void credssp_encrypt_public_key(rdpCredssp* credssp, rdpBlob* d)
{
uint8 *p;
uint8 signature[16];
rdpBlob encrypted_public_key;
NTLMSSP *ntlmssp = credssp->ntlmssp;
freerdp_blob_alloc(d, credssp->public_key.length + 16);
ntlmssp_encrypt_message(ntlmssp, &credssp->public_key, &encrypted_public_key, signature);
#ifdef WITH_DEBUG_NLA
printf("Public Key (length = %d)\n", credssp->public_key.length);
freerdp_hexdump(credssp->public_key.data, credssp->public_key.length);
printf("\n");
printf("Encrypted Public Key (length = %d)\n", encrypted_public_key.length);
freerdp_hexdump(encrypted_public_key.data, encrypted_public_key.length);
printf("\n");
printf("Signature\n");
freerdp_hexdump(signature, 16);
printf("\n");
#endif
p = (uint8*) d->data;
memcpy(p, signature, 16); /* Message Signature */
memcpy(&p[16], encrypted_public_key.data, encrypted_public_key.length); /* Encrypted Public Key */
freerdp_blob_free(&encrypted_public_key);
}
void credssp_encrypt_ts_credentials(rdpCredssp* credssp, rdpBlob* d)
{
uint8 *p;
uint8 signature[16];
rdpBlob encrypted_ts_credentials;
NTLMSSP *ntlmssp = credssp->ntlmssp;
freerdp_blob_alloc(d, credssp->ts_credentials.length + 16);
ntlmssp_encrypt_message(ntlmssp, &credssp->ts_credentials, &encrypted_ts_credentials, signature);
#ifdef WITH_DEBUG_NLA
printf("TSCredentials (length = %d)\n", credssp->ts_credentials.length);
freerdp_hexdump(credssp->ts_credentials.data, credssp->ts_credentials.length);
printf("\n");
printf("Encrypted TSCredentials (length = %d)\n", encrypted_ts_credentials.length);
freerdp_hexdump(encrypted_ts_credentials.data, encrypted_ts_credentials.length);
printf("\n");
printf("Signature\n");
freerdp_hexdump(signature, 16);
printf("\n");
#endif
p = (uint8*) d->data;
memcpy(p, signature, 16); /* Message Signature */
memcpy(&p[16], encrypted_ts_credentials.data, encrypted_ts_credentials.length); /* Encrypted TSCredentials */
freerdp_blob_free(&encrypted_ts_credentials);
}
void test_ntlmssp_encrypt_message(void)
{
int i;
uint8* p;
NTLMSSP* ntlmssp;
rdpBlob public_key;
rdpBlob ts_credentials;
rdpBlob encrypted_public_key;
rdpBlob encrypted_ts_credentials;
uint8 public_key_signature[16];
uint8 ts_credentials_signature[16];
int encrypted_public_key_good;
int public_key_signature_good;
int encrypted_ts_credentials_good;
int ts_credentials_signature_good;
uint8 client_signing_key[16] = "\xbf\x5e\x42\x76\x55\x68\x38\x97\x45\xd3\xb4\x9f\x5e\x2f\xbc\x89";
