/[rdesktop]/sourceforge.net/trunk/rdesktop/secure.c
This is repository of my old source code which isn't updated any more. Go to git.rot13.org for current projects!
ViewVC logotype

Diff of /sourceforge.net/trunk/rdesktop/secure.c

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

revision 64 by astrand, Thu Jul 18 16:38:31 2002 UTC revision 207 by matthewc, Thu Sep 26 14:26:46 2002 UTC
# Line 1  Line 1 
1  /*  /*
2     rdesktop: A Remote Desktop Protocol client.     rdesktop: A Remote Desktop Protocol client.
3     Protocol services - RDP encryption and licensing     Protocol services - RDP encryption and licensing
4     Copyright (C) Matthew Chapman 1999-2001     Copyright (C) Matthew Chapman 1999-2002
5    
6     This program is free software; you can redistribute it and/or modify     This program is free software; you can redistribute it and/or modify
7     it under the terms of the GNU General Public License as published by     it under the terms of the GNU General Public License as published by
# Line 127  sec_generate_keys(uint8 * client_key, ui Line 127  sec_generate_keys(uint8 * client_key, ui
127          memcpy(sec_sign_key, session_key, 16);          memcpy(sec_sign_key, session_key, 16);
128    
129          /* Generate RC4 keys */          /* Generate RC4 keys */
130          sec_hash_16(sec_decrypt_key, &session_key[16], client_key,          sec_hash_16(sec_decrypt_key, &session_key[16], client_key, server_key);
131                      server_key);          sec_hash_16(sec_encrypt_key, &session_key[32], client_key, server_key);
         sec_hash_16(sec_encrypt_key, &session_key[32], client_key,  
                     server_key);  
132    
133          if (rc4_key_size == 1)          if (rc4_key_size == 1)
134          {          {
# Line 181  buf_out_uint32(uint8 * buffer, uint32 va Line 179  buf_out_uint32(uint8 * buffer, uint32 va
179    
180  /* Generate a signature hash, using a combination of SHA1 and MD5 */  /* Generate a signature hash, using a combination of SHA1 and MD5 */
181  void  void
182  sec_sign(uint8 * signature, int siglen, uint8 * session_key, int keylen,  sec_sign(uint8 * signature, int siglen, uint8 * session_key, int keylen, uint8 * data, int datalen)
          uint8 * data, int datalen)  
183  {  {
184          uint8 shasig[20];          uint8 shasig[20];
185          uint8 md5sig[16];          uint8 md5sig[16];
# Line 286  reverse(uint8 * p, int len) Line 283  reverse(uint8 * p, int len)
283    
284  /* Perform an RSA public key encryption operation */  /* Perform an RSA public key encryption operation */
285  static void  static void
286  sec_rsa_encrypt(uint8 * out, uint8 * in, int len,  sec_rsa_encrypt(uint8 * out, uint8 * in, int len, uint8 * modulus, uint8 * exponent)
                 uint8 * modulus, uint8 * exponent)  
287  {  {
288          BN_CTX ctx;          BN_CTX ctx;
289          BIGNUM mod, exp, x, y;          BIGNUM mod, exp, x, y;
# Line 358  sec_send(STREAM s, uint32 flags) Line 354  sec_send(STREAM s, uint32 flags)
354                  hexdump(s->p + 8, datalen);                  hexdump(s->p + 8, datalen);
355  #endif  #endif
356    
357                  sec_sign(s->p, 8, sec_sign_key, rc4_key_len, s->p + 8,                  sec_sign(s->p, 8, sec_sign_key, rc4_key_len, s->p + 8, datalen);
                          datalen);  
358                  sec_encrypt(s->p + 8, datalen);                  sec_encrypt(s->p + 8, datalen);
359          }          }
360    
# Line 368  sec_send(STREAM s, uint32 flags) Line 363  sec_send(STREAM s, uint32 flags)
363    
364  /* Transfer the client random to the server */  /* Transfer the client random to the server */
365  static void  static void
366  sec_establish_key()  sec_establish_key(void)
367  {  {
368          uint32 length = SEC_MODULUS_SIZE + SEC_PADDING_SIZE;          uint32 length = SEC_MODULUS_SIZE + SEC_PADDING_SIZE;
369          uint32 flags = SEC_CLIENT_RANDOM;          uint32 flags = SEC_CLIENT_RANDOM;
# Line 390  sec_out_mcs_data(STREAM s) Line 385  sec_out_mcs_data(STREAM s)
385  {  {
386          int hostlen = 2 * strlen(hostname);          int hostlen = 2 * strlen(hostname);
387    
388            if (hostlen > 30)
389                    hostlen = 30;
390    
391          out_uint16_be(s, 5);    /* unknown */          out_uint16_be(s, 5);    /* unknown */
392          out_uint16_be(s, 0x14);          out_uint16_be(s, 0x14);
393          out_uint8(s, 0x7c);          out_uint8(s, 0x7c);
# Line 427  sec_out_mcs_data(STREAM s) Line 425  sec_out_mcs_data(STREAM s)
425          out_uint32_le(s, 12);          out_uint32_le(s, 12);
426          out_uint8s(s, 64);      /* reserved? 4 + 12 doublewords */          out_uint8s(s, 64);      /* reserved? 4 + 12 doublewords */
427    
428          out_uint16(s, 0xca01);          out_uint16_le(s, 0xca01);
429          out_uint16(s, 0);          out_uint16(s, 0);
430    
431          /* Client encryption settings */          /* Client encryption settings */
