *username, char *domain, char *password, RD_BOOL reconnect)
 
void sec_disconnect (void)
 
void sec_reset_state (void)
 

Variables

char g_hostname [16]
 
int g_width
 
int g_height
 
unsigned int g_keylayout
 
int g_keyboard_type
 
int g_keyboard_subtype
 
int g_keyboard_functionkeys
 
RD_BOOL g_encryption
 
RD_BOOL g_licence_issued
 
RD_BOOL g_licence_error_result
 
RDP_VERSION g_rdp_version
 
RD_BOOL g_console_session
 
uint32 g_redirect_session_id
 
int g_server_depth
 
VCHANNEL g_channels []
 
unsigned int g_num_channels
 
uint8 g_client_random [SEC_RANDOM_SIZE]
 
static int g_rc4_key_len
 
static voidg_rc4_decrypt_key
 
static voidg_rc4_encrypt_key
 
static uint32 g_server_public_key_len
 
static uint8 g_sec_sign_key [16]
 
static uint8 g_sec_decrypt_key [16]
 
static uint8 g_sec_encrypt_key [16]
 
static uint8 g_sec_decrypt_update_key [16]
 
static uint8 g_sec_encrypt_update_key [16]
 
static uint8 g_sec_crypted_random [SEC_MAX_MODULUS_SIZE]
 
uint16 g_server_rdp_version = 0
 
static int g_sec_encrypt_use_count = 0
 
static int g_sec_decrypt_use_count = 0
 
static uint8 g_testkey [176]
 
static uint8 pad_54 [40]
 
static uint8 pad_92 [48]
 

Macro Definition Documentation

◆ SEC_MODULUS_SIZE

#define SEC_MODULUS_SIZE   64

Definition at line 111 of file secure.c.

Function Documentation

◆ buf_out_uint32()

void buf_out_uint32 ( uint8 buffer,
uint32  value 
)

Definition at line 304 of file secure.c.

305 {
306  buffer[0] = (value) & 0xff;
307  buffer[1] = (value >> 8) & 0xff;
308  buffer[2] = (value >> 16) & 0xff;
309  buffer[3] = (value >> 24) & 0xff;
310 }
GLuint buffer
Definition: glext.h:5915
GLsizei const GLfloat * value
Definition: glext.h:6069

Referenced by sec_sign().

◆ rdssl_cert_free()

void rdssl_cert_free ( PCCERT_CONTEXT  context)

Definition at line 1656 of file ssl_calls.c.

1657 {
1658  if (context)
1660 }
Definition: http.c:6587
BOOL WINAPI CertFreeCertificateContext(PCCERT_CONTEXT pCertContext)
Definition: cert.c:371

Referenced by sec_parse_crypt_info().

◆ rdssl_cert_read()

PCCERT_CONTEXT rdssl_cert_read ( uint8 data,
uint32  len 
)

Definition at line 1639 of file ssl_calls.c.

1640 {
1642  if (!data || !len)
1643  {
1644  error("rdssl_cert_read %p %ld\n", data, len);
1645  return NULL;
1646  }
1648  if (!res)
1649  {
1650  error("CertCreateCertificateContext call failed with %lx\n", GetLastError());
1651  }
1652  return res;
1653 }
#define error(str)
Definition: mkdosfs.c:1605
DWORD WINAPI GetLastError(VOID)
Definition: except.c:1059
#define PKCS_7_ASN_ENCODING
Definition: wincrypt.h:2299
#define X509_ASN_ENCODING
Definition: wincrypt.h:2297
smooth NULL
Definition: ftsmooth.c:416
GLint GLenum GLsizei GLsizei GLsizei GLint GLsizei const GLvoid * data
Definition: gl.h:1950
PCCERT_CONTEXT WINAPI CertCreateCertificateContext(DWORD dwCertEncodingType, const BYTE *pbCertEncoded, DWORD cbCertEncoded)
Definition: cert.c:316
GLenum GLsizei len
Definition: glext.h:6722
GLuint res
Definition: glext.h:9613

Referenced by sec_parse_crypt_info().

◆ rdssl_cert_to_rkey()

uint8* rdssl_cert_to_rkey ( PCCERT_CONTEXT  cert,
uint32 key_len 
)

Definition at line 1663 of file ssl_calls.c.

1664 {
1665  HCRYPTPROV hCryptProv;
1666  HCRYPTKEY hKey;
1667  BOOL ret;
1668  BYTE * rkey;
1669  DWORD dwSize, dwErr;
1670  ret = CryptAcquireContext(&hCryptProv,
1671  NULL,
1673  PROV_RSA_FULL,
1674  0);
1675  if (!ret)
1676  {
1677  dwErr = GetLastError();
1678  if (dwErr == NTE_BAD_KEYSET)
1679  {
1680  ret = CryptAcquireContext(&hCryptProv,
1681  L"MSTSC",
1683  PROV_RSA_FULL,
1684  CRYPT_NEWKEYSET);
1685  }
1686  }
1687  if (!ret)
1688  {
1689  dwErr = GetLastError();
1690  error("CryptAcquireContext call failed with %lx\n", dwErr);
1691  return NULL;
1692  }
1693  ret = CryptImportPublicKeyInfoEx(hCryptProv,
1695  &(cert->pCertInfo->SubjectPublicKeyInfo),
1696  0,
1697  0,
1698  NULL,
1699  &hKey);
1700  if (!ret)
1701  {
1702  dwErr = GetLastError();
1703  CryptReleaseContext(hCryptProv, 0);
1704  error("CryptImportPublicKeyInfoEx call failed with %lx\n", dwErr);
1705  return NULL;
1706  }
1707  ret = CryptExportKey(hKey,
1708  0,
1709  PUBLICKEYBLOB,
1710  0,
1711  NULL,
1712  &dwSize);
1713  if (!ret)
1714  {
1715  dwErr = GetLastError();
1716  CryptDestroyKey(hKey);
1717  CryptReleaseContext(hCryptProv, 0);
1718  error("CryptExportKey call failed with %lx\n", dwErr);
1719  return NULL;
1720  }
1721  rkey = g_malloc(dwSize, 0);
1722  ret = CryptExportKey(hKey,
1723  0,
1724  PUBLICKEYBLOB,
1725  0,
1726  rkey,
1727  &dwSize);
1728  if (!ret)
1729  {
1730  dwErr = GetLastError();
1731  g_free(rkey);
1732  CryptDestroyKey(hKey);
1733  CryptReleaseContext(hCryptProv, 0);
1734  error("CryptExportKey call failed with %lx\n", dwErr);
1735  return NULL;
1736  }
1737  CryptDestroyKey(hKey);
1738  CryptReleaseContext(hCryptProv, 0);
1739  return rkey;
1740 }
#define CRYPT_NEWKEYSET
Definition: wincrypt.h:2070
#define error(str)
Definition: mkdosfs.c:1605
static void g_free(void *in)
Definition: ssl_calls.c:39
DWORD WINAPI GetLastError(VOID)
Definition: except.c:1059
#define PKCS_7_ASN_ENCODING
Definition: wincrypt.h:2299
#define CryptAcquireContext
Definition: wincrypt.h:4164
#define PUBLICKEYBLOB
Definition: wincrypt.h:2240
#define X509_ASN_ENCODING
Definition: wincrypt.h:2297
unsigned int BOOL
Definition: ntddk_ex.h:94
smooth NULL
Definition: ftsmooth.c:416
BOOL WINAPI CryptDestroyKey(HCRYPTKEY hKey)
Definition: crypt.c:935
static BYTE cert[]
Definition: msg.c:1437
DWORD dwErr
Definition: service.c:36
#define NTE_BAD_KEYSET
Definition: winerror.h:2890
unsigned long DWORD
Definition: ntddk_ex.h:95
#define MS_ENHANCED_PROV
Definition: wincrypt.h:1886
BOOL WINAPI CryptExportKey(HCRYPTKEY hKey, HCRYPTKEY hExpKey, DWORD dwBlobType, DWORD dwFlags, BYTE *pbData, DWORD *pdwDataLen)
Definition: crypt.c:1421
int ret
static const WCHAR L[]
Definition: oid.c:1250
BOOL WINAPI CryptImportPublicKeyInfoEx(HCRYPTPROV hCryptProv, DWORD dwCertEncodingType, PCERT_PUBLIC_KEY_INFO pInfo, ALG_ID aiKeyAlg, DWORD dwFlags, void *pvAuxInfo, HCRYPTKEY *phKey)
Definition: encode.c:5044
unsigned char BYTE
Definition: mem.h:68
static void * g_malloc(int size, int zero)
Definition: ssl_calls.c:26
ULONG_PTR HCRYPTPROV
Definition: wincrypt.h:46
ULONG_PTR HCRYPTKEY
Definition: wincrypt.h:49
BOOL WINAPI CryptReleaseContext(HCRYPTPROV hProv, ULONG_PTR dwFlags)
Definition: crypt.c:651
PSDBQUERYRESULT_VISTA PVOID DWORD * dwSize
Definition: env.c:54
#define PROV_RSA_FULL
Definition: wincrypt.h:2039

Referenced by sec_parse_crypt_info().

◆ rdssl_certs_ok()

RD_BOOL rdssl_certs_ok ( PCCERT_CONTEXT  server_cert,
PCCERT_CONTEXT  cacert 
)

Definition at line 1743 of file ssl_calls.c.

1744 {
1745  /* FIXME should we check for expired certificates??? */
1746  DWORD dwFlags = CERT_STORE_SIGNATURE_FLAG; /* CERT_STORE_TIME_VALIDITY_FLAG */
1748  cacert,
1749  &dwFlags);
1750  if (!ret)
1751  {
1752  error("CertVerifySubjectCertificateContext call failed with %lx\n", GetLastError());
1753  }
1754  if (dwFlags)
1755  {
1756  error("CertVerifySubjectCertificateContext check failed %lx\n", dwFlags);
1757  }
1758  return (dwFlags == 0);
1759 }
#define error(str)
Definition: mkdosfs.c:1605
#define CERT_STORE_SIGNATURE_FLAG
Definition: wincrypt.h:3458
DWORD WINAPI GetLastError(VOID)
Definition: except.c:1059
unsigned int BOOL
Definition: ntddk_ex.h:94
unsigned long DWORD
Definition: ntddk_ex.h:95
int ret
_In_ PCCERT_CONTEXT _In_ DWORD dwFlags
Definition: wincrypt.h:1175
BOOL WINAPI CertVerifySubjectCertificateContext(PCCERT_CONTEXT pSubject, PCCERT_CONTEXT pIssuer, DWORD *pdwFlags)
Definition: cert.c:1845

Referenced by sec_parse_crypt_info().

◆ rdssl_md5_clear()

void rdssl_md5_clear ( void md5_info)

Definition at line 428 of file ssl_calls.c.

429 {
431 }
void rdssl_hash_clear(void *hash_info, ALG_ID id)
Definition: ssl_calls.c:291
#define CALG_MD5
Definition: wincrypt.h:1805
#define md5_info
Definition: compat-1.3.h:2014

Referenced by rdssl_sign_ok(), sec_hash_16(), sec_hash_48(), sec_sign(), and sec_update().

◆ rdssl_md5_complete()

void rdssl_md5_complete ( void md5_info,
char data 
)

Definition at line 442 of file ssl_calls.c.

443 {
445 }
void rdssl_hash_complete(void *hash_info, char *data)
Definition: ssl_calls.c:344
GLint GLenum GLsizei GLsizei GLsizei GLint GLsizei const GLvoid * data
Definition: gl.h:1950
#define md5_info
Definition: compat-1.3.h:2014

Referenced by rdssl_sign_ok(), sec_hash_16(), sec_hash_48(), sec_sign(), and sec_update().

◆ rdssl_md5_info_create()

void * rdssl_md5_info_create ( void  )

Definition at line 414 of file ssl_calls.c.

415 {
417 }
#define CALG_MD5
Definition: wincrypt.h:1805
void * rdssl_hash_info_create(ALG_ID id)
Definition: ssl_calls.c:218

Referenced by rdssl_sign_ok(), sec_hash_16(), sec_hash_48(), sec_sign(), and sec_update().

