static UINT32 rdp_security_stream_out(rdpRdp* rdp, wStream* s, int length)
{
BYTE* data;
UINT32 sec_flags;
UINT32 pad = 0;
sec_flags = rdp->sec_flags;
if (sec_flags != 0)
{
rdp_write_security_header(s, sec_flags);
if (sec_flags & SEC_ENCRYPT)
{
if (rdp->settings->EncryptionMethods == ENCRYPTION_METHOD_FIPS)
{
data = Stream_Pointer(s) + 12;
length = length - (data - Stream_Buffer(s));
Stream_Write_UINT16(s, 0x10); /* length */
Stream_Write_UINT8(s, 0x1); /* TSFIPS_VERSION 1*/
/* handle padding */
pad = 8 - (length % 8);
if (pad == 8)
pad = 0;
if (pad)
memset(data+length, 0, pad);
Stream_Write_UINT8(s, pad);
security_hmac_signature(data, length, Stream_Pointer(s), rdp);
Stream_Seek(s, 8);
security_fips_encrypt(data, length + pad, rdp);
}
else
{
data = Stream_Pointer(s) + 8;
length = length - (data - Stream_Buffer(s));
if (sec_flags & SEC_SECURE_CHECKSUM)
security_salted_mac_signature(rdp, data, length, TRUE, Stream_Pointer(s));
else
security_mac_signature(rdp, data, length, Stream_Pointer(s));
Stream_Seek(s, 8);
security_encrypt(Stream_Pointer(s), length, rdp);
}
}
rdp->sec_flags = 0;
}
return pad;
}
static uint32 rdp_security_stream_out(rdpRdp* rdp, STREAM* s, int length)
{
uint32 ml;
uint8* mk;
uint8* data;
uint32 sec_flags;
uint32 pad = 0;
sec_flags = rdp->sec_flags;
if (sec_flags != 0)
{
rdp_write_security_header(s, sec_flags);
if (sec_flags & SEC_ENCRYPT)
{
if (rdp->settings->encryption_method == ENCRYPTION_METHOD_FIPS)
{
data = s->p + 12;
length = length - (data - s->data);
stream_write_uint16(s, 0x10); /* length */
stream_write_uint8(s, 0x1); /* TSFIPS_VERSION 1*/
/* handle padding */
pad = 8 - (length % 8);
if (pad == 8)
pad = 0;
if (pad)
memset(data+length, 0, pad);
stream_write_uint8(s, pad);
security_hmac_signature(data, length, s->p, rdp);
stream_seek(s, 8);
security_fips_encrypt(data, length + pad, rdp);
}
else
{
data = s->p + 8;
length = length - (data - s->data);
mk = rdp->sign_key;
ml = rdp->rc4_key_len;
security_mac_signature(mk, ml, data, length, s->p);
stream_seek(s, 8);
security_encrypt(s->p, length, rdp);
}
}
rdp->sec_flags = 0;
}
return pad;
}
static uint32 rdp_security_stream_out(rdpRdp* rdp, STREAM* s, int length)
{
uint8* data;
uint32 sec_flags;
uint32 pad = 0;
sec_flags = rdp->sec_flags;
if (sec_flags != 0)
{
rdp_write_security_header(s, sec_flags);
if (sec_flags & SEC_ENCRYPT)
{
if (rdp->settings->encryption_method == ENCRYPTION_METHOD_FIPS)
{
data = s->p + 12;
length = length - (data - s->data);
stream_write_uint16(s, 0x10); /* length */
stream_write_uint8(s, 0x1); /* TSFIPS_VERSION 1*/
/* handle padding */
pad = (8 - (length % 8)) & 7;
memset(data+length, 0, pad);
stream_write_uint8(s, pad);
security_hmac_signature(data, length, s->p, rdp);
stream_seek(s, 8);
security_fips_encrypt(data, length + pad, rdp);
}
else
{
data = s->p + 8;
length = length - (data - s->data);
if (sec_flags & SEC_SECURE_CHECKSUM)
security_salted_mac_signature(rdp, data, length, true, s->p);
else
security_mac_signature(rdp, data, length, s->p);
stream_seek(s, 8);
security_encrypt(s->p, length, rdp);
}
}
rdp->sec_flags = 0;
}
return pad;
}