432          out_uint16_le(s, SEC_TAG_CLI_CRYPT);          out_uint16_le(s, SEC_TAG_CLI_CRYPT);
433          out_uint16(s, 8);       /* length */          out_uint16_le(s, 8);    /* length */
434          out_uint32_le(s, encryption ? 0x3 : 0); /* encryption supported, 128-bit supported */          out_uint32_le(s, encryption ? 0x3 : 0); /* encryption supported, 128-bit supported */
435          s_mark_end(s);          s_mark_end(s);
436  }  }
# Line 468  sec_parse_public_key(STREAM s, uint8 ** Line 466  sec_parse_public_key(STREAM s, uint8 **
466  /* Parse a crypto information structure */  /* Parse a crypto information structure */
467  static BOOL  static BOOL
468  sec_parse_crypt_info(STREAM s, uint32 * rc4_key_size,  sec_parse_crypt_info(STREAM s, uint32 * rc4_key_size,
469                       uint8 ** server_random, uint8 ** modulus,                       uint8 ** server_random, uint8 ** modulus, uint8 ** exponent)
                      uint8 ** exponent)  
470  {  {
471          uint32 crypt_level, random_len, rsa_info_len;          uint32 crypt_level, random_len, rsa_info_len;
472          uint16 tag, length;          uint16 tag, length;
# Line 477  sec_parse_crypt_info(STREAM s, uint32 * Line 474  sec_parse_crypt_info(STREAM s, uint32 *
474    
475          in_uint32_le(s, *rc4_key_size); /* 1 = 40-bit, 2 = 128-bit */          in_uint32_le(s, *rc4_key_size); /* 1 = 40-bit, 2 = 128-bit */
476          in_uint32_le(s, crypt_level);   /* 1 = low, 2 = medium, 3 = high */          in_uint32_le(s, crypt_level);   /* 1 = low, 2 = medium, 3 = high */
477            if (crypt_level == 0)   /* no encryptation */
478                    return False;
479          in_uint32_le(s, random_len);          in_uint32_le(s, random_len);
480          in_uint32_le(s, rsa_info_len);          in_uint32_le(s, rsa_info_len);
481    
# Line 505  sec_parse_crypt_info(STREAM s, uint32 * Line 504  sec_parse_crypt_info(STREAM s, uint32 *
504                  switch (tag)                  switch (tag)
505                  {                  {
506                          case SEC_TAG_PUBKEY:                          case SEC_TAG_PUBKEY:
507                                  if (!sec_parse_public_key                                  if (!sec_parse_public_key(s, modulus, exponent))
                                     (s, modulus, exponent))  
508                                          return False;                                          return False;
509    
510                                  break;                                  break;
# Line 534  sec_process_crypt_info(STREAM s) Line 532  sec_process_crypt_info(STREAM s)
532          uint8 client_random[SEC_RANDOM_SIZE];          uint8 client_random[SEC_RANDOM_SIZE];
533          uint32 rc4_key_size;          uint32 rc4_key_size;
534    
535          if (!sec_parse_crypt_info(s, &rc4_key_size, &server_random,          if (!sec_parse_crypt_info(s, &rc4_key_size, &server_random, &modulus, &exponent))
                                   &modulus, &exponent))  
536                  return;                  return;
537    
538          /* Generate a client random, and hence determine encryption keys */          /* Generate a client random, and hence determine encryption keys */
539          generate_random(client_random);          generate_random(client_random);
540          sec_rsa_encrypt(sec_crypted_random, client_random,          sec_rsa_encrypt(sec_crypted_random, client_random, SEC_RANDOM_SIZE, modulus, exponent);
                         SEC_RANDOM_SIZE, modulus, exponent);  
541          sec_generate_keys(client_random, server_random, rc4_key_size);          sec_generate_keys(client_random, server_random, rc4_key_size);
542  }  }
543    
# Line 551  sec_process_mcs_data(STREAM s) Line 547  sec_process_mcs_data(STREAM s)
547  {  {
548          uint16 tag, length;          uint16 tag, length;
549          uint8 *next_tag;          uint8 *next_tag;
550            uint8 len;
551    
552          in_uint8s(s, 23);       /* header */          in_uint8s(s, 21);       /* header */
553            in_uint8(s, len);
554            if (len & 0x80)
555                    in_uint8(s, len);
556    
557          while (s->p < s->end)          while (s->p < s->end)
558          {          {
# Line 584  sec_process_mcs_data(STREAM s) Line 584  sec_process_mcs_data(STREAM s)
584    
585  /* Receive secure transport packet */  /* Receive secure transport packet */
586  STREAM  STREAM
587  sec_recv()  sec_recv(void)
588  {  {
589          uint32 sec_flags;          uint32 sec_flags;
590          STREAM s;          STREAM s;
# Line 636  sec_connect(char *server) Line 636  sec_connect(char *server)
636    
637  /* Disconnect a connection */  /* Disconnect a connection */
638  void  void
639  sec_disconnect()  sec_disconnect(void)
640  {  {
641          mcs_disconnect();          mcs_disconnect();
642  }  }
Legend:
Removed from v.64  
changed lines
  Added in v.207
  ViewVC Help
Powered by ViewVC 1.1.26