BOOL license_read_license_request_packet(rdpLicense* license, STREAM* s) { /* ServerRandom (32 bytes) */ if(stream_get_left(s) < 32) return FALSE; stream_read(s, license->server_random, 32); /* ProductInfo */ if (!license_read_product_info(s, license->product_info)) return FALSE; /* KeyExchangeList */ if (!license_read_binary_blob(s, license->key_exchange_list)) return FALSE; /* ServerCertificate */ if (!license_read_binary_blob(s, license->server_certificate)) return FALSE; /* ScopeList */ if (!license_read_scope_list(s, license->scope_list)) return FALSE; /* Parse Server Certificate */ if (!certificate_read_server_certificate(license->certificate, license->server_certificate->data, license->server_certificate->length)) return FALSE; license_generate_keys(license); license_generate_hwid(license); license_encrypt_premaster_secret(license); return TRUE; }
void license_read_license_request_packet(rdpLicense* license, STREAM* s) { /* ServerRandom (32 bytes) */ stream_read(s, license->server_random, 32); /* ProductInfo */ license_read_product_info(s, license->product_info); /* KeyExchangeList */ license_read_binary_blob(s, license->key_exchange_list); /* ServerCertificate */ license_read_binary_blob(s, license->server_certificate); /* ScopeList */ license_read_scope_list(s, license->scope_list); /* Parse Server Certificate */ certificate_read_server_certificate(license->certificate, license->server_certificate->data, license->server_certificate->length); license_generate_keys(license); license_generate_hwid(license); license_encrypt_premaster_secret(license); }
BOOL license_get_server_rsa_public_key(rdpLicense* license) { BYTE* Exponent; BYTE* Modulus; int ModulusLength; rdpSettings* settings = license->rdp->settings; if (license->ServerCertificate->length < 1) { if (!certificate_read_server_certificate(license->certificate, settings->ServerCertificate, settings->ServerCertificateLength)) return FALSE; } Exponent = license->certificate->cert_info.exponent; Modulus = license->certificate->cert_info.Modulus; ModulusLength = license->certificate->cert_info.ModulusLength; CopyMemory(license->Exponent, Exponent, 4); license->ModulusLength = ModulusLength; license->Modulus = (BYTE*) malloc(ModulusLength); if (!license->Modulus) return FALSE; CopyMemory(license->Modulus, Modulus, ModulusLength); return TRUE; }
BOOL gcc_read_server_security_data(wStream* s, rdpSettings* settings) { BYTE* data; UINT32 length; if (Stream_GetRemainingLength(s) < 8) return FALSE; Stream_Read_UINT32(s, settings->EncryptionMethods); /* encryptionMethod */ Stream_Read_UINT32(s, settings->EncryptionLevel); /* encryptionLevel */ if (settings->EncryptionMethods == 0 && settings->EncryptionLevel == 0) { /* serverRandom and serverRandom must not be present */ settings->DisableEncryption = FALSE; settings->EncryptionMethods = ENCRYPTION_METHOD_NONE; settings->EncryptionLevel = ENCRYPTION_LEVEL_NONE; return TRUE; } if (Stream_GetRemainingLength(s) < 8) return FALSE; Stream_Read_UINT32(s, settings->ServerRandomLength); /* serverRandomLen */ Stream_Read_UINT32(s, settings->ServerCertificateLength); /* serverCertLen */ if (Stream_GetRemainingLength(s) < settings->ServerRandomLength + settings->ServerCertificateLength) return FALSE; if (settings->ServerRandomLength > 0) { /* serverRandom */ settings->ServerRandom = (BYTE*) malloc(settings->ServerRandomLength); Stream_Read(s, settings->ServerRandom, settings->ServerRandomLength); } else { return FALSE; } if (settings->ServerCertificateLength > 0) { /* serverCertificate */ settings->ServerCertificate = (BYTE*) malloc(settings->ServerCertificateLength); Stream_Read(s, settings->ServerCertificate, settings->ServerCertificateLength); certificate_free(settings->RdpServerCertificate); settings->RdpServerCertificate = certificate_new(); data = settings->ServerCertificate; length = settings->ServerCertificateLength; if (certificate_read_server_certificate(settings->RdpServerCertificate, data, length) < 1) return FALSE; } else { return FALSE; } return TRUE; }
