--- sourceforge.net/trunk/rdesktop/licence.c 2003/04/16 13:04:15 367 +++ sourceforge.net/trunk/rdesktop/licence.c 2004/07/31 13:07:41 740 @@ -19,44 +19,39 @@ */ #include "rdesktop.h" - -#ifdef WITH_OPENSSL #include -#else -#include "crypto/rc4.h" -#endif -extern char username[16]; -extern char hostname[16]; +extern char g_username[16]; +extern char g_hostname[16]; -static uint8 licence_key[16]; -static uint8 licence_sign_key[16]; +static uint8 g_licence_key[16]; +static uint8 g_licence_sign_key[16]; -BOOL licence_issued = False; +BOOL g_licence_issued = False; /* Generate a session key and RC4 keys, given client and server randoms */ static void -licence_generate_keys(uint8 * client_key, uint8 * server_key, uint8 * client_rsa) +licence_generate_keys(uint8 * client_random, uint8 * server_random, uint8 * pre_master_secret) { - uint8 session_key[48]; - uint8 temp_hash[48]; + uint8 master_secret[48]; + uint8 key_block[48]; - /* Generate session key - two rounds of sec_hash_48 */ - sec_hash_48(temp_hash, client_rsa, client_key, server_key, 65); - sec_hash_48(session_key, temp_hash, server_key, client_key, 65); + /* Generate master secret and then key material */ + sec_hash_48(master_secret, pre_master_secret, client_random, server_random, 'A'); + sec_hash_48(key_block, master_secret, server_random, client_random, 'A'); - /* Store first 16 bytes of session key, for generating signatures */ - memcpy(licence_sign_key, session_key, 16); + /* Store first 16 bytes of session key as MAC secret */ + memcpy(g_licence_sign_key, key_block, 16); - /* Generate RC4 key */ - sec_hash_16(licence_key, &session_key[16], client_key, server_key); + /* Generate RC4 key from next 16 bytes */ + sec_hash_16(g_licence_key, &key_block[16], client_random, server_random); } static void licence_generate_hwid(uint8 * hwid) { buf_out_uint32(hwid, 2); - strncpy((char *) (hwid + 4), hostname, LICENCE_HWID_SIZE - 4); + strncpy((char *) (hwid + 4), g_hostname, LICENCE_HWID_SIZE - 4); } /* Present an existing licence to the server */ @@ -73,7 +68,7 @@ s = sec_init(sec_flags, length + 4); out_uint8(s, LICENCE_TAG_PRESENT); - out_uint8(s, 2); /* version */ + out_uint8(s, 2); /* version */ out_uint16_le(s, length); out_uint32_le(s, 1); @@ -113,7 +108,7 @@ s = sec_init(sec_flags, length + 2); out_uint8(s, LICENCE_TAG_REQUEST); - out_uint8(s, 2); /* version */ + out_uint8(s, 2); /* version */ out_uint16_le(s, length); out_uint32_le(s, 1); @@ -163,10 +158,10 @@ { /* Generate a signature for the HWID buffer */ licence_generate_hwid(hwid); - sec_sign(signature, 16, licence_sign_key, 16, hwid, sizeof(hwid)); + sec_sign(signature, 16, g_licence_sign_key, 16, hwid, sizeof(hwid)); /* Now encrypt the HWID */ - RC4_set_key(&crypt_key, 16, licence_key); + RC4_set_key(&crypt_key, 16, g_licence_key); RC4(&crypt_key, sizeof(hwid), hwid, hwid); licence_present(null_data, null_data, licence_data, licence_size, hwid, signature); @@ -174,7 +169,7 @@ return; } - licence_send_request(null_data, null_data, username, hostname); + licence_send_request(null_data, null_data, g_username, g_hostname); } /* Send an authentication response packet */ @@ -188,7 +183,7 @@ s = sec_init(sec_flags, length + 2); out_uint8(s, LICENCE_TAG_AUTHRESP); - out_uint8(s, 2); /* version */ + out_uint8(s, 2); /* version */ out_uint16_le(s, length); out_uint16_le(s, 1); @@ -242,17 +237,17 @@ memcpy(out_token, in_token, LICENCE_TOKEN_SIZE); /* Decrypt the token. It should read TEST in Unicode. */ - RC4_set_key(&crypt_key, 16, licence_key); + RC4_set_key(&crypt_key, 16, g_licence_key); RC4(&crypt_key, LICENCE_TOKEN_SIZE, in_token, decrypt_token); /* Generate a signature for a buffer of token and HWID */ licence_generate_hwid(hwid); memcpy(sealed_buffer, decrypt_token, LICENCE_TOKEN_SIZE); memcpy(sealed_buffer + LICENCE_TOKEN_SIZE, hwid, LICENCE_HWID_SIZE); - sec_sign(out_sig, 16, licence_sign_key, 16, sealed_buffer, sizeof(sealed_buffer)); + sec_sign(out_sig, 16, g_licence_sign_key, 16, sealed_buffer, sizeof(sealed_buffer)); /* Now encrypt the HWID */ - RC4_set_key(&crypt_key, 16, licence_key); + RC4_set_key(&crypt_key, 16, g_licence_key); RC4(&crypt_key, LICENCE_HWID_SIZE, hwid, crypt_hwid); licence_send_authresp(out_token, crypt_hwid, out_sig); @@ -272,14 +267,14 @@ if (!s_check_rem(s, length)) return; - RC4_set_key(&crypt_key, 16, licence_key); + RC4_set_key(&crypt_key, 16, g_licence_key); RC4(&crypt_key, length, s->p, s->p); in_uint16(s, check); if (check != 0) return; - licence_issued = True; + g_licence_issued = True; in_uint8s(s, 2); /* pad */ @@ -293,7 +288,7 @@ return; } - licence_issued = True; + g_licence_issued = True; save_licence(s->p, length); }