◆ rdssl_md5_info_delete()

void rdssl_md5_info_delete ( void md5_info)

Definition at line 421 of file ssl_calls.c.

422 {
424 }
#define md5_info
Definition: compat-1.3.h:2014
void rdssl_hash_info_delete(void *hash_info)
Definition: ssl_calls.c:270

Referenced by rdssl_sign_ok(), sec_hash_16(), sec_hash_48(), sec_sign(), and sec_update().

◆ rdssl_md5_transform()

void rdssl_md5_transform ( void md5_info,
char data,
int  len 
)

Definition at line 435 of file ssl_calls.c.

436 {
438 }
void rdssl_hash_transform(void *hash_info, char *data, int len)
Definition: ssl_calls.c:321
GLint GLenum GLsizei GLsizei GLsizei GLint GLsizei const GLvoid * data
Definition: gl.h:1950
GLenum GLsizei len
Definition: glext.h:6722
#define md5_info
Definition: compat-1.3.h:2014

Referenced by rdssl_sign_ok(), sec_hash_16(), sec_hash_48(), sec_sign(), and sec_update().

◆ rdssl_mod_exp()

int rdssl_mod_exp ( char out,
int  out_len,
char in,
int  in_len,
char mod,
int  mod_len,
char exp,
int  exp_len 
)

Definition at line 1485 of file ssl_calls.c.

1487 {
1488  /* Computes y = x ^ e mod m */
1489  /* Binary left-to-right method */
1490  DIGIT_T mask;
1491  DIGIT_T* e;
1492  DIGIT_T* x;
1493  DIGIT_T* y;
1494  DIGIT_T* m;
1495  unsigned int n;
1496  int max_size;
1497  char* l_out;
1498  char* l_in;
1499  char* l_mod;
1500  char* l_exp;
1501 
1502  if (in_len > out_len || in_len == 0 ||
1503  out_len == 0 || mod_len == 0 || exp_len == 0)
1504  {
1505  return 0;
1506  }
1507  max_size = out_len;
1508  if (in_len > max_size)
1509  {
1510  max_size = in_len;
1511  }
1512  if (mod_len > max_size)
1513  {
1514  max_size = mod_len;
1515  }
1516  if (exp_len > max_size)
1517  {
1518  max_size = exp_len;
1519  }
1520  l_out = (char*)g_malloc(max_size, 1);
1521  l_in = (char*)g_malloc(max_size, 1);
1522  l_mod = (char*)g_malloc(max_size, 1);
1523  l_exp = (char*)g_malloc(max_size, 1);
1524  memcpy(l_in, in, in_len);
1525  memcpy(l_mod, mod, mod_len);
1526  memcpy(l_exp, exp, exp_len);
1527  e = (DIGIT_T*)l_exp;
1528  x = (DIGIT_T*)l_in;
1529  y = (DIGIT_T*)l_out;
1530  m = (DIGIT_T*)l_mod;
1531  /* Find second-most significant bit in e */
1532  n = mpSizeof(e, max_size / 4);
1533  for (mask = HIBITMASK; mask > 0; mask >>= 1)
1534  {
1535  if (e[n - 1] & mask)
1536  {
1537  break;
1538  }
1539  }
1540  mpNEXTBITMASK(mask, n);
1541  /* Set y = x */
1542  mpSetEqual(y, x, max_size / 4);
1543  /* For bit j = k - 2 downto 0 step -1 */
1544  while (n)
1545  {
1546  mpModMult(y, y, y, m, max_size / 4); /* Square */
1547  if (e[n - 1] & mask)
1548  {
1549  mpModMult(y, y, x, m, max_size / 4); /* Multiply */
1550  }
1551  /* Move to next bit */
1552  mpNEXTBITMASK(mask, n);
1553  }
1554  memcpy(out, l_out, out_len);
1555  g_free(l_out);
1556  g_free(l_in);
1557  g_free(l_mod);
1558  g_free(l_exp);
1559  return out_len;
1560 }
static unsigned int mpSizeof(DIGIT_T *a, unsigned int ndigits)
Definition: ssl_calls.c:795
static void g_free(void *in)
Definition: ssl_calls.c:39
GLdouble n
Definition: glext.h:7729
GLint GLint GLint GLint GLint x
Definition: gl.h:1548
const GLfloat * m
Definition: glext.h:10848
GLenum GLint GLuint mask
Definition: glext.h:6028
#define e
Definition: ke_i.h:82
static INT max_size
Definition: history.c:51
static void mpSetEqual(DIGIT_T *a, DIGIT_T *b, unsigned int ndigits)
Definition: ssl_calls.c:783
static FILE * out
Definition: regtests2xml.c:44
unsigned int DIGIT_T
Definition: ssl_calls.c:673
#define memcpy(s1, s2, n)
Definition: mkisofs.h:878
static void * g_malloc(int size, int zero)
Definition: ssl_calls.c:26
#define mpNEXTBITMASK(mask, n)
Definition: ssl_calls.c:684
GLuint in
Definition: glext.h:9616
static int mpModMult(DIGIT_T *a, DIGIT_T *x, DIGIT_T *y, DIGIT_T *m, unsigned int ndigits)
Definition: ssl_calls.c:1469
#define HIBITMASK
Definition: ssl_calls.c:674
DWORD exp
Definition: msg.c:15681
GLint GLint GLint GLint GLint GLint y
Definition: gl.h:1548
static int mod
Definition: i386-dis.c:1273

Referenced by rdssl_sign_ok(), and sec_rsa_encrypt().

◆ rdssl_rc4_crypt()

void rdssl_rc4_crypt ( void rc4_info,
char in_data,
char out_data,
int  len 
)

Definition at line 173 of file ssl_calls.c.

174 {
175  struct rc4_state *info = rc4_info;
176  BOOL ret;
177  DWORD dwErr;
178  BYTE * intermediate_data;
179  DWORD dwLen = len;
180  if (!rc4_info || !in_data || !out_data || !len || !info->hKey)
181  {
182  error("rdssl_rc4_crypt %p %p %p %d\n", rc4_info, in_data, out_data, len);
183  return;
184  }
185  intermediate_data = g_malloc(len, 0);
186  if (!intermediate_data)
187  {
188  error("rdssl_rc4_set_key no memory\n");
189  return;
190  }
191  memcpy(intermediate_data, in_data, len);
192  ret = CryptEncrypt(info->hKey,
193  0,
194  FALSE,
195  0,
196  intermediate_data,
197  &dwLen,
198  dwLen);
199  if (!ret)
200  {
201  dwErr = GetLastError();
202  g_free(intermediate_data);
203  error("CryptEncrypt failed with %lx\n", dwErr);
204  return;
205  }
206  memcpy(out_data, intermediate_data, len);
207  g_free(intermediate_data);
208 }
#define error(str)
Definition: mkdosfs.c:1605
static void g_free(void *in)
Definition: ssl_calls.c:39
DWORD WINAPI GetLastError(VOID)
Definition: except.c:1059
unsigned int BOOL
Definition: ntddk_ex.h:94
DWORD dwErr
Definition: service.c:36
BOOL WINAPI CryptEncrypt(HCRYPTKEY hKey, HCRYPTHASH hHash, BOOL Final, DWORD dwFlags, BYTE *pbData, DWORD *pdwDataLen, DWORD dwBufLen)
Definition: crypt.c:1098
unsigned long DWORD
Definition: ntddk_ex.h:95
int ret
#define memcpy(s1, s2, n)
Definition: mkisofs.h:878
GLenum GLsizei len
Definition: glext.h:6722
unsigned char BYTE
Definition: mem.h:68
static void * g_malloc(int size, int zero)
Definition: ssl_calls.c:26

Referenced by sec_decrypt(), sec_encrypt(), and sec_update().

◆ rdssl_rc4_info_create()

void* rdssl_rc4_info_create ( void  )

Definition at line 51 of file ssl_calls.c.

52 {
53  struct rc4_state *info = g_malloc(sizeof(struct rc4_state), 1);
54  BOOL ret;
55  DWORD dwErr;
56  if (!info)
57  {
58  error("rdssl_rc4_info_create no memory\n");
59  return NULL;
60  }
61  ret = CryptAcquireContext(&info->hCryptProv,
62  L"MSTSC",
65  0);
66  if (!ret)
67  {
68  dwErr = GetLastError();
69  if (dwErr == NTE_BAD_KEYSET)
70  {
71  ret = CryptAcquireContext(&info->hCryptProv,
72  L"MSTSC",
76  }
77  }
78  if (!ret)
79  {
80  dwErr = GetLastError();
81  error("CryptAcquireContext failed with %lx\n", dwErr);
82  g_free(info);
83  return NULL;
84  }
85  return info;
86 }
#define CRYPT_NEWKEYSET
Definition: wincrypt.h:2070
#define error(str)
Definition: mkdosfs.c:1605
static void g_free(void *in)
Definition: ssl_calls.c:39
DWORD WINAPI GetLastError(VOID)
Definition: except.c:1059
#define CryptAcquireContext
Definition: wincrypt.h:4164
struct _test_info info[]
Definition: SetCursorPos.c:19
unsigned int BOOL
Definition: ntddk_ex.h:94
smooth NULL
Definition: ftsmooth.c:416
DWORD dwErr
Definition: service.c:36
#define NTE_BAD_KEYSET
Definition: winerror.h:2890
unsigned long DWORD
Definition: ntddk_ex.h:95
#define MS_ENHANCED_PROV
Definition: wincrypt.h:1886
int ret
static const WCHAR L[]
Definition: oid.c:1250
static void * g_malloc(int size, int zero)
Definition: ssl_calls.c:26
#define PROV_RSA_FULL
Definition: wincrypt.h:2039

Referenced by sec_generate_keys(), and sec_update().

◆ rdssl_rc4_info_delete()

void rdssl_rc4_info_delete ( void rc4_info)

Definition at line 90 of file ssl_calls.c.

91 {
92  struct rc4_state *info = rc4_info;
93  BOOL ret = TRUE;
94  DWORD dwErr;
95  if (!info)
96  {
97  //error("rdssl_rc4_info_delete rc4_info is null\n");
98  return;
99  }
100  if (info->hKey)
101  {
102  ret = CryptDestroyKey(info->hKey);
103  if (!ret)
104  {
105  dwErr = GetLastError();
106  error("CryptDestroyKey failed with %lx\n", dwErr);
107  }
108  }
109  if (info->hCryptProv)
110  {
111  ret = CryptReleaseContext(info->hCryptProv, 0);
112  if (!ret)
113  {
114  dwErr = GetLastError();
115  error("CryptReleaseContext failed with %lx\n", dwErr);
116  }
117  }
118  g_free(rc4_info);
119 }
#define TRUE
Definition: types.h:120
#define error(str)
Definition: mkdosfs.c:1605
static void g_free(void *in)
Definition: ssl_calls.c:39
DWORD WINAPI GetLastError(VOID)
Definition: except.c:1059
unsigned int BOOL
Definition: ntddk_ex.h:94
BOOL WINAPI CryptDestroyKey(HCRYPTKEY hKey)
Definition: crypt.c:935
DWORD dwErr
Definition: service.c:36
unsigned long DWORD
Definition: ntddk_ex.h:95
int ret
BOOL WINAPI CryptReleaseContext(HCRYPTPROV hProv, ULONG_PTR dwFlags)
Definition: crypt.c:651

Referenced by sec_generate_keys(), and sec_update().

◆ rdssl_rc4_set_key()

void rdssl_rc4_set_key ( void rc4_info,
char key,
int  len 
)

Definition at line 123 of file ssl_calls.c.

