/[rdesktop]/sourceforge.net/trunk/rdesktop/secure.c

This is repository of my old source code which isn't updated any more. Go to git.rot13.org for current projects!

Diff of /sourceforge.net/trunk/rdesktop/secure.c

Parent Directory | Revision Log | View Patch Patch

-revision 1236 by astrand,
Mon Mar 27 08:17:34 2006 UTC
+revision 1237 by matthewc,
Wed Jun 14 08:26:00 2006 UTC
 Line 46 
 static int rc4_key_len;
  static RC4_KEY rc4_decrypt_key;
  static RC4_KEY rc4_encrypt_key;
  static RSA *server_public_key;
+ static uint32 server_public_key_len;
  static uint8 sec_sign_key[16];
  static uint8 sec_decrypt_key[16];
  static uint8 sec_encrypt_key[16];
  static uint8 sec_decrypt_update_key[16];
  static uint8 sec_encrypt_update_key[16];
- static uint8 sec_crypted_random[SEC_MODULUS_SIZE];
+ static uint8 sec_crypted_random[SEC_MAX_MODULUS_SIZE];
  uint16 g_server_rdp_version = 0;
-Line 297 
 reverse(uint8 * p, int len)
+Line 298 
 reverse(uint8 * p, int len)
  /* Perform an RSA public key encryption operation */
  static void
- sec_rsa_encrypt(uint8 * out, uint8 * in, int len, uint8 * modulus, uint8 * exponent)
+ sec_rsa_encrypt(uint8 * out, uint8 * in, int len, uint32 modulus_size, uint8 * modulus, uint8 * exponent)
  {
          BN_CTX *ctx;
          BIGNUM mod, exp, x, y;
-         uint8 inr[SEC_MODULUS_SIZE];
+         uint8 inr[SEC_MAX_MODULUS_SIZE];
          int outlen;
-         reverse(modulus, SEC_MODULUS_SIZE);
+         reverse(modulus, modulus_size);
          reverse(exponent, SEC_EXPONENT_SIZE);
          memcpy(inr, in, len);
          reverse(inr, len);
-Line 315 
 sec_rsa_encrypt(uint8 * out, uint8 * in,
+Line 316 
 sec_rsa_encrypt(uint8 * out, uint8 * in,
          BN_init(&x);
          BN_init(&y);
-         BN_bin2bn(modulus, SEC_MODULUS_SIZE, &mod);
+         BN_bin2bn(modulus, modulus_size, &mod);
          BN_bin2bn(exponent, SEC_EXPONENT_SIZE, &exp);
          BN_bin2bn(inr, len, &x);
          BN_mod_exp(&y, &x, &exp, &mod, ctx);
          outlen = BN_bn2bin(&y, out);
          reverse(out, outlen);
-         if (outlen < SEC_MODULUS_SIZE)
+         if (outlen < modulus_size)
-                 memset(out + outlen, 0, SEC_MODULUS_SIZE - outlen);
+                 memset(out + outlen, 0, modulus_size - outlen);
          BN_free(&y);
          BN_clear_free(&x);
-Line 388 
 sec_send(STREAM s, uint32 flags)
+Line 389 
 sec_send(STREAM s, uint32 flags)
  static void
  sec_establish_key(void)
  {
-         uint32 length = SEC_MODULUS_SIZE + SEC_PADDING_SIZE;
+         uint32 length = server_public_key_len + SEC_PADDING_SIZE;
          uint32 flags = SEC_CLIENT_RANDOM;
          STREAM s;
-         s = sec_init(flags, 76);
+         s = sec_init(flags, length+4);
          out_uint32_le(s, length);
-         out_uint8p(s, sec_crypted_random, SEC_MODULUS_SIZE);
+         out_uint8p(s, sec_crypted_random, server_public_key_len);
          out_uint8s(s, SEC_PADDING_SIZE);
          s_mark_end(s);
-Line 507 
 sec_parse_public_key(STREAM s, uint8 **
+Line 508 
 sec_parse_public_key(STREAM s, uint8 **
          }
          in_uint32_le(s, modulus_len);
-         if (modulus_len != SEC_MODULUS_SIZE + SEC_PADDING_SIZE)
+         modulus_len -= SEC_PADDING_SIZE;
+         if ((modulus_len < 64) || (modulus_len > SEC_MAX_MODULUS_SIZE))
          {
-                 error("modulus len 0x%x\n", modulus_len);
+                 error("Bad server public key size (%u bits)\n", modulus_len*8);
                  return False;
          }
          in_uint8s(s, 8);        /* modulus_bits, unknown */
          in_uint8p(s, *exponent, SEC_EXPONENT_SIZE);
-         in_uint8p(s, *modulus, SEC_MODULUS_SIZE);
+         in_uint8p(s, *modulus, modulus_len);
          in_uint8s(s, SEC_PADDING_SIZE);
+         server_public_key_len = modulus_len;