uint8 client_sealing_key[16] = "\xca\x41\xcd\x08\x48\x07\x22\x6e\x0d\x84\xc3\x88\xa5\x07\xa9\x73";
uint8 public_key_data[270] =
"\x30\x82\x01\x0a\x02\x82\x01\x01\x00\xc2\x1c\x54\xaf\x07\xf1\x16"
"\x97\xc3\x0f\x6b\xa6\x33\x2e\xdd\x1e\xe4\xb2\x9c\xe4\x12\x7f\xda"
"\x58\x21\xc0\x68\xe6\xd3\xf5\x20\x1c\xba\x06\x64\x7d\x7f\x44\xb5"
"\xbf\xe3\xd5\xc7\xa4\x86\x8b\xbc\x6f\xca\x25\x78\xdf\xeb\xcf\x5a"
"\x96\xf6\xc7\x00\xbe\x7d\x6d\x06\x1f\x1d\x7f\x30\xaf\xc4\x59\x4f"
"\x91\x6d\x97\xe8\x55\x8b\x39\x01\x68\x50\x59\xbb\xe4\x65\x71\x32"
"\x76\x9e\x1b\xcf\x58\xfc\x52\xd9\x43\x01\x8e\x33\xc1\x74\x14\xbc"
"\x1f\x5c\x1d\xdb\x0e\xbd\xbb\x37\x50\x13\x78\x57\x93\x34\x3b\x73"
"\xc9\x5c\x44\x1f\x16\xe6\x2e\x00\x57\xa3\xe6\x5c\x6a\x2c\x90\xdc"
"\xa3\x6d\x7f\x92\xdf\x2f\xe5\x97\xae\x3b\x07\x23\x03\x91\x71\xd4"
"\xf2\x50\x3a\x3a\xb9\xde\x1f\xb1\xd5\xa1\x38\x7c\xf7\x07\x49\x83"
"\x68\xaa\xdf\xad\xfd\x1a\xe9\xb5\x0a\x1e\x8b\xf3\x88\xae\x3f\x32"
"\xd0\x3b\xd8\xc7\x50\x11\xf7\xad\x3b\x11\xe6\x92\xbb\x2a\x73\x8b"
"\xed\xfd\x45\x29\x50\xbf\x0d\x1e\x47\xfd\x61\x1d\x18\x27\x58\xa2"
"\xb2\x1f\xb5\x2d\x84\x18\x2f\x88\x8e\x7f\x70\xed\x4e\xbf\x14\x5d"
"\x1b\xbc\x0b\x47\x66\x16\x3a\x7b\x6d\x8e\xcf\x55\xe8\x8c\x8a\xfe"
"\x24\xce\x19\x99\xc3\x5a\xe5\xc2\xf3\x02\x03\x01\x00\x01";
uint8 expected_encrypted_public_key[270] =
"\x27\x29\x73\xa9\xfa\x46\x17\x3c\x74\x14\x45\x2a\xd1\xe2\x92\xa1"
"\xc6\x0a\x30\xd4\xcc\xe0\x92\xf6\xb3\x20\xb3\xa0\xf1\x38\xb1\xf4"
"\xe5\x96\xdf\xa1\x65\x5b\xd6\x0c\x2a\x86\x99\xcc\x72\x80\xbd\xe9"
"\x19\x1f\x42\x53\xf6\x84\xa3\xda\x0e\xec\x10\x29\x15\x52\x5c\x77"
"\x40\xc8\x3d\x44\x01\x34\xb6\x0a\x75\x33\xc0\x25\x71\xd3\x25\x38"
"\x3b\xfc\x3b\xa8\xcf\xba\x2b\xf6\x99\x0e\x5f\x4e\xa9\x16\x2b\x52"
"\x9f\xbb\x76\xf8\x03\xfc\x11\x5e\x36\x83\xd8\x4c\x9a\xdc\x9d\x35"
"\xe2\xc8\x63\xa9\x3d\x07\x97\x52\x64\x54\x72\x9e\x9a\x8c\x56\x79"
"\x4a\x78\x91\x0a\x4c\x52\x84\x5a\x4a\xb8\x28\x0b\x2f\xe6\x89\x7d"
"\x07\x3b\x7b\x6e\x22\xcc\x4c\xff\xf4\x10\x96\xf2\x27\x29\xa0\x76"
"\x0d\x4c\x7e\x7a\x42\xe4\x1e\x6a\x95\x7d\x4c\xaf\xdb\x86\x49\x5c"
"\xbf\xc2\x65\xb6\xf2\xed\xae\x8d\x57\xed\xf0\xd4\xcb\x7a\xbb\x23"
"\xde\xe3\x43\xea\xb1\x02\xe3\xb4\x96\xe9\xe7\x48\x69\xb0\xaa\xec"
"\x89\x38\x8b\xc2\xbd\xdd\xf7\xdf\xa1\x37\xe7\x34\x72\x7f\x91\x10"
"\x14\x73\xfe\x32\xdc\xfe\x68\x2b\xc0\x08\xdf\x05\xf7\xbd\x46\x33"
"\xfb\xc9\xfc\x89\xaa\x5d\x25\x49\xc8\x6e\x86\xee\xc2\xce\xc4\x8e"