124 {
125  struct rc4_state *info = rc4_info;
126  BOOL ret;
127  DWORD dwErr;
128  BYTE * blob;
130  DWORD * keySize;
131  BYTE * keyBuf;
132  if (!rc4_info || !key || !len || !info->hCryptProv)
133  {
134  error("rdssl_rc4_set_key %p %p %d\n", rc4_info, key, len);
135  return;
136  }
137  blob = g_malloc(sizeof(PUBLICKEYSTRUC) + sizeof(DWORD) + len, 0);
138  if (!blob)
139  {
140  error("rdssl_rc4_set_key no memory\n");
141  return;
142  }
143  desc = (PUBLICKEYSTRUC *)blob;
144  keySize = (DWORD *)(blob + sizeof(PUBLICKEYSTRUC));
145  keyBuf = blob + sizeof(PUBLICKEYSTRUC) + sizeof(DWORD);
146  desc->aiKeyAlg = CALG_RC4;
147  desc->bType = PLAINTEXTKEYBLOB;
148  desc->bVersion = CUR_BLOB_VERSION;
149  desc->reserved = 0;
150  *keySize = len;
151  memcpy(keyBuf, key, len);
152  if (info->hKey)
153  {
154  CryptDestroyKey(info->hKey);
155  info->hKey = 0;
156  }
157  ret = CryptImportKey(info->hCryptProv,
158  blob,
159  sizeof(PUBLICKEYSTRUC) + sizeof(DWORD) + len,
160  0,
162  &info->hKey);
163  g_free(blob);
164  if (!ret)
165  {
166  dwErr = GetLastError();
167  error("CryptImportKey failed with %lx\n", dwErr);
168  }
169 }
#define error(str)
Definition: mkdosfs.c:1605
Definition: image.c:133
static void g_free(void *in)
Definition: ssl_calls.c:39
#define CALG_RC4
Definition: wincrypt.h:1837
DWORD WINAPI GetLastError(VOID)
Definition: except.c:1059
unsigned int BOOL
Definition: ntddk_ex.h:94
const struct builtin_class_descr * desc
Definition: regcontrol.c:48
BOOL WINAPI CryptDestroyKey(HCRYPTKEY hKey)
Definition: crypt.c:935
DWORD dwErr
Definition: service.c:36
unsigned long DWORD
Definition: ntddk_ex.h:95
int ret
#define memcpy(s1, s2, n)
Definition: mkisofs.h:878
GLenum GLsizei len
Definition: glext.h:6722
unsigned char BYTE
Definition: mem.h:68
static void * g_malloc(int size, int zero)
Definition: ssl_calls.c:26
struct _PUBLICKEYSTRUC PUBLICKEYSTRUC
#define PLAINTEXTKEYBLOB
Definition: wincrypt.h:2242
#define CUR_BLOB_VERSION
Definition: wincrypt.h:2247
#define CRYPT_EXPORTABLE
Definition: wincrypt.h:2206
BOOL WINAPI CryptImportKey(HCRYPTPROV hProv, const BYTE *pbData, DWORD dwDataLen, HCRYPTKEY hPubKey, DWORD dwFlags, HCRYPTKEY *phKey)
Definition: crypt.c:1855
Definition: path.c:42

Referenced by sec_decrypt(), sec_encrypt(), sec_generate_keys(), and sec_update().

◆ rdssl_rkey_free()

void rdssl_rkey_free ( uint8 rkey)

Definition at line 1777 of file ssl_calls.c.

1778 {
1779  if (!rkey)
1780  {
1781  error("rdssl_rkey_free rkey is null\n");
1782  return;
1783  }
1784  g_free(rkey);
1785 }
#define error(str)
Definition: mkdosfs.c:1605
static void g_free(void *in)
Definition: ssl_calls.c:39

Referenced by sec_parse_crypt_info().

◆ rdssl_rkey_get_exp_mod()

int rdssl_rkey_get_exp_mod ( uint8 rkey,
uint8 exponent,
uint32  max_exp_len,
uint8 modulus,
uint32  max_mod_len 
)

Definition at line 1762 of file ssl_calls.c.

1764 {
1765  RSAPUBKEY *desc = (RSAPUBKEY *)(rkey + sizeof(PUBLICKEYSTRUC));
1766  if (!rkey || !exponent || !max_exp_len || !modulus || !max_mod_len)
1767  {
1768  error("rdssl_rkey_get_exp_mod %p %p %ld %p %ld\n", rkey, exponent, max_exp_len, modulus, max_mod_len);
1769  return -1;
1770  }
1771  memcpy (exponent, &desc->pubexp, max_exp_len);
1772  memcpy (modulus, rkey + sizeof(PUBLICKEYSTRUC) + sizeof(RSAPUBKEY), max_mod_len);
1773  return 0;
1774 }
#define error(str)
Definition: mkdosfs.c:1605
const struct builtin_class_descr * desc
Definition: regcontrol.c:48
#define memcpy(s1, s2, n)
Definition: mkisofs.h:878

Referenced by sec_parse_crypt_info().

◆ rdssl_sha1_clear()

void rdssl_sha1_clear ( void sha1_info)

Definition at line 393 of file ssl_calls.c.

394 {
396 }
void rdssl_hash_clear(void *hash_info, ALG_ID id)
Definition: ssl_calls.c:291
#define sha1_info
Definition: compat-1.3.h:2241
#define CALG_SHA1
Definition: wincrypt.h:1807

Referenced by sec_hash_48(), sec_hash_sha1_16(), sec_sign(), and sec_update().

◆ rdssl_sha1_complete()

void rdssl_sha1_complete ( void sha1_info,
char data 
)

Definition at line 407 of file ssl_calls.c.

408 {
410 }
void rdssl_hash_complete(void *hash_info, char *data)
Definition: ssl_calls.c:344
#define sha1_info
Definition: compat-1.3.h:2241
GLint GLenum GLsizei GLsizei GLsizei GLint GLsizei const GLvoid * data
Definition: gl.h:1950

Referenced by sec_hash_48(), sec_hash_sha1_16(), sec_sign(), and sec_update().

◆ rdssl_sha1_info_create()

void* rdssl_sha1_info_create ( void  )

Definition at line 379 of file ssl_calls.c.

380 {
382 }
#define CALG_SHA1
Definition: wincrypt.h:1807
void * rdssl_hash_info_create(ALG_ID id)
Definition: ssl_calls.c:218

Referenced by sec_hash_48(), sec_hash_sha1_16(), sec_sign(), and sec_update().

◆ rdssl_sha1_info_delete()

void rdssl_sha1_info_delete ( void sha1_info)

Definition at line 386 of file ssl_calls.c.

387 {
389 }
#define sha1_info
Definition: compat-1.3.h:2241
void rdssl_hash_info_delete(void *hash_info)
Definition: ssl_calls.c:270

Referenced by sec_hash_48(), sec_hash_sha1_16(), sec_sign(), and sec_update().

◆ rdssl_sha1_transform()

void rdssl_sha1_transform ( void sha1_info,
char data,
int  len 
)

Definition at line 400 of file ssl_calls.c.

401 {
403 }
void rdssl_hash_transform(void *hash_info, char *data, int len)
Definition: ssl_calls.c:321
#define sha1_info
Definition: compat-1.3.h:2241
GLint GLenum GLsizei GLsizei GLsizei GLint GLsizei const GLvoid * data
Definition: gl.h:1950
GLenum GLsizei len
Definition: glext.h:6722

Referenced by sec_hash_48(), sec_hash_sha1_16(), sec_sign(), and sec_update().

◆ rdssl_sign_ok()

int rdssl_sign_ok ( char e_data,
int  e_len,
char n_data,
int  n_len,
char sign_data,
int  sign_len,
char sign_data2,
int  sign_len2,
char testkey 
)

Definition at line 1594 of file ssl_calls.c.

1596 {
1597  char* key;
1598  char* md5_final;
1599  void* md5;
1600 
1601  if ((e_len != 4) || (n_len != 64) || (sign_len != 64) || (sign_len2 != 64))
1602  {
1603  return 1;
1604  }
1606  if (!md5)
1607  {
1608  return 1;
1609  }
1610  key = (char*)xmalloc(176);
1611  md5_final = (char*)xmalloc(64);
1612  // copy the test key
1613  memcpy(key, testkey, 176);
1614  // replace e and n
1615  memcpy(key + 32, e_data, 4);
1616  memcpy(key + 36, n_data, 64);
1618  // the first 108 bytes
1619  rdssl_md5_transform(md5, key, 108);
1620  // set the whole thing with 0xff
1621  memset(md5_final, 0xff, 64);
1622  // digest 16 bytes
1623  rdssl_md5_complete(md5, md5_final);
1624  // set non 0xff array items
1625  md5_final[16] = 0;
1626  md5_final[62] = 1;
1627  md5_final[63] = 0;
1628  // encrypt
1629  rdssl_mod_exp(sign_data, 64, md5_final, 64, (char*)g_ppk_n, 64,
1630  (char*)g_ppk_d, 64);
1631  // cleanup
1633  xfree(key);
1634  xfree(md5_final);
1635  return memcmp(sign_data, sign_data2, sign_len2);
1636 }
int memcmp(void *Buffer1, void *Buffer2, ACPI_SIZE Count)
Definition: utclib.c:112
void rdssl_md5_complete(void *md5_info, char *data)
Definition: ssl_calls.c:442
void rdssl_md5_clear(void *md5_info)
Definition: ssl_calls.c:428
void * xmalloc(int size)
Definition: uimain.c:747
static uint8 g_ppk_n[72]
Definition: ssl_calls.c:1562
void * rdssl_md5_info_create(void)
Definition: ssl_calls.c:414
void rdssl_md5_transform(void *md5_info, char *data, int len)
Definition: ssl_calls.c:435
void xfree(void *mem)
Definition: uimain.c:758
int rdssl_mod_exp(char *out, int out_len, char *in, int in_len, char *mod, int mod_len, char *exp, int exp_len)
Definition: ssl_calls.c:1485
HKEY key
Definition: reg.c:42
#define memcpy(s1, s2, n)
Definition: mkisofs.h:878
void rdssl_md5_info_delete(void *md5_info)
Definition: ssl_calls.c:421
#define md5
Definition: compat-1.3.h:2010
#define memset(x, y, z)
Definition: compat.h:39
static uint8 g_ppk_d[108]
Definition: ssl_calls.c:1575
Definition: path.c:42

Referenced by sec_parse_public_sig().

◆ sec_connect()

RD_BOOL sec_connect ( char server,
char username,
char domain,
char password,
RD_BOOL  reconnect 
)

Definition at line 1005 of file secure.c.

1006 {
1007  uint32 selected_proto;
1008  struct stream mcs_data;
1009 
1010  /* Start a MCS connect sequence */
1011  if (!mcs_connect_start(server, username, domain, password, reconnect, &selected_proto))
1012  return False;
1013 
1014  /* We exchange some RDP data during the MCS-Connect */
1015  mcs_data.size = 512;
1016  mcs_data.p = mcs_data.data = (uint8 *) xmalloc(mcs_data.size);
1017  sec_out_mcs_data(&mcs_data, selected_proto);
1018 
1019  /* finalize the MCS connect sequence */
1020  if (!mcs_connect_finalize(&mcs_data))
1021  return False;
1022 
1023  /* sec_process_mcs_data(&mcs_data); */
1024  if (g_encryption)
1026  xfree(mcs_data.data);
1027  return True;
1028 }
static rfbScreenInfoPtr server
Definition: vnc.c:74
unsigned int uint32
Definition: types.h:32
RD_BOOL mcs_connect_start(char *server, char *username, char *domain, char *password, RD_BOOL reconnect, uint32 *selected_protocol)
Definition: mcs.c:311
void * xmalloc(int size)
Definition: uimain.c:747
RD_BOOL g_encryption
Definition: uimain.c:40
static WCHAR username[]
Definition: url.c:32
#define True
Definition: types.h:24
#define False
Definition: types.h:25
void xfree(void *mem)
Definition: uimain.c:758
static void sec_establish_key(void)
Definition: secure.c:480
static void sec_out_mcs_data(STREAM s, uint32 selected_protocol)
Definition: secure.c:498
unsigned char uint8
Definition: types.h:28
Definition: parse.h:22
T1_FIELD_DICT_PRIVATE password
Definition: t1tokens.h:64
RD_BOOL mcs_connect_finalize(STREAM mcs_data)
Definition: mcs.c:318

Referenced by rdp_connect().

