| 1 |
/* |
/* |
| 2 |
rdesktop: A Remote Desktop Protocol client. |
rdesktop: A Remote Desktop Protocol client. |
| 3 |
Protocol services - RDP encryption and licensing |
Protocol services - RDP encryption and licensing |
| 4 |
Copyright (C) Matthew Chapman 1999-2000 |
Copyright (C) Matthew Chapman 1999-2001 |
| 5 |
|
|
| 6 |
This program is free software; you can redistribute it and/or modify |
This program is free software; you can redistribute it and/or modify |
| 7 |
it under the terms of the GNU General Public License as published by |
it under the terms of the GNU General Public License as published by |
| 28 |
extern int width; |
extern int width; |
| 29 |
extern int height; |
extern int height; |
| 30 |
extern int keylayout; |
extern int keylayout; |
| 31 |
|
extern BOOL encryption; |
| 32 |
|
extern BOOL licence_issued; |
| 33 |
|
|
| 34 |
static int rc4_key_len; |
static int rc4_key_len; |
| 35 |
static RC4_KEY rc4_decrypt_key; |
static RC4_KEY rc4_decrypt_key; |
| 126 |
|
|
| 127 |
if (rc4_key_size == 1) |
if (rc4_key_size == 1) |
| 128 |
{ |
{ |
| 129 |
DEBUG("40-bit encryption enabled\n"); |
DEBUG(("40-bit encryption enabled\n")); |
| 130 |
sec_make_40bit(sec_sign_key); |
sec_make_40bit(sec_sign_key); |
| 131 |
sec_make_40bit(sec_decrypt_key); |
sec_make_40bit(sec_decrypt_key); |
| 132 |
sec_make_40bit(sec_encrypt_key); |
sec_make_40bit(sec_encrypt_key); |
| 134 |
} |
} |
| 135 |
else |
else |
| 136 |
{ |
{ |
| 137 |
DEBUG("128-bit encryption enabled\n"); |
DEBUG(("128-bit encryption enabled\n")); |
| 138 |
rc4_key_len = 16; |
rc4_key_len = 16; |
| 139 |
} |
} |
| 140 |
|
|
| 314 |
int hdrlen; |
int hdrlen; |
| 315 |
STREAM s; |
STREAM s; |
| 316 |
|
|
| 317 |
hdrlen = (flags & SEC_ENCRYPT) ? 12 : 4; |
if (!licence_issued) |
| 318 |
|
hdrlen = (flags & SEC_ENCRYPT) ? 12 : 4; |
| 319 |
|
else |
| 320 |
|
hdrlen = (flags & SEC_ENCRYPT) ? 12 : 0; |
| 321 |
s = mcs_init(maxlen + hdrlen); |
s = mcs_init(maxlen + hdrlen); |
| 322 |
s_push_layer(s, sec_hdr, hdrlen); |
s_push_layer(s, sec_hdr, hdrlen); |
| 323 |
|
|
| 331 |
int datalen; |
int datalen; |
| 332 |
|
|
| 333 |
s_pop_layer(s, sec_hdr); |
s_pop_layer(s, sec_hdr); |
| 334 |
out_uint32_le(s, flags); |
if (!licence_issued || (flags & SEC_ENCRYPT)) |
| 335 |
|
out_uint32_le(s, flags); |
| 336 |
|
|
| 337 |
if (flags & SEC_ENCRYPT) |
if (flags & SEC_ENCRYPT) |
| 338 |
{ |
{ |
| 339 |
flags &= ~SEC_ENCRYPT; |
flags &= ~SEC_ENCRYPT; |
| 340 |
datalen = s->end - s->p - 8; |
datalen = s->end - s->p - 8; |
| 341 |
|
|
| 342 |
#if RDP_DEBUG |
#if WITH_DEBUG |
| 343 |
DEBUG("Sending encrypted packet:\n"); |
DEBUG(("Sending encrypted packet:\n")); |
| 344 |
hexdump(s->p + 8, datalen); |
hexdump(s->p + 8, datalen); |
| 345 |
#endif |
#endif |
| 346 |
|
|
| 418 |
/* Client encryption settings */ |
/* Client encryption settings */ |
| 419 |
