diff options
Diffstat (limited to 'rdp')
-rw-r--r-- | rdp/Makefile | 3 | ||||
-rw-r--r-- | rdp/rdp_lic.c | 28 | ||||
-rw-r--r-- | rdp/rdp_sec.c | 144 |
3 files changed, 86 insertions, 89 deletions
diff --git a/rdp/Makefile b/rdp/Makefile index aa8c21c1..7680c1f8 100644 --- a/rdp/Makefile +++ b/rdp/Makefile @@ -5,7 +5,8 @@ CFLAGS = -Wall -O2 -I../common -fPIC #CFLAGS += -DXRDP_DEBUG C_OS_FLAGS = $(CFLAGS) -c LDFLAGS = -shared -LIBS = -ldl -lcrypto +LIBS = -ldl +LIBS += -lcrypto CC = gcc all: rdp diff --git a/rdp/rdp_lic.c b/rdp/rdp_lic.c index 5efa776b..3f67dfbb 100644 --- a/rdp/rdp_lic.c +++ b/rdp/rdp_lic.c @@ -182,10 +182,10 @@ rdp_lic_process_demand(struct rdp_lic* self, struct stream* s) rdp_sec_sign(signature, 16, self->licence_sign_key, 16, hwid, sizeof(hwid)); /* Now encrypt the HWID */ - crypt_key = g_rc4_info_create(); - g_rc4_set_key(crypt_key, self->licence_key, 16); - g_rc4_crypt(crypt_key, hwid, sizeof(hwid)); - g_rc4_info_delete(crypt_key); + crypt_key = ssl_rc4_info_create(); + ssl_rc4_set_key(crypt_key, self->licence_key, 16); + ssl_rc4_crypt(crypt_key, hwid, sizeof(hwid)); + ssl_rc4_info_delete(crypt_key); rdp_lic_present(self, null_data, null_data, licence_data, licence_size, hwid, signature); g_free(licence_data); @@ -266,10 +266,10 @@ rdp_lic_process_authreq(struct rdp_lic* self, struct stream* s) rdp_lic_parse_authreq(self, s, &in_token, &in_sig); g_memcpy(out_token, in_token, LICENCE_TOKEN_SIZE); /* Decrypt the token. It should read TEST in Unicode. */ - crypt_key = g_rc4_info_create(); - g_rc4_set_key(crypt_key, self->licence_key, 16); + crypt_key = ssl_rc4_info_create(); + ssl_rc4_set_key(crypt_key, self->licence_key, 16); g_memcpy(decrypt_token, in_token, LICENCE_TOKEN_SIZE); - g_rc4_crypt(crypt_key, decrypt_token, LICENCE_TOKEN_SIZE); + ssl_rc4_crypt(crypt_key, decrypt_token, LICENCE_TOKEN_SIZE); /* Generate a signature for a buffer of token and HWID */ rdp_lic_generate_hwid(self, hwid); g_memcpy(sealed_buffer, decrypt_token, LICENCE_TOKEN_SIZE); @@ -277,11 +277,11 @@ rdp_lic_process_authreq(struct rdp_lic* self, struct stream* s) rdp_sec_sign(out_sig, 16, self->licence_sign_key, 16, sealed_buffer, sizeof(sealed_buffer)); /* Now encrypt the HWID */ - g_rc4_set_key(crypt_key, self->licence_key, 16); + ssl_rc4_set_key(crypt_key, self->licence_key, 16); g_memcpy(crypt_hwid, hwid, LICENCE_HWID_SIZE); - g_rc4_crypt(crypt_key, crypt_hwid, LICENCE_HWID_SIZE); + ssl_rc4_crypt(crypt_key, crypt_hwid, LICENCE_HWID_SIZE); rdp_lic_send_authresp(self, out_token, crypt_hwid, out_sig); - g_rc4_info_delete(crypt_key); + ssl_rc4_info_delete(crypt_key); } /*****************************************************************************/ @@ -300,10 +300,10 @@ rdp_lic_process_issue(struct rdp_lic* self, struct stream* s) { return; } - crypt_key = g_rc4_info_create(); - g_rc4_set_key(crypt_key, self->licence_key, 16); - g_rc4_crypt(crypt_key, s->p, length); - g_rc4_info_delete(crypt_key); + crypt_key = ssl_rc4_info_create(); + ssl_rc4_set_key(crypt_key, self->licence_key, 16); + ssl_rc4_crypt(crypt_key, s->p, length); + ssl_rc4_info_delete(crypt_key); in_uint16_le(s, check); if (check != 0) { diff --git a/rdp/rdp_sec.c b/rdp/rdp_sec.c index 0bd727ee..ef129873 100644 --- a/rdp/rdp_sec.c +++ b/rdp/rdp_sec.c @@ -46,8 +46,8 @@ rdp_sec_create(struct rdp_rdp* owner) init_stream(self->server_mcs_data, 8192); self->mcs_layer = rdp_mcs_create(self, self->client_mcs_data, self->server_mcs_data); - self->decrypt_rc4_info = g_rc4_info_create(); - self->encrypt_rc4_info = g_rc4_info_create(); + self->decrypt_rc4_info = ssl_rc4_info_create(); + self->encrypt_rc4_info = ssl_rc4_info_create(); self->lic_layer = rdp_lic_create(self); return self; } @@ -64,8 +64,8 @@ rdp_sec_delete(struct rdp_sec* self) rdp_mcs_delete(self->mcs_layer); free_stream(self->client_mcs_data); free_stream(self->server_mcs_data); - g_rc4_info_delete(self->decrypt_rc4_info); - g_rc4_info_delete(self->encrypt_rc4_info); + ssl_rc4_info_delete(self->decrypt_rc4_info); + ssl_rc4_info_delete(self->encrypt_rc4_info); g_free(self); } @@ -90,28 +90,28 @@ rdp_sec_update(char* key, char* update_key, int key_len) void* md5_info; void* rc4_info; - sha1_info = g_sha1_info_create(); - md5_info = g_md5_info_create(); - rc4_info = g_rc4_info_create(); - g_sha1_clear(sha1_info); - g_sha1_transform(sha1_info, update_key, key_len); - g_sha1_transform(sha1_info, g_pad_54, 40); - g_sha1_transform(sha1_info, key, key_len); - g_sha1_complete(sha1_info, shasig); - g_md5_clear(md5_info); - g_md5_transform(md5_info, update_key, key_len); - g_md5_transform(md5_info, g_pad_92, 48); - g_md5_transform(md5_info, shasig, 20); - g_md5_complete(md5_info, key); - g_rc4_set_key(rc4_info, key, key_len); - g_rc4_crypt(rc4_info, key, key_len); + sha1_info = ssl_sha1_info_create(); + md5_info = ssl_md5_info_create(); + rc4_info = ssl_rc4_info_create(); + ssl_sha1_clear(sha1_info); + ssl_sha1_transform(sha1_info, update_key, key_len); + ssl_sha1_transform(sha1_info, g_pad_54, 40); + ssl_sha1_transform(sha1_info, key, key_len); + ssl_sha1_complete(sha1_info, shasig); + ssl_md5_clear(md5_info); + ssl_md5_transform(md5_info, update_key, key_len); + ssl_md5_transform(md5_info, g_pad_92, 48); + ssl_md5_transform(md5_info, shasig, 20); + ssl_md5_complete(md5_info, key); + ssl_rc4_set_key(rc4_info, key, key_len); + ssl_rc4_crypt(rc4_info, key, key_len); if (key_len == 8) { rdp_sec_make_40bit(key); } - g_sha1_info_delete(sha1_info); - g_md5_info_delete(md5_info); - g_rc4_info_delete(rc4_info); + ssl_sha1_info_delete(sha1_info); + ssl_md5_info_delete(md5_info); + ssl_rc4_info_delete(rc4_info); return 0; } @@ -123,11 +123,11 @@ rdp_sec_decrypt(struct