"\x85\x9f\xe8\x30\xb3\x86\x11\xd5\xb8\x34\x4a\xe0\x03\xe5";
uint8 expected_public_key_signature[16] =
"\x01\x00\x00\x00\x91\x5e\xb0\x6e\x72\x82\x53\xae\x00\x00\x00\x00";
uint8 ts_credentials_data[65] =
"\x30\x3f\xa0\x03\x02\x01\x01\xa1\x38\x04\x36\x30\x34\xa0\x0a\x04"
"\x08\x77\x00\x69\x00\x6e\x00\x37\x00\xa1\x12\x04\x10\x75\x00\x73"
"\x00\x65\x00\x72\x00\x6e\x00\x61\x00\x6d\x00\x65\x00\xa2\x12\x04"
"\x10\x70\x00\x61\x00\x73\x00\x73\x00\x77\x00\x6f\x00\x72\x00\x64"
"\x00";
uint8 expected_encrypted_ts_credentials[65] =
"\xa8\x85\x7d\x11\xef\x92\xa0\xd6\xff\xee\xa1\xae\x6d\xc5\x2e\x4e"
"\x65\x50\x28\x93\x75\x30\xe1\xc3\x37\xeb\xac\x1f\xdd\xf3\xe0\x92"
"\xf6\x21\xbc\x8f\xa8\xd4\xe0\x5a\xa6\xff\xda\x09\x50\x24\x0d\x8f"
"\x8f\xf4\x92\xfe\x49\x2a\x13\x52\xa6\x52\x75\x50\x8d\x3e\xe9\x6b"
"\x57";
uint8 expected_ts_credentials_signature[16] =
"\x01\x00\x00\x00\xb3\x2c\x3b\xa1\x36\xf6\x55\x71\x01\x00\x00\x00";
public_key.data = public_key_data;
public_key.length = sizeof(public_key_data);
ntlmssp = ntlmssp_client_new();
memcpy(ntlmssp->client_signing_key, client_signing_key, 16);
memcpy(ntlmssp->client_sealing_key, client_sealing_key, 16);
ntlmssp_init_rc4_seal_states(ntlmssp);
ntlmssp_encrypt_message(ntlmssp, &public_key, &encrypted_public_key, public_key_signature);
p = (uint8*) encrypted_public_key.data;
encrypted_public_key_good = 1;
for (i = 0; i < encrypted_public_key.length; i++)
{
if (p[i] != expected_encrypted_public_key[i])
encrypted_public_key_good = 0;
}
CU_ASSERT(encrypted_public_key_good == 1);
public_key_signature_good = 1;
for (i = 0; i < 16; i++)
{
if (public_key_signature[i] != expected_public_key_signature[i])
public_key_signature_good = 0;
}
CU_ASSERT(public_key_signature_good == 1);
ts_credentials.data = ts_credentials_data;
ts_credentials.length = sizeof(ts_credentials_data);
ntlmssp_encrypt_message(ntlmssp, &ts_credentials, &encrypted_ts_credentials, ts_credentials_signature);
p = (uint8*) encrypted_ts_credentials.data;
encrypted_ts_credentials_good = 1;
for (i = 0; i < encrypted_ts_credentials.length; i++)
{
if (p[i] != expected_encrypted_ts_credentials[i])
encrypted_ts_credentials_good = 0;
}
CU_ASSERT(encrypted_ts_credentials_good == 1);
ts_credentials_signature_good = 1;
for (i = 0; i < 16; i++)
{
if (ts_credentials_signature[i] != expected_ts_credentials_signature[i])
ts_credentials_signature_good = 0;
}
CU_ASSERT(ts_credentials_signature_good == 1);
}