out_uint16_le(s, SEC_TAG_CLI_CRYPT); |
out_uint16_le(s, SEC_TAG_CLI_CRYPT); |
| 420 |
out_uint16(s, 8); /* length */ |
out_uint16(s, 8); /* length */ |
| 421 |
out_uint32_le(s, 1); /* encryption enabled */ |
out_uint32_le(s, encryption ? 1 : 0); /* encryption enabled */ |
| 422 |
s_mark_end(s); |
s_mark_end(s); |
| 423 |
} |
} |
| 424 |
|
|
| 431 |
in_uint32_le(s, magic); |
in_uint32_le(s, magic); |
| 432 |
if (magic != SEC_RSA_MAGIC) |
if (magic != SEC_RSA_MAGIC) |
| 433 |
{ |
{ |
| 434 |
ERROR("RSA magic 0x%x\n", magic); |
error("RSA magic 0x%x\n", magic); |
| 435 |
return False; |
return False; |
| 436 |
} |
} |
| 437 |
|
|
| 438 |
in_uint32_le(s, modulus_len); |
in_uint32_le(s, modulus_len); |
| 439 |
if (modulus_len != SEC_MODULUS_SIZE + SEC_PADDING_SIZE) |
if (modulus_len != SEC_MODULUS_SIZE + SEC_PADDING_SIZE) |
| 440 |
{ |
{ |
| 441 |
ERROR("modulus len 0x%x\n", modulus_len); |
error("modulus len 0x%x\n", modulus_len); |
| 442 |
return False; |
return False; |
| 443 |
} |
} |
| 444 |
|
|
| 466 |
|
|
| 467 |
if (random_len != SEC_RANDOM_SIZE) |
if (random_len != SEC_RANDOM_SIZE) |
| 468 |
{ |
{ |
| 469 |
ERROR("random len %d\n", random_len); |
error("random len %d\n", random_len); |
| 470 |
return False; |
return False; |
| 471 |
} |
} |
| 472 |
|
|
| 501 |
break; |
break; |
| 502 |
|
|
| 503 |
default: |
default: |
| 504 |
NOTIMP("crypt tag 0x%x\n", tag); |
unimpl("crypt tag 0x%x\n", tag); |
| 505 |
} |
} |
| 506 |
|
|
| 507 |
s->p = next_tag; |
s->p = next_tag; |
| 559 |
break; |
break; |
| 560 |
|
|
| 561 |
default: |
default: |
| 562 |
NOTIMP("response tag 0x%x\n", tag); |
unimpl("response tag 0x%x\n", tag); |
| 563 |
} |
} |
| 564 |
|
|
| 565 |
s->p = next_tag; |
s->p = next_tag; |
| 575 |
|
|
| 576 |
while ((s = mcs_recv()) != NULL) |
while ((s = mcs_recv()) != NULL) |
| 577 |
{ |
{ |
| 578 |
in_uint32_le(s, sec_flags); |
if (encryption || !licence_issued) |
|
|
|
|
if (sec_flags & SEC_LICENCE_NEG) |
|
| 579 |
{ |
{ |
| 580 |
licence_process(s); |
in_uint32_le(s, sec_flags); |
|
continue; |
|
|
} |
|
| 581 |
|
|
| 582 |
if (sec_flags & SEC_ENCRYPT) |
if (sec_flags & SEC_LICENCE_NEG) |
| 583 |
{ |
{ |
| 584 |
in_uint8s(s, 8); /* signature */ |
licence_process(s); |
| 585 |
sec_decrypt(s->p, s->end - s->p); |
continue; |
| 586 |
|
} |
| 587 |
|
|
| 588 |
|
if (sec_flags & SEC_ENCRYPT) |
| 589 |
|
{ |
| 590 |
|
in_uint8s(s, 8); /* signature */ |
| 591 |
|
sec_decrypt(s->p, s->end - s->p); |
| 592 |
|
} |
| 593 |
} |
} |
| 594 |
|
|
| 595 |
return s; |
return s; |
| 613 |
return False; |
return False; |
| 614 |
|
|
| 615 |
sec_process_mcs_data(&mcs_data); |
sec_process_mcs_data(&mcs_data); |
| 616 |
sec_establish_key(); |
if (encryption) |
| 617 |
|
sec_establish_key(); |
| 618 |
return True; |
return True; |
| 619 |
} |
} |
| 620 |
|
|
Parent Directory
| 
Revision Log
| 
Patch