◆ sec_decrypt()

void sec_decrypt ( uint8 data,
int  length 
)

Definition at line 396 of file secure.c.

397 {
398  if (g_sec_decrypt_use_count == 4096)
399  {
403  }
404 
405  rdssl_rc4_crypt(g_rc4_decrypt_key,(char *)data, (char *)data, length);
407 }
void rdssl_rc4_crypt(void *rc4_info, char *in_data, char *out_data, int len)
Definition: ssl_calls.c:173
static int g_rc4_key_len
Definition: secure.c:93
static int g_sec_decrypt_use_count
Definition: secure.c:109
GLenum GLuint GLenum GLsizei length
Definition: glext.h:5579
GLint GLenum GLsizei GLsizei GLsizei GLint GLsizei const GLvoid * data
Definition: gl.h:1950
static void sec_update(uint8 *key, uint8 *update_key)
Definition: secure.c:346
static uint8 g_sec_decrypt_key[16]
Definition: secure.c:99
static uint8 g_sec_decrypt_update_key[16]
Definition: secure.c:101
static void * g_rc4_decrypt_key
Definition: secure.c:94
void rdssl_rc4_set_key(void *rc4_info, char *key, int len)
Definition: ssl_calls.c:123

Referenced by sec_recv().

◆ sec_disconnect()

void sec_disconnect ( void  )

Definition at line 1032 of file secure.c.

1033 {
1034  mcs_disconnect();
1035 }
void mcs_disconnect(void)
Definition: mcs.c:356

Referenced by rdp_disconnect().

◆ sec_encrypt()

static void sec_encrypt ( uint8 data,
int  length 
)
static

Definition at line 381 of file secure.c.

382 {
383  if (g_sec_encrypt_use_count == 4096)
384  {
388  }
389 
390  rdssl_rc4_crypt(g_rc4_encrypt_key, (char *)data, (char *)data, length);
392 }
void rdssl_rc4_crypt(void *rc4_info, char *in_data, char *out_data, int len)
Definition: ssl_calls.c:173
static int g_rc4_key_len
Definition: secure.c:93
static uint8 g_sec_encrypt_key[16]
Definition: secure.c:100
GLenum GLuint GLenum GLsizei length
Definition: glext.h:5579
GLint GLenum GLsizei GLsizei GLsizei GLint GLsizei const GLvoid * data
Definition: gl.h:1950
static void sec_update(uint8 *key, uint8 *update_key)
Definition: secure.c:346
static int g_sec_encrypt_use_count
Definition: secure.c:108
static uint8 g_sec_encrypt_update_key[16]
Definition: secure.c:102
static void * g_rc4_encrypt_key
Definition: secure.c:95
void rdssl_rc4_set_key(void *rc4_info, char *key, int len)
Definition: ssl_calls.c:123

Referenced by sec_send_to_channel().

◆ sec_establish_key()

static void sec_establish_key ( void  )
static

Definition at line 480 of file secure.c.

481 {
484  STREAM s;
485 
486  s = sec_init(flags, length + 4);
487 
491 
492  s_mark_end(s);
493  sec_send(s, flags);
494 }
#define out_uint8p(s, v, n)
Definition: parse.h:93
unsigned int uint32
Definition: types.h:32
#define out_uint32_le(s, v)
Definition: parse.h:59
void sec_send(STREAM s, uint32 flags)
Definition: secure.c:472
static uint32 g_server_public_key_len
Definition: secure.c:96
#define out_uint8s(s, n)
Definition: parse.h:95
GLenum GLuint GLenum GLsizei length
Definition: glext.h:5579
GLbitfield flags
Definition: glext.h:7161
Definition: parse.h:22
#define SEC_PADDING_SIZE
Definition: constants.h:94
GLdouble s
Definition: gl.h:2039
static uint8 g_sec_crypted_random[SEC_MAX_MODULUS_SIZE]
Definition: secure.c:103
#define SEC_EXCHANGE_PKT
Definition: constants.h:98
#define s_mark_end(s)
Definition: parse.h:41
STREAM sec_init(uint32 flags, int maxlen)
Definition: secure.c:419

Referenced by sec_connect().

◆ sec_generate_keys()

static void sec_generate_keys ( uint8 client_random,
uint8 server_random,
int  rc4_key_size 
)
static

Definition at line 238 of file secure.c.

239 {
240  uint8 pre_master_secret[48];
241  uint8 master_secret[48];
242  uint8 key_block[48];
243 
244  /* Construct pre-master secret */
245  memcpy(pre_master_secret, client_random, 24);
246  memcpy(pre_master_secret + 24, server_random, 24);
247 
248  /* Generate master secret and then key material */
249  sec_hash_48(master_secret, pre_master_secret, client_random, server_random, 'A');
250  sec_hash_48(key_block, master_secret, client_random, server_random, 'X');
251 
252  /* First 16 bytes of key material is MAC secret */
253  memcpy(g_sec_sign_key, key_block, 16);
254 
255  /* Generate export keys from next two blocks of 16 bytes */
256  sec_hash_16(g_sec_decrypt_key, &key_block[16], client_random, server_random);
257  sec_hash_16(g_sec_encrypt_key, &key_block[32], client_random, server_random);
258 
259  if (rc4_key_size == 1)
260  {
261  DEBUG(("40-bit encryption enabled\n"));
265  g_rc4_key_len = 8;
266  }
267  else
268  {
269  DEBUG(("rc_4_key_size == %d, 128-bit encryption enabled\n", rc4_key_size));
270  g_rc4_key_len = 16;
271  }
272 
273  /* Save initial RC4 keys as update keys */
276 
277  /* Initialise RC4 state arrays */
278 
282 
286 }
static int g_rc4_key_len
Definition: secure.c:93
static void sec_make_40bit(uint8 *key)
Definition: secure.c:229
static uint8 g_sec_sign_key[16]
Definition: secure.c:98
static uint8 g_sec_encrypt_key[16]
Definition: secure.c:100
unsigned char uint8
Definition: types.h:28
void rdssl_rc4_info_delete(void *rc4_info)
Definition: ssl_calls.c:90
#define memcpy(s1, s2, n)
Definition: mkisofs.h:878
static uint8 g_sec_decrypt_key[16]
Definition: secure.c:99
static uint8 g_sec_encrypt_update_key[16]
Definition: secure.c:102
static void * g_rc4_encrypt_key
Definition: secure.c:95
void sec_hash_16(uint8 *out, uint8 *in, uint8 *salt1, uint8 *salt2)
Definition: secure.c:187
void * rdssl_rc4_info_create(void)
Definition: ssl_calls.c:51
static uint8 g_sec_decrypt_update_key[16]
Definition: secure.c:101
static void * g_rc4_decrypt_key
Definition: secure.c:94
#define DEBUG(args)
Definition: rdesktop.h:129
void rdssl_rc4_set_key(void *rc4_info, char *key, int len)
Definition: ssl_calls.c:123
void sec_hash_48(uint8 *out, uint8 *in, uint8 *salt1, uint8 *salt2, uint8 salt)
Definition: secure.c:155

Referenced by sec_process_crypt_info().

◆ sec_hash_16()

void sec_hash_16 ( uint8 out,
uint8 in,
uint8 salt1,
uint8 salt2 
)

Definition at line 187 of file secure.c.

188 {
189  void * md5;
190 
193  rdssl_md5_transform(md5, (char *)in, 16);
194  rdssl_md5_transform(md5, (char *)salt1, 32);
195  rdssl_md5_transform(md5, (char *)salt2, 32);
196  rdssl_md5_complete(md5, (char *)out);
198 }
void rdssl_md5_info_delete(void *md5_info)
Definition: ssl_calls.c:421
void * rdssl_md5_info_create(void)
Definition: ssl_calls.c:414
void rdssl_md5_clear(void *md5_info)
Definition: ssl_calls.c:428
void rdssl_md5_complete(void *md5_info, char *data)
Definition: ssl_calls.c:442
static FILE * out
Definition: regtests2xml.c:44
GLuint in
Definition: glext.h:9616
void rdssl_md5_transform(void *md5_info, char *data, int len)
Definition: ssl_calls.c:435
#define md5
Definition: compat-1.3.h:2010

Referenced by sec_generate_keys().

◆ sec_hash_48()

void sec_hash_48 ( uint8 out,
uint8 in,
uint8 salt1,
uint8 salt2,
uint8  salt 
)

Definition at line 155 of file secure.c.

156 {
157  uint8 shasig[20];
158  uint8 pad[4];
159  void * sha;
160  void * md5;
161  int i;
162 
163  for (i = 0; i < 3; i++)
164  {
165  memset(pad, salt + i, i + 1);
168  rdssl_sha1_transform(sha, (char *)pad, i + 1);
169  rdssl_sha1_transform(sha, (char *)in, 48);
170  rdssl_sha1_transform(sha, (char *)salt1, 32);
171  rdssl_sha1_transform(sha, (char *)salt2, 32);
172  rdssl_sha1_complete(sha, (char *)shasig);
176  rdssl_md5_transform(md5, (char *)in, 48);
177  rdssl_md5_transform(md5, (char *)shasig, 20);
178  rdssl_md5_complete(md5, (char *)out + i * 16);
180  }
181 }
static const WCHAR sha[]
Definition: oid.c:1218
void rdssl_md5_info_delete(void *md5_info)
Definition: ssl_calls.c:421
void * rdssl_md5_info_create(void)
Definition: ssl_calls.c:414
void rdssl_md5_clear(void *md5_info)
Definition: ssl_calls.c:428
void rdssl_sha1_clear(void *sha1_info)
Definition: ssl_calls.c:393
void rdssl_md5_complete(void *md5_info, char *data)
Definition: ssl_calls.c:442
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
void rdssl_sha1_info_delete(void *sha1_info)
Definition: ssl_calls.c:386
void rdssl_sha1_transform(void *sha1_info, char *data, int len)
Definition: ssl_calls.c:400
void * rdssl_sha1_info_create(void)
Definition: ssl_calls.c:379
static void pad(Char *s)
Definition: bzip2.c:908
void rdssl_sha1_complete(void *sha1_info, char *data)
Definition: ssl_calls.c:407
static FILE * out
Definition: regtests2xml.c:44
unsigned char uint8
Definition: types.h:28
GLuint in
Definition: glext.h:9616
void rdssl_md5_transform(void *md5_info, char *data, int len)
Definition: ssl_calls.c:435
#define md5
Definition: compat-1.3.h:2010
#define memset(x, y, z)
Definition: compat.h:39

Referenced by sec_generate_keys().

◆ sec_hash_sha1_16()

void sec_hash_sha1_16 ( uint8 out,
uint8 in,
uint8 salt1 
)

Definition at line 204 of file secure.c.

205 {
206  void * sha;
209  rdssl_sha1_transform(&sha, (char *)in, 16);
210  rdssl_sha1_transform(&sha, (char *)salt1, 16);
211  rdssl_sha1_complete(&sha, (char *)out);
213 }
static const WCHAR sha[]
Definition: oid.c:1218
void rdssl_sha1_clear(void *sha1_info)
Definition: ssl_calls.c:393
void rdssl_sha1_info_delete(void *sha1_info)
Definition: ssl_calls.c:386
void rdssl_sha1_transform(void *sha1_info, char *data, int len)
Definition: ssl_calls.c:400
void * rdssl_sha1_info_create(void)
Definition: ssl_calls.c:379
void rdssl_sha1_complete(void *sha1_info, char *data)
Definition: ssl_calls.c:407
static FILE * out
Definition: regtests2xml.c:44
GLuint in
Definition: glext.h:9616

◆ sec_hash_to_string()

void sec_hash_to_string ( char out,
int  out_size,
uint8 in,
int  in_size 
)

Definition at line 217 of file secure.c.