boolean gcc_read_server_security_data(STREAM* s, rdpSettings *settings) { uint32 serverRandomLen; uint32 serverCertLen; uint8* data; uint32 len; stream_read_uint32(s, settings->encryption_method); /* encryptionMethod */ stream_read_uint32(s, settings->encryption_level); /* encryptionLevel */ if (settings->encryption_method == 0 && settings->encryption_level == 0) { /* serverRandom and serverRandom must not be present */ settings->encryption = false; settings->encryption_method = ENCRYPTION_METHOD_NONE; settings->encryption_level = ENCRYPTION_LEVEL_NONE; return true; } stream_read_uint32(s, serverRandomLen); /* serverRandomLen */ stream_read_uint32(s, serverCertLen); /* serverCertLen */ if (serverRandomLen > 0) { /* serverRandom */ freerdp_blob_alloc(&settings->server_random, serverRandomLen); memcpy(settings->server_random.data, s->p, serverRandomLen); stream_seek(s, serverRandomLen); } else { return false; } if (serverCertLen > 0) { /* serverCertificate */ freerdp_blob_alloc(&settings->server_certificate, serverCertLen); memcpy(settings->server_certificate.data, s->p, serverCertLen); stream_seek(s, serverCertLen); certificate_free(settings->server_cert); settings->server_cert = certificate_new(); data = settings->server_certificate.data; len = settings->server_certificate.length; if (!certificate_read_server_certificate(settings->server_cert, data, len)) { return false; } } else { return false; } return true; }
boolean gcc_read_server_security_data(STREAM* s, rdpSettings* settings) { uint8* data; uint32 length; stream_read_uint32(s, settings->encryption_method); /* encryptionMethod */ stream_read_uint32(s, settings->encryption_level); /* encryptionLevel */ if (settings->encryption_method == 0 && settings->encryption_level == 0) { /* serverRandom and serverRandom must not be present */ settings->encryption = false; settings->encryption_method = ENCRYPTION_METHOD_NONE; settings->encryption_level = ENCRYPTION_LEVEL_NONE; return true; } stream_read_uint32(s, settings->server_random_length); /* serverRandomLen */ stream_read_uint32(s, settings->server_certificate_length); /* serverCertLen */ if (settings->server_random_length > 0) { /* serverRandom */ settings->server_random = (BYTE*) malloc(settings->server_random_length); stream_read(s, settings->server_random, settings->server_random_length); } else { return false; } if (settings->server_certificate_length > 0) { /* serverCertificate */ settings->server_certificate = (BYTE*) malloc(settings->server_certificate_length); stream_read(s, settings->server_certificate, settings->server_certificate_length); certificate_free(settings->server_cert); settings->server_cert = certificate_new(); data = settings->server_certificate; length = settings->server_certificate_length; if (!certificate_read_server_certificate(settings->server_cert, data, length)) return false; } else { return false; } return true; }
BOOL license_read_license_request_packet(rdpLicense* license, wStream* s) { /* ServerRandom (32 bytes) */ if (Stream_GetRemainingLength(s) < 32) return FALSE; Stream_Read(s, license->ServerRandom, 32); /* ProductInfo */ if (!license_read_product_info(s, license->ProductInfo)) return FALSE; /* KeyExchangeList */ if (!license_read_binary_blob(s, license->KeyExchangeList)) return FALSE; /* ServerCertificate */ if (!license_read_binary_blob(s, license->ServerCertificate)) return FALSE; /* ScopeList */ if (!license_read_scope_list(s, license->ScopeList)) return FALSE; /* Parse Server Certificate */ if (!certificate_read_server_certificate(license->certificate, license->ServerCertificate->data, license->ServerCertificate->length)) return FALSE; license_generate_keys(license); license_generate_hwid(license); license_encrypt_premaster_secret(license); #ifdef WITH_DEBUG_LICENSE fprintf(stderr, "ServerRandom:\n"); winpr_HexDump(license->ServerRandom, 32); fprintf(stderr, "\n"); license_print_product_info(license->ProductInfo); fprintf(stderr, "\n"); license_print_scope_list(license->ScopeList); fprintf(stderr, "\n"); #endif return TRUE; }