          return s_check(s);
  }
-Line 544 
 sec_parse_x509_key(X509 * cert)
+Line 547 
 sec_parse_x509_key(X509 * cert)
          }
          server_public_key = RSAPublicKey_dup((RSA *) epk->pkey.ptr);
          EVP_PKEY_free(epk);
+         server_public_key_len = RSA_size(server_public_key);
+         if ((server_public_key_len < 64) || (server_public_key_len > SEC_MAX_MODULUS_SIZE))
+         {
+                 error("Bad server public key size (%u bits)\n", server_public_key_len*8);
+                 return False;
+         }
          return True;
  }
-Line 719 
 sec_process_crypt_info(STREAM s)
+Line 728 
 sec_process_crypt_info(STREAM s)
          uint8 *server_random, *modulus, *exponent;
          uint8 client_random[SEC_RANDOM_SIZE];
          uint32 rc4_key_size;
-         uint8 inr[SEC_MODULUS_SIZE];
          if (!sec_parse_crypt_info(s, &rc4_key_size, &server_random, &modulus, &exponent))
          {
-Line 728 
 sec_process_crypt_info(STREAM s)
+Line 736 
 sec_process_crypt_info(STREAM s)
          }
          DEBUG(("Generating client random\n"));
-         /* Generate a client random, and hence determine encryption keys */
-         /* This is what the MS client do: */
-         memset(inr, 0, SEC_RANDOM_SIZE);
-         /*  *ARIGL!* Plaintext attack, anyone?
-            I tried doing:
-            generate_random(inr);
-            ..but that generates connection errors now and then (yes,
-            "now and then". Something like 0 to 3 attempts needed before a
-            successful connection. Nice. Not!
-          */
          generate_random(client_random);
          if (NULL != server_public_key)
          {                       /* Which means we should use
                                     RDP5-style encryption */
+                 uint8 inr[SEC_MAX_MODULUS_SIZE];
+                 uint32 padding_len = server_public_key_len - SEC_RANDOM_SIZE;
-                 memcpy(inr + SEC_RANDOM_SIZE, client_random, SEC_RANDOM_SIZE);
+                 /* This is what the MS client do: */
-                 reverse(inr + SEC_RANDOM_SIZE, SEC_RANDOM_SIZE);
+                 memset(inr, 0, padding_len);
+                 /*  *ARIGL!* Plaintext attack, anyone?
+                    I tried doing:
+                    generate_random(inr);
+                    ..but that generates connection errors now and then (yes,
+                    "now and then". Something like 0 to 3 attempts needed before a
+                    successful connection. Nice. Not!
+                  */
+                 memcpy(inr + padding_len, client_random, SEC_RANDOM_SIZE);
+                 reverse(inr + padding_len, SEC_RANDOM_SIZE);
-                 RSA_public_encrypt(SEC_MODULUS_SIZE,
+                 RSA_public_encrypt(server_public_key_len,
                                     inr, sec_crypted_random, server_public_key, RSA_NO_PADDING);
-                 reverse(sec_crypted_random, SEC_MODULUS_SIZE);
+                 reverse(sec_crypted_random, server_public_key_len);
                  RSA_free(server_public_key);
                  server_public_key = NULL;
-Line 758 
 sec_process_crypt_info(STREAM s)
+Line 767 
 sec_process_crypt_info(STREAM s)
          else
          {                       /* RDP4-style encryption */
                  sec_rsa_encrypt(sec_crypted_random,
-                                 client_random, SEC_RANDOM_SIZE, modulus, exponent);
+                                 client_random, SEC_RANDOM_SIZE, server_public_key_len, modulus, exponent);
          }
          sec_generate_keys(client_random, server_random, rc4_key_size);
  }

 Legend:



Removed from v.1236
 


changed lines


 
Added in v.1237
 Legend:



Removed from v.1236
 


changed lines


 
Added in v.1237
-Removed from v.1236
+Added in v.1237

	ViewVC Help
Powered by ViewVC 1.1.26