218 {
219  int k;
220  memset(out, 0, out_size);
221  for (k = 0; k < in_size; k++, out += 2)
222  {
223  sprintf(out, "%.2x", in[k]);
224  }
225 }
static HANDLE PIO_APC_ROUTINE PVOID PIO_STATUS_BLOCK ULONG PVOID ULONG PVOID ULONG out_size
Definition: file.c:100
#define sprintf(buf, format,...)
Definition: sprintf.c:55
static FILE * out
Definition: regtests2xml.c:44
static HANDLE PIO_APC_ROUTINE PVOID PIO_STATUS_BLOCK ULONG PVOID ULONG in_size
Definition: file.c:100
GLuint in
Definition: glext.h:9616
#define memset(x, y, z)
Definition: compat.h:39
int k
Definition: mpi.c:3369

◆ sec_init()

STREAM sec_init ( uint32  flags,
int  maxlen 
)

Definition at line 419 of file secure.c.

420 {
421  int hdrlen;
422  STREAM s;
423 
425  hdrlen = (flags & SEC_ENCRYPT) ? 12 : 4;
426  else
427  hdrlen = (flags & SEC_ENCRYPT) ? 12 : 0;
428  s = mcs_init(maxlen + hdrlen);
429  s_push_layer(s, sec_hdr, hdrlen);
430 
431  return s;
432 }
RD_BOOL g_licence_issued
Definition: licence.c:44
#define SEC_ENCRYPT
Definition: constants.h:101
GLbitfield flags
Definition: glext.h:7161
STREAM mcs_init(int length)
Definition: mcs.c:242
Definition: parse.h:22
GLdouble s
Definition: gl.h:2039
#define s_push_layer(s, h, n)
Definition: parse.h:39
unsigned char * sec_hdr
Definition: parse.h:32
RD_BOOL g_licence_error_result
Definition: licence.c:45

Referenced by channel_init(), channel_send(), licence_info(), licence_present(), licence_send_authresp(), licence_send_new_licence_request(), licence_send_platform_challenge_response(), licence_send_request(), rdp_init_data(), rdp_send_confirm_active(), rdp_send_logon_info(), and sec_establish_key().

◆ sec_make_40bit()

static void sec_make_40bit ( uint8 key)
static

Definition at line 229 of file secure.c.

230 {
231  key[0] = 0xd1;
232  key[1] = 0x26;
233  key[2] = 0x9e;
234 }
Definition: path.c:42

Referenced by sec_generate_keys(), and sec_update().

◆ sec_out_mcs_data()

static void sec_out_mcs_data ( STREAM  s,
uint32  selected_protocol 
)
static

Definition at line 498 of file secure.c.

499 {
500  int hostlen = 2 * strlen(g_hostname);
501  int length = 162 + 76 + 12 + 4;
502  unsigned int i;
503  uint32 cluster_flags = 0;
504 
505  if (g_num_channels > 0)
506  length += g_num_channels * 12 + 8;
507 
508  if (hostlen > 30)
509  hostlen = 30;
510 
511  /* Generic Conference Control (T.124) ConferenceCreateRequest */
512  out_uint16_be(s, 5);
513  out_uint16_be(s, 0x14);
514  out_uint8(s, 0x7c);
515  out_uint16_be(s, 1);
516 
517  out_uint16_be(s, (length | 0x8000)); /* remaining length */
518 
519  out_uint16_be(s, 8); /* length? */
520  out_uint16_be(s, 16);
521  out_uint8(s, 0);
522  out_uint16_le(s, 0xc001);
523  out_uint8(s, 0);
524 
525  out_uint32_le(s, 0x61637544); /* OEM ID: "Duca", as in Ducati. */
526  out_uint16_be(s, ((length - 14) | 0x8000)); /* remaining length */
527 
528  /* Client information */
530  out_uint16_le(s, 216); /* length */
531  out_uint16_le(s, (g_rdp_version >= RDP_V5) ? 4 : 1); /* RDP version. 1 == RDP4, 4 >= RDP5 to RDP8 */
532  out_uint16_le(s, 8);
535  out_uint16_le(s, 0xca01);
536  out_uint16_le(s, 0xaa03);
538  out_uint32_le(s, 2600); /* Client build. We are now 2600 compatible :-) */
539 
540  /* Unicode name of client, padded to 32 bytes */
541  rdp_out_unistr(s, g_hostname, hostlen);
542  out_uint8s(s, 30 - hostlen);
543 
544  /* See
545  http://msdn.microsoft.com/library/default.asp?url=/library/en-us/wceddk40/html/cxtsksupportingremotedesktopprotocol.asp */
549  out_uint8s(s, 64); /* reserved? 4 + 12 doublewords */
550  out_uint16_le(s, 0xca01); /* colour depth? */
551  out_uint16_le(s, 1);
552 
553  out_uint32(s, 0);
555  out_uint16_le(s, 0x0700);
556  out_uint8(s, 0);
557  out_uint32_le(s, 1);
558  out_uint8s(s, 64);
559  out_uint32_le(s, selected_protocol); /* End of client info */
560 
561  /* Write a Client Cluster Data (TS_UD_CS_CLUSTER) */
562  out_uint16_le(s, SEC_TAG_CLI_CLUSTER); /* header.type */
563  out_uint16_le(s, 12); /* length */
564 
565  cluster_flags |= SEC_CC_REDIRECTION_SUPPORTED;
566  cluster_flags |= (SEC_CC_REDIRECT_VERSION_3 << 2);
567 
569  cluster_flags |= SEC_CC_REDIRECT_SESSIONID_FIELD_VALID;
570 
571  out_uint32_le(s, cluster_flags);
573 
574  /* Client encryption settings */
576  out_uint16_le(s, 12); /* length */
577  out_uint32_le(s, g_encryption ? 0x3 : 0); /* encryption supported, 128-bit supported */
578  out_uint32(s, 0); /* Unknown */
579 
580  DEBUG_RDP5(("g_num_channels is %d\n", g_num_channels));
581  if (g_num_channels > 0)
582  {
584  out_uint16_le(s, g_num_channels * 12 + 8); /* length */
585  out_uint32_le(s, g_num_channels); /* number of virtual channels */
586  for (i = 0; i < g_num_channels; i++)
587  {
588  DEBUG_RDP5(("Requesting channel %s\n", g_channels[i].name));
589  out_uint8a(s, g_channels[i].name, 8);
591  }
592  }
593 
594  s_mark_end(s);
595 }
#define SEC_CC_REDIRECT_VERSION_3
Definition: constants.h:135
#define out_uint16_le(s, v)
Definition: parse.h:58
#define SEC_TAG_CLI_INFO
Definition: constants.h:119
#define SEC_TAG_CLI_CRYPT
Definition: constants.h:120
#define SEC_TAG_CLI_CLUSTER
Definition: constants.h:122
ACPI_SIZE strlen(const char *String)
Definition: utclib.c:269
#define out_uint8a(s, v, n)
Definition: parse.h:94
int g_keyboard_functionkeys
Definition: uimain.c:47
unsigned int uint32
Definition: types.h:32
char g_hostname[16]
Definition: uimain.c:26
RD_BOOL g_console_session
Definition: uimain.c:48
#define out_uint32_le(s, v)
Definition: parse.h:59
RDP_VERSION g_rdp_version
Definition: uimain.c:74
int g_keyboard_subtype
Definition: uimain.c:46
#define SEC_TAG_CLI_CHANNELS
Definition: constants.h:121
#define out_uint8(s, v)
Definition: parse.h:92
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
RD_BOOL g_encryption
Definition: uimain.c:40
uint32 g_redirect_session_id
Definition: uimain.c:67
VCHANNEL g_channels[]
Definition: channels.c:32
#define out_uint8s(s, n)
Definition: parse.h:95
Definition: types.h:44
GLenum GLuint GLenum GLsizei length
Definition: glext.h:5579
GLbitfield flags
Definition: glext.h:7161
int g_server_depth
Definition: uimain.c:41
unsigned int g_keylayout
Definition: uimain.c:44
#define SEC_CC_REDIRECT_SESSIONID_FIELD_VALID
Definition: constants.h:131
#define SEC_CC_REDIRECTION_SUPPORTED
Definition: constants.h:130
GLdouble s
Definition: gl.h:2039
unsigned int g_num_channels
Definition: channels.c:33
#define out_uint32_be(s, v)
Definition: parse.h:78
#define DEBUG_RDP5(args)
Definition: rdesktop.h:141
int g_width
Definition: uimain.c:42
int g_height
Definition: uimain.c:43
void rdp_out_unistr(STREAM s, char *string, int len)
Definition: rdp.c:188
#define out_uint16_be(s, v)
Definition: parse.h:77
Definition: name.c:36
#define out_uint32(s, v)
Definition: parse.h:85
int g_keyboard_type
Definition: uimain.c:45
#define s_mark_end(s)
Definition: parse.h:41

Referenced by sec_connect().

◆ sec_parse_crypt_info()

static RD_BOOL sec_parse_crypt_info ( STREAM  s,
uint32 rc4_key_size,
uint8 **  server_random,
uint8 modulus,
uint8 exponent 
)
static

Definition at line 652 of file secure.c.