void license_get_server_rsa_public_key(rdpLicense* license) { BYTE* Exponent; BYTE* Modulus; int ModulusLength; if (license->ServerCertificate->length < 1) { certificate_read_server_certificate(license->certificate, license->rdp->settings->ServerCertificate, license->rdp->settings->ServerCertificateLength); } Exponent = license->certificate->cert_info.exponent; Modulus = license->certificate->cert_info.Modulus; ModulusLength = license->certificate->cert_info.ModulusLength; CopyMemory(license->Exponent, Exponent, 4); license->ModulusLength = ModulusLength; license->Modulus = (BYTE*) malloc(ModulusLength); memcpy(license->Modulus, Modulus, ModulusLength); }
BOOL gcc_read_server_security_data(wStream* s, rdpMcs* mcs) { BYTE* data; UINT32 length; rdpSettings* settings = mcs->settings; BOOL validCryptoConfig = FALSE; UINT32 serverEncryptionMethod; if (Stream_GetRemainingLength(s) < 8) return FALSE; Stream_Read_UINT32(s, serverEncryptionMethod); /* encryptionMethod */ Stream_Read_UINT32(s, settings->EncryptionLevel); /* encryptionLevel */ /* Only accept valid/known encryption methods */ switch (serverEncryptionMethod) { case ENCRYPTION_METHOD_NONE: WLog_DBG(TAG, "Server rdp encryption method: NONE"); break; case ENCRYPTION_METHOD_40BIT: WLog_DBG(TAG, "Server rdp encryption method: 40BIT"); break; case ENCRYPTION_METHOD_56BIT: WLog_DBG(TAG, "Server rdp encryption method: 56BIT"); break; case ENCRYPTION_METHOD_128BIT: WLog_DBG(TAG, "Server rdp encryption method: 128BIT"); break; case ENCRYPTION_METHOD_FIPS: WLog_DBG(TAG, "Server rdp encryption method: FIPS"); break; default: WLog_ERR(TAG, "Received unknown encryption method %08X", serverEncryptionMethod); return FALSE; } if (settings->UseRdpSecurityLayer && !(settings->EncryptionMethods & serverEncryptionMethod)) { WLog_WARN(TAG, "Server uses non-advertised encryption method 0x%08X", serverEncryptionMethod); /* FIXME: Should we return FALSE; in this case ?? */ } settings->EncryptionMethods = serverEncryptionMethod; /* Verify encryption level/method combinations according to MS-RDPBCGR Section 5.3.2 */ switch (settings->EncryptionLevel) { case ENCRYPTION_LEVEL_NONE: if (settings->EncryptionMethods == ENCRYPTION_METHOD_NONE) { validCryptoConfig = TRUE; } break; case ENCRYPTION_LEVEL_FIPS: if (settings->EncryptionMethods == ENCRYPTION_METHOD_FIPS) { validCryptoConfig = TRUE; } break; case ENCRYPTION_LEVEL_LOW: case ENCRYPTION_LEVEL_HIGH: case ENCRYPTION_LEVEL_CLIENT_COMPATIBLE: if (settings->EncryptionMethods == ENCRYPTION_METHOD_40BIT || settings->EncryptionMethods == ENCRYPTION_METHOD_56BIT || settings->EncryptionMethods == ENCRYPTION_METHOD_128BIT || settings->EncryptionMethods == ENCRYPTION_METHOD_FIPS) { validCryptoConfig = TRUE; } break; default: WLog_ERR(TAG, "Received unknown encryption level %08X", settings->EncryptionLevel); } if (!validCryptoConfig) { WLog_ERR(TAG, "Received invalid cryptographic configuration (level=0x%08X method=0x%08X)", settings->EncryptionLevel, settings->EncryptionMethods); return FALSE; } if (settings->EncryptionLevel == ENCRYPTION_LEVEL_NONE) { /* serverRandomLen and serverCertLen must not be present */ settings->UseRdpSecurityLayer = FALSE; return TRUE; } if (Stream_GetRemainingLength(s) < 8) return FALSE; Stream_Read_UINT32(s, settings->ServerRandomLength); /* serverRandomLen */ Stream_Read_UINT32(s, settings->ServerCertificateLength); /* serverCertLen */ if (Stream_GetRemainingLength(s) < settings->ServerRandomLength + settings->ServerCertificateLength) return FALSE; if ((settings->ServerRandomLength <= 0) || (settings->ServerCertificateLength <= 0)) return FALSE; /* serverRandom */ settings->ServerRandom = (BYTE*) malloc(settings->ServerRandomLength); if (!settings->ServerRandom) return FALSE; Stream_Read(s, settings->ServerRandom, settings->ServerRandomLength); /* serverCertificate */ settings->ServerCertificate = (BYTE*) malloc(settings->ServerCertificateLength); if (!settings->ServerCertificate) return FALSE; Stream_Read(s, settings->ServerCertificate, settings->ServerCertificateLength); certificate_free(settings->RdpServerCertificate); settings->RdpServerCertificate = certificate_new(); if (!settings->RdpServerCertificate) return FALSE; data = settings->ServerCertificate; length = settings->ServerCertificateLength; return certificate_read_server_certificate(settings->RdpServerCertificate, data, length); }