Exemplo n.º 1
0
static UINT32 rdp_security_stream_out(rdpRdp* rdp, wStream* s, int length)
{
	BYTE* data;
	UINT32 sec_flags;
	UINT32 pad = 0;

	sec_flags = rdp->sec_flags;

	if (sec_flags != 0)
	{
		rdp_write_security_header(s, sec_flags);

		if (sec_flags & SEC_ENCRYPT)
		{
			if (rdp->settings->EncryptionMethods == ENCRYPTION_METHOD_FIPS)
			{
				data = Stream_Pointer(s) + 12;

				length = length - (data - Stream_Buffer(s));
				Stream_Write_UINT16(s, 0x10); /* length */
				Stream_Write_UINT8(s, 0x1); /* TSFIPS_VERSION 1*/

				/* handle padding */
				pad = 8 - (length % 8);

				if (pad == 8)
					pad = 0;
				if (pad)
					memset(data+length, 0, pad);

				Stream_Write_UINT8(s, pad);

				security_hmac_signature(data, length, Stream_Pointer(s), rdp);
				Stream_Seek(s, 8);
				security_fips_encrypt(data, length + pad, rdp);
			}
			else
			{
				data = Stream_Pointer(s) + 8;
				length = length - (data - Stream_Buffer(s));

				if (sec_flags & SEC_SECURE_CHECKSUM)
					security_salted_mac_signature(rdp, data, length, TRUE, Stream_Pointer(s));
				else
					security_mac_signature(rdp, data, length, Stream_Pointer(s));

				Stream_Seek(s, 8);
				security_encrypt(Stream_Pointer(s), length, rdp);
			}
		}

		rdp->sec_flags = 0;
	}

	return pad;
}
Exemplo n.º 2
0
static uint32 rdp_security_stream_out(rdpRdp* rdp, STREAM* s, int length)
{
	uint32 ml;
	uint8* mk;
	uint8* data;
	uint32 sec_flags;
	uint32 pad = 0;

	sec_flags = rdp->sec_flags;

	if (sec_flags != 0)
	{
		rdp_write_security_header(s, sec_flags);

		if (sec_flags & SEC_ENCRYPT)
		{
			if (rdp->settings->encryption_method == ENCRYPTION_METHOD_FIPS)
			{
				data = s->p + 12;

				length = length - (data - s->data);
				stream_write_uint16(s, 0x10); /* length */
				stream_write_uint8(s, 0x1); /* TSFIPS_VERSION 1*/

				/* handle padding */
				pad = 8 - (length % 8);

				if (pad == 8)
					pad = 0;
				if (pad)
					memset(data+length, 0, pad);

				stream_write_uint8(s, pad);

				security_hmac_signature(data, length, s->p, rdp);
				stream_seek(s, 8);
				security_fips_encrypt(data, length + pad, rdp);
			}
			else
			{
				data = s->p + 8;
				length = length - (data - s->data);

				mk = rdp->sign_key;
				ml = rdp->rc4_key_len;
				security_mac_signature(mk, ml, data, length, s->p);
				stream_seek(s, 8);
				security_encrypt(s->p, length, rdp);
			}
		}

		rdp->sec_flags = 0;
	}

	return pad;
}
Exemplo n.º 3
0
static uint32 rdp_security_stream_out(rdpRdp* rdp, STREAM* s, int length)
{
	uint8* data;
	uint32 sec_flags;
	uint32 pad = 0;

	sec_flags = rdp->sec_flags;

	if (sec_flags != 0)
	{
		rdp_write_security_header(s, sec_flags);

		if (sec_flags & SEC_ENCRYPT)
		{
			if (rdp->settings->encryption_method == ENCRYPTION_METHOD_FIPS)
			{
				data = s->p + 12;

				length = length - (data - s->data);
				stream_write_uint16(s, 0x10); /* length */
				stream_write_uint8(s, 0x1); /* TSFIPS_VERSION 1*/

				/* handle padding */
				pad = (8 - (length % 8)) & 7;
				memset(data+length, 0, pad);

				stream_write_uint8(s, pad);

				security_hmac_signature(data, length, s->p, rdp);
				stream_seek(s, 8);
				security_fips_encrypt(data, length + pad, rdp);
			}
			else
			{
				data = s->p + 8;
				length = length - (data - s->data);
				if (sec_flags & SEC_SECURE_CHECKSUM)
					security_salted_mac_signature(rdp, data, length, true, s->p);
				else
					security_mac_signature(rdp, data, length, s->p);
				stream_seek(s, 8);
				security_encrypt(s->p, length, rdp);
			}
		}

		rdp->sec_flags = 0;
	}

	return pad;
}