654 {
655  uint32 crypt_level, random_len, rsa_info_len;
656  uint32 cacert_len, cert_len, flags;
657  PCCERT_CONTEXT cacert, server_cert;
658  BYTE *server_public_key;
659  uint16 tag, length;
660  uint8 *next_tag, *end;
661 
662  in_uint32_le(s, *rc4_key_size); /* 1 = 40-bit, 2 = 128-bit */
663  in_uint32_le(s, crypt_level); /* 1 = low, 2 = medium, 3 = high */
664  if (crypt_level == 0)
665  {
666  /* no encryption */
667  return False;
668  }
669 
670  in_uint32_le(s, random_len);
671  in_uint32_le(s, rsa_info_len);
672 
673  if (random_len != SEC_RANDOM_SIZE)
674  {
675  error("random len %d, expected %d\n", random_len, SEC_RANDOM_SIZE);
676  return False;
677  }
678 
679  in_uint8p(s, *server_random, random_len);
680 
681  /* RSA info */
682  end = s->p + rsa_info_len;
683  if (end > s->end)
684  return False;
685 
686  in_uint32_le(s, flags); /* 1 = RDP4-style, 0x80000002 = X.509 */
687  if (flags & 1)
688  {
689  DEBUG_RDP5(("We're going for the RDP4-style encryption\n"));
690  in_uint8s(s, 8); /* unknown */
691 
692  while (s->p < end)
693  {
694  in_uint16_le(s, tag);
696 
697  next_tag = s->p + length;
698 
699  switch (tag)
700  {
701  case SEC_TAG_PUBKEY:
702  if (!sec_parse_public_key(s, modulus, exponent))
703  return False;
704  DEBUG_RDP5(("Got Public key, RDP4-style\n"));
705 
706  break;
707 
708  case SEC_TAG_KEYSIG:
709  if (!sec_parse_public_sig(s, length, modulus, exponent))
710  return False;
711  break;
712 
713  default:
714  unimpl("crypt tag 0x%x\n", tag);
715  }
716 
717  s->p = next_tag;
718  }
719  }
720  else
721  {
722  uint32 certcount;
723 
724  DEBUG_RDP5(("We're going for the RDP5-style encryption\n"));
725  in_uint32_le(s, certcount); /* Number of certificates */
726  if (certcount < 2)
727  {
728  error("Server didn't send enough X509 certificates\n");
729  return False;
730  }
731  for (; certcount > 2; certcount--)
732  { /* ignore all the certificates between the root and the signing CA */
733  uint32 ignorelen;
734  PCCERT_CONTEXT ignorecert;
735 
736  DEBUG_RDP5(("Ignored certs left: %d\n", certcount));
737  in_uint32_le(s, ignorelen);
738  DEBUG_RDP5(("Ignored Certificate length is %d\n", ignorelen));
739  ignorecert = rdssl_cert_read(s->p, ignorelen);
740  in_uint8s(s, ignorelen);
741  if (ignorecert == NULL)
742  { /* XXX: error out? */
743  DEBUG_RDP5(("got a bad cert: this will probably screw up the rest of the communication\n"));
744  }
745 
746 #ifdef WITH_DEBUG_RDP5
747  DEBUG_RDP5(("cert #%d (ignored):\n", certcount));
748  rdssl_cert_print_fp(stdout, ignorecert);
749 #endif
750  }
751  /* Do da funky X.509 stuffy
752 
753  "How did I find out about this? I looked up and saw a
754  bright light and when I came to I had a scar on my forehead
755  and knew about X.500"
756  - Peter Gutman in a early version of
757  http://www.cs.auckland.ac.nz/~pgut001/pubs/x509guide.txt
758  */
759  in_uint32_le(s, cacert_len);
760  DEBUG_RDP5(("CA Certificate length is %d\n", cacert_len));
761  cacert = rdssl_cert_read(s->p, cacert_len);
762  in_uint8s(s, cacert_len);
763  if (NULL == cacert)
764  {
765  error("Couldn't load CA Certificate from server\n");
766  return False;
767  }
768  in_uint32_le(s, cert_len);
769  DEBUG_RDP5(("Certificate length is %d\n", cert_len));
770  server_cert = rdssl_cert_read(s->p, cert_len);
771  in_uint8s(s, cert_len);
772  if (NULL == server_cert)
773  {
774  rdssl_cert_free(cacert);
775  error("Couldn't load Certificate from server\n");
776  return False;
777  }
778  if (!rdssl_certs_ok(server_cert, cacert))
779  {
780  rdssl_cert_free(server_cert);
781  rdssl_cert_free(cacert);
782  error("Security error CA Certificate invalid\n");
783  return False;
784  }
785  rdssl_cert_free(cacert);
786  in_uint8s(s, 16); /* Padding */
787  server_public_key = rdssl_cert_to_rkey(server_cert, &g_server_public_key_len);
788  if (NULL == server_public_key)
789  {
790  DEBUG_RDP5(("Didn't parse X509 correctly\n"));
791  rdssl_cert_free(server_cert);
792  return False;
793  }
794  rdssl_cert_free(server_cert);
797  {
798  error("Bad server public key size (%u bits)\n",
800  rdssl_rkey_free(server_public_key);
801  return False;
802  }
803  if (rdssl_rkey_get_exp_mod(server_public_key, exponent, SEC_EXPONENT_SIZE,
805  {
806  error("Problem extracting RSA exponent, modulus");
807  rdssl_rkey_free(server_public_key);
808  return False;
809  }
810  rdssl_rkey_free(server_public_key);
811  return True; /* There's some garbage here we don't care about */
812  }
813  return s_check_end(s);
814 }
void rdssl_rkey_free(uint8 *rkey)
Definition: ssl_calls.c:1777
#define error(str)
Definition: mkdosfs.c:1605
unsigned int uint32
Definition: types.h:32
#define SEC_TAG_PUBKEY
Definition: constants.h:124
#define SEC_MODULUS_SIZE
Definition: secure.c:111
Definition: ecma_167.h:138
#define SEC_MAX_MODULUS_SIZE
Definition: constants.h:93
RD_BOOL rdssl_certs_ok(PCCERT_CONTEXT server_cert, PCCERT_CONTEXT cacert)
Definition: ssl_calls.c:1743
GLuint GLuint end
Definition: gl.h:1545
#define in_uint8p(s, v, n)
Definition: parse.h:89
int rdssl_rkey_get_exp_mod(uint8 *rkey, uint8 *exponent, uint32 max_exp_len, uint8 *modulus, uint32 max_mod_len)
Definition: ssl_calls.c:1762
FILE * stdout
static RD_BOOL sec_parse_public_key(STREAM s, uint8 *modulus, uint8 *exponent)
Definition: secure.c:599
static uint32 g_server_public_key_len
Definition: secure.c:96
smooth NULL
Definition: ftsmooth.c:416
#define in_uint8s(s, n)
Definition: parse.h:91
#define s_check_end(s)
Definition: parse.h:44
#define True
Definition: types.h:24
#define False
Definition: types.h:25
#define SEC_EXPONENT_SIZE
Definition: constants.h:95
GLenum GLuint GLenum GLsizei length
Definition: glext.h:5579
#define SEC_RANDOM_SIZE
Definition: constants.h:91
unsigned char uint8
Definition: types.h:28
GLbitfield flags
Definition: glext.h:7161
unsigned char BYTE
Definition: mem.h:68
GLdouble s
Definition: gl.h:2039
void rdssl_cert_free(PCCERT_CONTEXT context)
Definition: ssl_calls.c:1656
#define SEC_TAG_KEYSIG
Definition: constants.h:125
#define DEBUG_RDP5(args)
Definition: rdesktop.h:141
unsigned short uint16
Definition: types.h:30
static RD_BOOL sec_parse_public_sig(STREAM s, uint32 len, uint8 *modulus, uint8 *exponent)
Definition: secure.c:629
uint8 * rdssl_cert_to_rkey(PCCERT_CONTEXT cert, uint32 *key_len)
Definition: ssl_calls.c:1663
void unimpl(char *format,...)
Definition: uimain.c:801
PCCERT_CONTEXT rdssl_cert_read(uint8 *data, uint32 len)
Definition: ssl_calls.c:1639
#define in_uint32_le(s, v)
Definition: parse.h:56
#define in_uint16_le(s, v)
Definition: parse.h:55
char * tag
Definition: main.c:59

Referenced by sec_process_crypt_info().

◆ sec_parse_public_key()

static RD_BOOL sec_parse_public_key ( STREAM  s,
uint8 modulus,
uint8 exponent 
)
static

Definition at line 599 of file secure.c.

600 {
601  uint32 magic, modulus_len;
602 
603  in_uint32_le(s, magic);
604  if (magic != SEC_RSA_MAGIC)
605  {
606  error("RSA magic 0x%x\n", magic);
607  return False;
608  }
609 
610  in_uint32_le(s, modulus_len);
611  modulus_len -= SEC_PADDING_SIZE;
612  if ((modulus_len < SEC_MODULUS_SIZE) || (modulus_len > SEC_MAX_MODULUS_SIZE))
613  {
614  error("Bad server public key size (%u bits)\n", modulus_len * 8);
615  return False;
616  }
617 
618  in_uint8s(s, 8); /* modulus_bits, unknown */
619  in_uint8a(s, exponent, SEC_EXPONENT_SIZE);
620  in_uint8a(s, modulus, modulus_len);
622  g_server_public_key_len = modulus_len;
623 
624  return s_check(s);
625 }
#define SEC_RSA_MAGIC
Definition: constants.h:127
#define error(str)
Definition: mkdosfs.c:1605
unsigned int uint32
Definition: types.h:32
#define SEC_MODULUS_SIZE
Definition: secure.c:111
u32_t magic(void)
#define SEC_MAX_MODULUS_SIZE
Definition: constants.h:93
#define s_check(s)
Definition: parse.h:42
static uint32 g_server_public_key_len
Definition: secure.c:96
#define in_uint8s(s, n)
Definition: parse.h:91
#define False
Definition: types.h:25
#define SEC_EXPONENT_SIZE
Definition: constants.h:95
#define SEC_PADDING_SIZE
Definition: constants.h:94
GLdouble s
Definition: gl.h:2039
#define in_uint8a(s, v, n)
Definition: parse.h:90
#define in_uint32_le(s, v)
Definition: parse.h:56

Referenced by sec_parse_crypt_info().

◆ sec_parse_public_sig()

static RD_BOOL sec_parse_public_sig ( STREAM  s,
uint32  len,
uint8 modulus,
uint8 exponent 
)
static

Definition at line 629 of file secure.c.

630 {
631  uint8 signature[SEC_MAX_MODULUS_SIZE];
632  uint8 signature_[SEC_MAX_MODULUS_SIZE];
633  uint32 sig_len;
634 
635  if (len != 72)
636  {
637  return True;
638  }
639  memset(signature, 0, sizeof(signature));
640  sig_len = len - 8;
641  in_uint8a(s, signature, sig_len);
642  if(rdssl_sign_ok((char *)exponent, SEC_EXPONENT_SIZE, (char *)modulus, g_server_public_key_len,
643  (char *)signature_, SEC_MODULUS_SIZE, (char *)signature, sig_len, (char *)g_testkey))
644  {
645  DEBUG_RDP5(("key signature doesn't match test key\n"));
646  }
647  return s_check(s);
648 }
unsigned int uint32
Definition: types.h:32
#define SEC_MODULUS_SIZE
Definition: secure.c:111
#define SEC_MAX_MODULUS_SIZE
Definition: constants.h:93
#define s_check(s)
Definition: parse.h:42
static uint32 g_server_public_key_len
Definition: secure.c:96
#define True
Definition: types.h:24
#define SEC_EXPONENT_SIZE
Definition: constants.h:95
unsigned char uint8
Definition: types.h:28
GLenum GLsizei len
Definition: glext.h:6722
GLdouble s
Definition: gl.h:2039
static uint8 g_testkey[176]
Definition: secure.c:113
#define in_uint8a(s, v, n)
Definition: parse.h:90
#define DEBUG_RDP5(args)
Definition: rdesktop.h:141
int rdssl_sign_ok(char *e_data, int e_len, char *n_data, int n_len, char *sign_data, int sign_len, char *sign_data2, int sign_len2, char *testkey)
Definition: ssl_calls.c:1594
#define memset(x, y, z)
Definition: compat.h:39

Referenced by sec_parse_crypt_info().

◆ sec_process_crypt_info()

static void sec_process_crypt_info ( STREAM  s)
static

Definition at line 818 of file secure.c.

819 {
820  uint8 *server_random = NULL;
822  uint8 exponent[SEC_EXPONENT_SIZE];
823  uint32 rc4_key_size;
824 
825  memset(modulus, 0, sizeof(modulus));
826  memset(exponent, 0, sizeof(exponent));
827  if (!sec_parse_crypt_info(s, &rc4_key_size, &server_random, modulus, exponent))
828  {
829  DEBUG(("Failed to parse crypt info\n"));
830  return;
831  }
832  DEBUG(("Generating client random\n"));
835  g_server_public_key_len, modulus, exponent);
836  sec_generate_keys(g_client_random, server_random, rc4_key_size);
837 }
static RD_BOOL sec_parse_crypt_info(STREAM s, uint32 *rc4_key_size, uint8 **server_random, uint8 *modulus, uint8 *exponent)
Definition: secure.c:652
unsigned int uint32
Definition: types.h:32
#define SEC_MAX_MODULUS_SIZE
Definition: constants.h:93
static void sec_rsa_encrypt(uint8 *out, uint8 *in, int len, uint32 modulus_size, uint8 *modulus, uint8 *exponent)
Definition: secure.c:411
static uint32 g_server_public_key_len
Definition: secure.c:96
smooth NULL
Definition: ftsmooth.c:416
#define SEC_EXPONENT_SIZE
Definition: constants.h:95
#define SEC_RANDOM_SIZE
Definition: constants.h:91
unsigned char uint8
Definition: types.h:28
GLdouble s
Definition: gl.h:2039
static uint8 g_sec_crypted_random[SEC_MAX_MODULUS_SIZE]
Definition: secure.c:103
static void sec_generate_keys(uint8 *client_random, uint8 *server_random, int rc4_key_size)
Definition: secure.c:238
void generate_random(uint8 *random)
Definition: uimain.c:709
#define DEBUG(args)
Definition: rdesktop.h:129
uint8 g_client_random[SEC_RANDOM_SIZE]
Definition: uimain.c:78
#define memset(x, y, z)
Definition: compat.h:39

Referenced by sec_process_mcs_data().

◆ sec_process_mcs_data()

void sec_process_mcs_data ( STREAM  s)

Definition at line 856 of file secure.c.