rdp_sec* self, char* data, int len) { rdp_sec_update(self->decrypt_key, self->decrypt_update_key, self->rc4_key_len); - g_rc4_set_key(self->decrypt_rc4_info, self->decrypt_key, - self->rc4_key_len); + ssl_rc4_set_key(self->decrypt_rc4_info, self->decrypt_key, + self->rc4_key_len); self->decrypt_use_count = 0; } - g_rc4_crypt(self->decrypt_rc4_info, data, len); + ssl_rc4_crypt(self->decrypt_rc4_info, data, len); self->decrypt_use_count++; } @@ -326,14 +326,10 @@ rdp_sec_parse_crypt_info(struct rdp_sec* self, struct stream* s, static void APP_CC rdp_sec_rsa_op(char* out, char* in, char* mod, char* exp) { - g_mod_exp(out, SEC_MODULUS_SIZE, /* 64 */ - in, SEC_RANDOM_SIZE, /* 32 */ - mod, SEC_MODULUS_SIZE, /* 64 */ - exp, SEC_EXPONENT_SIZE); /* 4 */ - //g_hexdump(out, SEC_MODULUS_SIZE); - //g_hexdump(in, SEC_RANDOM_SIZE); - //g_hexdump(mod, SEC_MODULUS_SIZE); - //g_hexdump(exp, SEC_EXPONENT_SIZE); + ssl_mod_exp(out, SEC_MODULUS_SIZE, /* 64 */ + in, SEC_RANDOM_SIZE, /* 32 */ + mod, SEC_MODULUS_SIZE, /* 64 */ + exp, SEC_EXPONENT_SIZE); /* 4 */ } /*****************************************************************************/ @@ -347,25 +343,25 @@ rdp_sec_hash_48(char* out, char* in, char* salt1, char* salt2, int salt) char sha1_sig[20]; char md5_sig[16]; - sha1_info = g_sha1_info_create(); - md5_info = g_md5_info_create(); + sha1_info = ssl_sha1_info_create(); + md5_info = ssl_md5_info_create(); for (i = 0; i < 3; i++) { g_memset(pad, salt + i, 4); - g_sha1_clear(sha1_info); - g_sha1_transform(sha1_info, pad, i + 1); - g_sha1_transform(sha1_info, in, 48); - g_sha1_transform(sha1_info, salt1, 32); - g_sha1_transform(sha1_info, salt2, 32); - g_sha1_complete(sha1_info, sha1_sig); - g_md5_clear(md5_info); - g_md5_transform(md5_info, in, 48); - g_md5_transform(md5_info, sha1_sig, 20); - g_md5_complete(md5_info, md5_sig); + ssl_sha1_clear(sha1_info); + ssl_sha1_transform(sha1_info, pad, i + 1); + ssl_sha1_transform(sha1_info, in, 48); + ssl_sha1_transform(sha1_info, salt1, 32); + ssl_sha1_transform(sha1_info, salt2, 32); + ssl_sha1_complete(sha1_info, sha1_sig); + ssl_md5_clear(md5_info); + ssl_md5_transform(md5_info, in, 48); + ssl_md5_transform(md5_info, sha1_sig, 20); + ssl_md5_complete(md5_info, md5_sig); g_memcpy(out + i * 16, md5_sig, 16); } - g_sha1_info_delete(sha1_info); - g_md5_info_delete(md5_info); + ssl_sha1_info_delete(sha1_info); + ssl_md5_info_delete(md5_info); } /*****************************************************************************/ @@ -374,13 +370,13 @@ rdp_sec_hash_16(char* out, char* in, char* salt1, char* salt2) { void* md5_info; - md5_info = g_md5_info_create(); - g_md5_clear(md5_info); - g_md5_transform(md5_info, in, 16); - g_md5_transform(md5_info, salt1, 32); - g_md5_transform(md5_info, salt2, 32); - g_md5_complete(md5_info, out); - g_md5_info_delete(md5_info); + md5_info = ssl_md5_info_create(); + ssl_md5_clear(md5_info); + ssl_md5_transform(md5_info, in, 16); + ssl_md5_transform(md5_info, salt1, 32); + ssl_md5_transform(md5_info, salt2, 32); + ssl_md5_complete(md5_info, out); + ssl_md5_info_delete(md5_info); } /*****************************************************************************/ @@ -417,8 +413,8 @@ rdp_sec_generate_keys(struct rdp_sec* self) } g_memcpy(self->decrypt_update_key, self->decrypt_key, 16); g_memcpy(self->encrypt_update_key, self->encrypt_key, 16); - g_rc4_set_key(self->decrypt_rc4_info, self->decrypt_key, self->rc4_key_len); - g_rc4_set_key(self->encrypt_rc4_info, self->encrypt_key, self->rc4_key_len); + ssl_rc4_set_key(self->decrypt_rc4_info, self->decrypt_key, self->rc4_key_len); + ssl_rc4_set_key(self->encrypt_rc4_info, self->encrypt_key, self->rc4_key_len); return 0; } @@ -589,21 +585,21 @@ rdp_sec_sign(char* signature, int siglen, char* session_key, int keylen, void* md5_context; rdp_sec_buf_out_uint32(lenhdr, datalen); - sha1_context = g_sha1_info_create(); - g_sha1_clear(sha1_context); - g_sha1_transform(sha1_context, session_key, keylen); - g_sha1_transform(sha1_context, g_pad_54, 40); - g_sha1_transform(sha1_context, lenhdr, 4); - g_sha1_transform(sha1_context, data, datalen); - g_sha1_complete(sha1_context, shasig); - g_sha1_info_delete(sha1_context); - md5_context = g_md5_info_create(); - g_md5_clear(md5_context); - g_md5_transform(md5_context, session_key, keylen); - g_md5_transform(md5_context, g_pad_92, 48); - g_md5_transform(md5_context, shasig, 20); - g_md5_complete(md5_context, md5sig); - g_md5_info_delete(md5_context); + sha1_context = ssl_sha1_info_create(); + ssl_sha1_clear(sha1_context); + ssl_sha1_transform(sha1_context, session_key, keylen); + ssl_sha1_transform(sha1_context, g_pad_54, 40); + ssl_sha1_transform(sha1_context, lenhdr, 4); + ssl_sha1_transform(sha1_context, data, datalen); + ssl_sha1_complete(sha1_context, shasig); + ssl_sha1_info_delete(sha1_context); + md5_context = ssl_md5_info_create(); + ssl_md5_clear(md5_context); + ssl_md5_transform(md5_context, session_key, keylen); + ssl_md5_transform(md5_context, g_pad_92, 48); + ssl_md5_transform(md5_context, shasig, 20); + ssl_md5_complete(md5_context, md5sig); + ssl_md5_info_delete(md5_context); g_memcpy(signature, md5sig, siglen); } @@ -616,11 +612,11 @@ rdp_sec_encrypt(struct rdp_sec* self, char* data, int length) { rdp_sec_update(self->encrypt_key, self->encrypt_update_key, self->rc4_key_len); - g_rc4_set_key(self->encrypt_rc4_info, self->encrypt_key, - self->rc4_key_len); + ssl_rc4_set_key(self->encrypt_rc4_info, self->encrypt_key, + self->rc4_key_len); self->encrypt_use_count = 0; } - g_rc4_crypt(self->encrypt_rc4_info, data, length); + ssl_rc4_crypt(self->encrypt_rc4_info, data, length); self->encrypt_use_count++; } |