857 {
858  uint16 tag, length;
859  uint8 *next_tag;
860  uint8 len;
861 
862  in_uint8s(s, 21); /* header (T.124 ConferenceCreateResponse) */
863  in_uint8(s, len);
864  if (len & 0x80)
865  in_uint8(s, len);
866 
867  while (s->p < s->end)
868  {
869  in_uint16_le(s, tag);
871 
872  if (length <= 4)
873  return;
874 
875  next_tag = s->p + length - 4;
876 
877  switch (tag)
878  {
879  case SEC_TAG_SRV_INFO:
881  break;
882 
883  case SEC_TAG_SRV_CRYPT:
885  break;
886 
888  /* FIXME: We should parse this information and
889  use it to map RDP5 channels to MCS
890  channels */
891  break;
892 
893  default:
894  unimpl("response tag 0x%x\n", tag);
895  }
896 
897  s->p = next_tag;
898  }
899 }
Definition: ecma_167.h:138
#define in_uint8s(s, n)
Definition: parse.h:91
static void sec_process_srv_info(STREAM s)
Definition: secure.c:842
#define SEC_TAG_SRV_CHANNELS
Definition: constants.h:117
GLenum GLuint GLenum GLsizei length
Definition: glext.h:5579
unsigned char uint8
Definition: types.h:28
GLenum GLsizei len
Definition: glext.h:6722
GLdouble s
Definition: gl.h:2039
#define SEC_TAG_SRV_CRYPT
Definition: constants.h:116
unsigned short uint16
Definition: types.h:30
#define in_uint8(s, v)
Definition: parse.h:88
static void sec_process_crypt_info(STREAM s)
Definition: secure.c:818
void unimpl(char *format,...)
Definition: uimain.c:801
#define SEC_TAG_SRV_INFO
Definition: constants.h:115
#define in_uint16_le(s, v)
Definition: parse.h:55
char * tag
Definition: main.c:59

Referenced by mcs_recv_connect_response().

◆ sec_process_srv_info()

static void sec_process_srv_info ( STREAM  s)
static

Definition at line 842 of file secure.c.

843 {
845  DEBUG_RDP5(("Server RDP version is %d\n", g_server_rdp_version));
846  if (1 == g_server_rdp_version)
847  {
849  g_server_depth = 8;
850  }
851 }
RDP_VERSION g_rdp_version
Definition: uimain.c:74
uint16 g_server_rdp_version
Definition: secure.c:105
int g_server_depth
Definition: uimain.c:41
GLdouble s
Definition: gl.h:2039
Definition: types.h:43
#define DEBUG_RDP5(args)
Definition: rdesktop.h:141
#define in_uint16_le(s, v)
Definition: parse.h:55

Referenced by sec_process_mcs_data().

◆ sec_recv()

STREAM sec_recv ( uint8 rdpver)

Definition at line 903 of file secure.c.

904 {
905  uint16 sec_flags;
906  /* uint16 sec_flags_hi; */
907  uint16 channel;
908  STREAM s;
909 
910  while ((s = mcs_recv(&channel, rdpver)) != NULL)
911  {
912  if (rdpver != NULL)
913  {
914  if (*rdpver != 3)
915  {
916  if (*rdpver & 0x80)
917  {
918  in_uint8s(s, 8); /* signature */
919  sec_decrypt(s->p, s->end - s->p);
920  }
921  return s;
922  }
923  }
925  {
926  /* TS_SECURITY_HEADER */
927  in_uint16_le(s, sec_flags);
928  in_uint8s(s, 2); /* sec_flags_hi */
929 
930  if (g_encryption)
931  {
932  if (sec_flags & SEC_ENCRYPT)
933  {
934  in_uint8s(s, 8); /* signature */
935  sec_decrypt(s->p, s->end - s->p);
936  }
937 
938  if (sec_flags & SEC_LICENSE_PKT)
939  {
941  continue;
942  }
943 
944  if (sec_flags & SEC_REDIRECTION_PKT) /* SEC_REDIRECT_ENCRYPT */
945  {
946  uint8 swapbyte;
947 
948  in_uint8s(s, 8); /* signature */
949  sec_decrypt(s->p, s->end - s->p);
950 
951  /* Check for a redirect packet, starts with 00 04 */
952  if (s->p[0] == 0 && s->p[1] == 4)
953  {
954  /* for some reason the PDU and the length seem to be swapped.
955  This isn't good, but we're going to do a byte for byte
956  swap. So the first four values appear as: 00 04 XX YY,
957  where XX YY is the little endian length. We're going to
958  use 04 00 as the PDU type, so after our swap this will look
959  like: XX YY 04 00 */
960  swapbyte = s->p[0];
961  s->p[0] = s->p[2];
962  s->p[2] = swapbyte;
963 
964  swapbyte = s->p[1];
965  s->p[1] = s->p[3];
966  s->p[3] = swapbyte;
967 
968  swapbyte = s->p[2];
969  s->p[2] = s->p[3];
970  s->p[3] = swapbyte;
971  }
972 #ifdef WITH_DEBUG
973  /* warning! this debug statement will show passwords in the clear! */
974  hexdump(s->p, s->end - s->p);
975 #endif
976  }
977  }
978  else
979  {
980  if (sec_flags & SEC_LICENSE_PKT)
981  {
983  continue;
984  }
985  s->p -= 4;
986  }
987  }
988 
989  if (channel != MCS_GLOBAL_CHANNEL)
990  {
991  channel_process(s, channel);
992  if (rdpver != NULL)
993  *rdpver = 0xff;
994  return s;
995  }
996 
997  return s;
998  }
999 
1000  return NULL;
1001 }
RD_BOOL g_licence_issued
Definition: licence.c:44
void channel_process(STREAM s, uint16 mcs_channel)
Definition: channels.c:138
void sec_decrypt(uint8 *data, int length)
Definition: secure.c:396
#define MCS_GLOBAL_CHANNEL
Definition: constants.h:87
RD_BOOL g_encryption
Definition: uimain.c:40
smooth NULL
Definition: ftsmooth.c:416
#define SEC_LICENSE_PKT
Definition: constants.h:105
#define in_uint8s(s, n)
Definition: parse.h:91
#define SEC_ENCRYPT
Definition: constants.h:101
unsigned char uint8
Definition: types.h:28
Definition: parse.h:22
STREAM mcs_recv(uint16 *channel, uint8 *rdpver)
Definition: mcs.c:280
GLdouble s
Definition: gl.h:2039
void hexdump(unsigned char *p, unsigned int len)
Definition: shimdbg.c:234
#define SEC_REDIRECTION_PKT
Definition: constants.h:108
unsigned short uint16
Definition: types.h:30
void licence_process(STREAM s)
Definition: licence.c:378
RD_BOOL g_licence_error_result
Definition: licence.c:45
#define in_uint16_le(s, v)
Definition: parse.h:55

Referenced by rdp_recv().

◆ sec_reset_state()

void sec_reset_state ( void  )

Definition at line 1039 of file secure.c.

1040 {
1044  g_licence_issued = 0;
1046  mcs_reset_state();
1047 }
RD_BOOL g_licence_issued
Definition: licence.c:44
void mcs_reset_state(void)
Definition: mcs.c:363
uint16 g_server_rdp_version
Definition: secure.c:105
static int g_sec_decrypt_use_count
Definition: secure.c:109
static int g_sec_encrypt_use_count
Definition: secure.c:108
RD_BOOL g_licence_error_result
Definition: licence.c:45

Referenced by rdp_reset_state().

◆ sec_rsa_encrypt()

static void sec_rsa_encrypt ( uint8 out,
uint8 in,
int  len,
uint32  modulus_size,
uint8 modulus,
uint8 exponent 
)
static

Definition at line 411 of file secure.c.

413 {
414  rdssl_mod_exp((char *)out, 64, (char *)in, 32, (char *)modulus, 64, (char *)exponent, 4);
415 }
static FILE * out
Definition: regtests2xml.c:44
GLuint in
Definition: glext.h:9616
int rdssl_mod_exp(char *out, int out_len, char *in, int in_len, char *mod, int mod_len, char *exp, int exp_len)
Definition: ssl_calls.c:1485

Referenced by sec_process_crypt_info().

◆ sec_send()

void sec_send ( STREAM  s,
uint32  flags 
)

Definition at line 472 of file secure.c.

473 {
475 }
#define MCS_GLOBAL_CHANNEL
Definition: constants.h:87
GLbitfield flags
Definition: glext.h:7161
GLdouble s
Definition: gl.h:2039
void sec_send_to_channel(STREAM s, uint32 flags, uint16 channel)
Definition: secure.c:436

Referenced by licence_info(), licence_present(), licence_send_authresp(), licence_send_new_licence_request(), licence_send_platform_challenge_response(), licence_send_request(), rdp_send_confirm_active(), rdp_send_data(), rdp_send_logon_info(), and sec_establish_key().

◆ sec_send_to_channel()

void sec_send_to_channel ( STREAM  s,
uint32  flags,
uint16  channel 
)

Definition at line 436 of file secure.c.

437 {
438  int datalen;
439 
440 #ifdef WITH_SCARD
442 #endif
443 
447 
448  if (flags & SEC_ENCRYPT)
449  {
450  flags &= ~SEC_ENCRYPT;
451  datalen = s->end - s->p - 8;
452 
453 #ifdef WITH_DEBUG
454  DEBUG(("Sending encrypted packet:\n"));
455  hexdump(s->p + 8, datalen);
456 #endif
457 
458  sec_sign(s->p, 8, g_sec_sign_key, g_rc4_key_len, s->p + 8, datalen);
459  sec_encrypt(s->p + 8, datalen);
460  }
461 
462  mcs_send_to_channel(s, channel);
463 
464 #ifdef WITH_SCARD
466 #endif
467 }
void mcs_send_to_channel(STREAM s, uint16 channel)
Definition: mcs.c:254
RD_BOOL g_licence_issued
Definition: licence.c:44
static int g_rc4_key_len
Definition: secure.c:93
#define out_uint32_le(s, v)
Definition: parse.h:59
int const JOCTET unsigned int datalen
Definition: jpeglib.h:1027
void sec_sign(uint8 *signature, int siglen, uint8 *session_key, int keylen, uint8 *data, int datalen)
Definition: secure.c:314
#define s_pop_layer(s, h)
Definition: parse.h:40
static uint8 g_sec_sign_key[16]
Definition: secure.c:98
#define SEC_ENCRYPT
Definition: constants.h:101
void scard_unlock(int lock)
GLbitfield flags
Definition: glext.h:7161
GLdouble s
Definition: gl.h:2039
#define SCARD_LOCK_SEC
Definition: constants.h:580
static void sec_encrypt(uint8 *data, int length)
Definition: secure.c:381
void hexdump(unsigned char *p, unsigned int len)
Definition: shimdbg.c:234
void scard_lock(int lock)
unsigned char * sec_hdr
Definition: parse.h:32
#define DEBUG(args)
Definition: rdesktop.h:129
RD_BOOL g_licence_error_result
Definition: licence.c:45

Referenced by channel_send(), and sec_send().

◆ sec_sign()

void sec_sign ( uint8 signature,
int  siglen,
uint8 session_key,
int  keylen,
uint8 data,
int  datalen 
)

Definition at line 314 of file secure.c.

315 {
316  uint8 shasig[20];
317  uint8 md5sig[16];
318  uint8 lenhdr[4];
319  void * sha;
320  void * md5;
321 
322  buf_out_uint32(lenhdr, datalen);
323 
326  rdssl_sha1_transform(sha, (char *)session_key, keylen);
327  rdssl_sha1_transform(sha, (char *)pad_54, 40);
328  rdssl_sha1_transform(sha, (char *)lenhdr, 4);
330  rdssl_sha1_complete(sha, (char *)shasig);
332 
335  rdssl_md5_transform(md5, (char *)session_key, keylen);
336  rdssl_md5_transform(md5, (char *)pad_92, 48);
337  rdssl_md5_transform(md5, (char *)shasig, 20);
338  rdssl_md5_complete(md5, (char *)md5sig);
340 
341  memcpy(signature, md5sig, siglen);
342 }
static const WCHAR sha[]
Definition: oid.c:1218
void buf_out_uint32(uint8 *buffer, uint32 value)
Definition: secure.c:304
void rdssl_md5_info_delete(void *md5_info)
Definition: ssl_calls.c:421
int const JOCTET unsigned int datalen
Definition: jpeglib.h:1027
void * rdssl_md5_info_create(void)
Definition: ssl_calls.c:414
void rdssl_md5_clear(void *md5_info)
Definition: ssl_calls.c:428
void rdssl_sha1_clear(void *sha1_info)
Definition: ssl_calls.c:393
void rdssl_md5_complete(void *md5_info, char *data)
Definition: ssl_calls.c:442
void rdssl_sha1_info_delete(void *sha1_info)
Definition: ssl_calls.c:386
void rdssl_sha1_transform(void *sha1_info, char *data, int len)
Definition: ssl_calls.c:400
void * rdssl_sha1_info_create(void)
Definition: ssl_calls.c:379
void rdssl_sha1_complete(void *sha1_info, char *data)
Definition: ssl_calls.c:407
unsigned char uint8
Definition: types.h:28
static uint8 pad_54[40]
Definition: secure.c:288
static uint8 pad_92[48]
Definition: secure.c:295
GLint GLenum GLsizei GLsizei GLsizei GLint GLsizei const GLvoid * data
Definition: gl.h:1950
#define memcpy(s1, s2, n)
Definition: mkisofs.h:878
void rdssl_md5_transform(void *md5_info, char *data, int len)
Definition: ssl_calls.c:435
#define md5
Definition: compat-1.3.h:2010

Referenced by sec_send_to_channel().

◆ sec_update()

static void sec_update ( uint8 key,
uint8 update_key 
)
static

Definition at line 346 of file secure.c.

347 {
348  uint8 shasig[20];
349  void * sha;
350  void * md5;
351  void * update;
352 
355  rdssl_sha1_transform(sha, (char *)update_key, g_rc4_key_len);
356  rdssl_sha1_transform(sha, (char *)pad_54, 40);
358  rdssl_sha1_complete(sha, (char *)shasig);
360 
363  rdssl_md5_transform(md5, (char *)update_key, g_rc4_key_len);
364  rdssl_md5_transform(md5, (char *)pad_92, 48);
365  rdssl_md5_transform(md5, (char *)shasig, 20);
366  rdssl_md5_complete(md5, (char *)key);
368 
369 
370  update = rdssl_rc4_info_create();
371  rdssl_rc4_set_key(update, (char *)key, g_rc4_key_len);
372  rdssl_rc4_crypt(update, (char *)key, (char *)key, g_rc4_key_len);
373  rdssl_rc4_info_delete(update);
374 
375  if (g_rc4_key_len == 8)
377 }
static const WCHAR sha[]
Definition: oid.c:1218
void rdssl_rc4_crypt(void *rc4_info, char *in_data, char *out_data, int len)
Definition: ssl_calls.c:173
void rdssl_md5_info_delete(void *md5_info)
Definition: ssl_calls.c:421
static int g_rc4_key_len
Definition: secure.c:93
static void sec_make_40bit(uint8 *key)
Definition: secure.c:229
void * rdssl_md5_info_create(void)
Definition: ssl_calls.c:414
void rdssl_md5_clear(void *md5_info)
Definition: ssl_calls.c:428
void rdssl_sha1_clear(void *sha1_info)
Definition: ssl_calls.c:393
void rdssl_md5_complete(void *md5_info, char *data)
Definition: ssl_calls.c:442
void rdssl_sha1_info_delete(void *sha1_info)
Definition: ssl_calls.c:386
void rdssl_sha1_transform(void *sha1_info, char *data, int len)
Definition: ssl_calls.c:400
void * rdssl_sha1_info_create(void)
Definition: ssl_calls.c:379
void rdssl_sha1_complete(void *sha1_info, char *data)
Definition: ssl_calls.c:407
unsigned char uint8
Definition: types.h:28
static uint8 pad_54[40]
Definition: secure.c:288
static uint8 pad_92[48]
Definition: secure.c:295
void rdssl_rc4_info_delete(void *rc4_info)
Definition: ssl_calls.c:90
void * rdssl_rc4_info_create(void)
Definition: ssl_calls.c:51
void rdssl_md5_transform(void *md5_info, char *data, int len)
Definition: ssl_calls.c:435
#define md5
Definition: compat-1.3.h:2010
void rdssl_rc4_set_key(void *rc4_info, char *key, int len)
Definition: ssl_calls.c:123
Definition: path.c:42

Referenced by sec_decrypt(), and sec_encrypt().

Variable Documentation

◆ g_channels

VCHANNEL g_channels[]

Definition at line 32 of file channels.c.

Referenced by channel_process(), channel_register(), and sec_out_mcs_data().

◆ g_client_random

uint8 g_client_random[SEC_RANDOM_SIZE]

Definition at line 78 of file uimain.c.

Referenced by sec_process_crypt_info().

◆ g_console_session

RD_BOOL g_console_session

Definition at line 48 of file uimain.c.

Referenced by parse_parameters(), and sec_out_mcs_data().

◆ g_encryption

RD_BOOL g_encryption

Definition at line 40 of file uimain.c.

Referenced by sec_connect(), sec_out_mcs_data(), and sec_recv().

◆ g_height

int g_height

Definition at line 43 of file uimain.c.

Referenced by sec_out_mcs_data().

◆ g_hostname

char g_hostname[16]

Definition at line 26 of file uimain.c.

Referenced by sec_out_mcs_data().

◆ g_keyboard_functionkeys

int g_keyboard_functionkeys

Definition at line 47 of file uimain.c.

Referenced by sec_out_mcs_data().

◆ g_keyboard_subtype

int g_keyboard_subtype

Definition at line 46 of file uimain.c.

Referenced by sec_out_mcs_data().

◆ g_keyboard_type

int g_keyboard_type

Definition at line 45 of file uimain.c.

Referenced by sec_out_mcs_data().

◆ g_keylayout

unsigned int g_keylayout

Definition at line 44 of file uimain.c.

Referenced by sec_out_mcs_data().

◆ g_licence_error_result

RD_BOOL g_licence_error_result

◆ g_licence_issued

◆ g_num_channels

unsigned int g_num_channels

Definition at line 33 of file channels.c.

Referenced by channel_process(), channel_register(), and sec_out_mcs_data().

◆ g_rc4_decrypt_key

void* g_rc4_decrypt_key
static

Definition at line 94 of file secure.c.

Referenced by sec_decrypt(), and sec_generate_keys().

◆ g_rc4_encrypt_key

void* g_rc4_encrypt_key
static

Definition at line 95 of file secure.c.

Referenced by sec_encrypt(), and sec_generate_keys().

◆ g_rc4_key_len

int g_rc4_key_len
static

Definition at line 93 of file secure.c.

Referenced by sec_decrypt(), sec_encrypt(), sec_generate_keys(), sec_send_to_channel(), and sec_update().

◆ g_rdp_version

RDP_VERSION g_rdp_version

Definition at line 74 of file uimain.c.

Referenced by sec_out_mcs_data(), and sec_process_srv_info().

◆ g_redirect_session_id

uint32 g_redirect_session_id

Definition at line 67 of file uimain.c.

Referenced by sec_out_mcs_data().

◆ g_sec_crypted_random

uint8 g_sec_crypted_random[SEC_MAX_MODULUS_SIZE]
static

Definition at line 103 of file secure.c.

Referenced by sec_establish_key(), and sec_process_crypt_info().

◆ g_sec_decrypt_key

uint8 g_sec_decrypt_key[16]
static

Definition at line 99 of file secure.c.

Referenced by sec_decrypt(), and sec_generate_keys().

◆ g_sec_decrypt_update_key

uint8 g_sec_decrypt_update_key[16]
static

Definition at line 101 of file secure.c.

Referenced by sec_decrypt(), and sec_generate_keys().

◆ g_sec_decrypt_use_count

int g_sec_decrypt_use_count = 0
static

Definition at line 109 of file secure.c.

Referenced by sec_decrypt(), and sec_reset_state().

◆ g_sec_encrypt_key

uint8 g_sec_encrypt_key[16]
static

Definition at line 100 of file secure.c.

Referenced by sec_encrypt(), and sec_generate_keys().

◆ g_sec_encrypt_update_key

uint8 g_sec_encrypt_update_key[16]
static

Definition at line 102 of file secure.c.

Referenced by sec_encrypt(), and sec_generate_keys().

◆ g_sec_encrypt_use_count

int g_sec_encrypt_use_count = 0
static

Definition at line 108 of file secure.c.

Referenced by sec_encrypt(), and sec_reset_state().

◆ g_sec_sign_key

uint8 g_sec_sign_key[16]
static

Definition at line 98 of file secure.c.

Referenced by sec_generate_keys(), and sec_send_to_channel().

◆ g_server_depth

int g_server_depth

Definition at line 41 of file uimain.c.

Referenced by sec_out_mcs_data(), and sec_process_srv_info().

◆ g_server_public_key_len

uint32 g_server_public_key_len
static

◆ g_server_rdp_version

uint16 g_server_rdp_version = 0

Definition at line 105 of file secure.c.

Referenced by rdp_send_logon_info(), sec_process_srv_info(), and sec_reset_state().

◆ g_testkey

uint8 g_testkey[176]
static
Initial value:
=
{
0x01, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00,
0x01, 0x00, 0x00, 0x00, 0x06, 0x00, 0x5c, 0x00,
0x52, 0x53, 0x41, 0x31, 0x48, 0x00, 0x00, 0x00,
0x00, 0x02, 0x00, 0x00, 0x3f, 0x00, 0x00, 0x00,
0x01, 0x00, 0x01, 0x00, 0x79, 0x6f, 0xb4, 0xdf,
0xa6, 0x95, 0xb9, 0xa9, 0x61, 0xe3, 0xc4, 0x5e,
0xff, 0x6b, 0xd8, 0x81, 0x8a, 0x12, 0x4a, 0x93,
0x42, 0x97, 0x18, 0x93, 0xac, 0xd1, 0x3a, 0x38,
0x3c, 0x68, 0x50, 0x19, 0x31, 0xb6, 0x84, 0x51,
0x79, 0xfb, 0x1c, 0xe7, 0xe3, 0x99, 0x20, 0xc7,
0x84, 0xdf, 0xd1, 0xaa, 0xb5, 0x15, 0xef, 0x47,
0x7e, 0xfc, 0x88, 0xeb, 0x29, 0xc3, 0x27, 0x5a,
0x35, 0xf8, 0xfd, 0xaa, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00,
0x08, 0x00, 0x48, 0x00,
0x32, 0x3b, 0xde, 0x6f, 0x18, 0x97, 0x1e, 0xc3,
0x6b, 0x2b, 0x2d, 0xe4, 0xfc, 0x2d, 0xa2, 0x8e,
0x32, 0x3c, 0xf3, 0x1b, 0x24, 0x90, 0x57, 0x4d,
0x8e, 0xe4, 0x69, 0xfc, 0x16, 0x8d, 0x41, 0x92,
0x78, 0xc7, 0x9c, 0xb4, 0x26, 0xff, 0xe8, 0x3e,
0xa1, 0x8a, 0xf5, 0x57, 0xc0, 0x7f, 0x3e, 0x21,
0x17, 0x32, 0x30, 0x6f, 0x79, 0xe1, 0x36, 0xcd,
0xb6, 0x8e, 0xbe, 0x57, 0x57, 0xd2, 0xa9, 0x36
}

Definition at line 113 of file secure.c.

Referenced by sec_parse_public_sig().

◆ g_width

int g_width

Definition at line 42 of file uimain.c.

Referenced by sec_out_mcs_data().

◆ pad_54

uint8 pad_54[40]
static
Initial value:
= {
54, 54, 54, 54, 54, 54, 54, 54, 54, 54, 54, 54, 54, 54, 54, 54, 54,
54, 54, 54,
54, 54, 54, 54, 54, 54, 54, 54, 54, 54, 54, 54, 54, 54, 54, 54, 54,
54, 54, 54
}

Definition at line 288 of file secure.c.

Referenced by sec_sign(), and sec_update().

◆ pad_92

uint8 pad_92[48]
static
Initial value:
= {
92, 92, 92, 92, 92, 92, 92, 92, 92, 92, 92, 92, 92, 92, 92, 92, 92,
92, 92, 92, 92, 92, 92, 92,
92, 92, 92, 92, 92, 92, 92, 92, 92, 92, 92, 92, 92, 92, 92, 92, 92,
92, 92, 92, 92, 92, 92, 92
}

Definition at line 295 of file secure.c.

Referenced by sec_sign(), and sec_update().