BOOL tpkt_verify_header(STREAM* s)
{
BYTE version;
stream_peek_BYTE(s, version);
if (version == 3)
return TRUE;
else
return FALSE;
}
BOOL nego_read_request(rdpNego* nego, STREAM* s)
{
BYTE li;
BYTE c;
BYTE type;
tpkt_read_header(s);
if(!tpdu_read_connection_request(s, &li))
return FALSE;
if (li != stream_get_left(s) + 6)
{
printf("Incorrect TPDU length indicator.\n");
return FALSE;
}
if (stream_get_left(s) > 8)
{
/* Optional routingToken or cookie, ending with CR+LF */
while (stream_get_left(s) > 0)
{
stream_read_BYTE(s, c);
if (c != '\x0D')
continue;
stream_peek_BYTE(s, c);
if (c != '\x0A')
continue;
stream_seek_BYTE(s);
break;
}
}
if (stream_get_left(s) >= 8)
{
/* rdpNegData (optional) */
stream_read_BYTE(s, type); /* Type */
if (type != TYPE_RDP_NEG_REQ)
{
printf("Incorrect negotiation request type %d\n", type);
return FALSE;
}
nego_process_negotiation_request(nego, s);
}
return TRUE;
}
UINT16 tpkt_read_header(wStream* s)
{
BYTE version;
UINT16 length;
stream_peek_BYTE(s, version);
if (version == 3)
{
stream_seek(s, 2);
stream_read_UINT16_be(s, length);
}
else
{
/* not a TPKT header */
length = 0;
}
return length;
}
static void rdpdr_send_device_list_announce_request(rdpdrPlugin* rdpdr, BOOL user_loggedon)
{
int i;
int pos;
BYTE c;
UINT32 count;
int data_len;
int count_pos;
STREAM* data_out;
DEVICE* device;
LIST_ITEM* item;
data_out = stream_new(256);
stream_write_UINT16(data_out, RDPDR_CTYP_CORE);
stream_write_UINT16(data_out, PAKID_CORE_DEVICELIST_ANNOUNCE);
count_pos = stream_get_pos(data_out);
count = 0;
stream_seek_UINT32(data_out); /* deviceCount */
for (item = rdpdr->devman->devices->head; item; item = item->next)
{
device = (DEVICE*) item->data;
/**
* 1. versionMinor 0x0005 doesn't send PAKID_CORE_USER_LOGGEDON
* so all devices should be sent regardless of user_loggedon
* 2. smartcard devices should be always sent
* 3. other devices are sent only after user_loggedon
*/
if ((rdpdr->versionMinor == 0x0005) ||
(device->type == RDPDR_DTYP_SMARTCARD) || user_loggedon)
{
data_len = (device->data == NULL ? 0 : stream_get_length(device->data));
stream_check_size(data_out, 20 + data_len);
stream_write_UINT32(data_out, device->type); /* deviceType */
stream_write_UINT32(data_out, device->id); /* deviceID */
strncpy((char*) stream_get_tail(data_out), device->name, 8);
for (i = 0; i < 8; i++)
{
stream_peek_BYTE(data_out, c);
if (c > 0x7F)
stream_write_BYTE(data_out, '_');
else
stream_seek_BYTE(data_out);
}
stream_write_UINT32(data_out, data_len);
if (data_len > 0)
stream_write(data_out, stream_get_data(device->data), data_len);
count++;
printf("registered device #%d: %s (type=%d id=%d)\n",
count, device->name, device->type, device->id);
}
}
pos = stream_get_pos(data_out);
stream_set_pos(data_out, count_pos);
stream_write_UINT32(data_out, count);
stream_set_pos(data_out, pos);
stream_seal(data_out);
svc_plugin_send((rdpSvcPlugin*) rdpdr, data_out);
}
BOOL certificate_read_x509_certificate(rdpCertBlob* cert, rdpCertInfo* info)
{
wStream* s;
int length;
BYTE padding;
UINT32 version;
int modulus_length;
int exponent_length;
int error = 0;
s = stream_new(0);
stream_attach(s, cert->data, cert->length);
info->Modulus = 0;
if(!ber_read_sequence_tag(s, &length)) /* Certificate (SEQUENCE) */
goto error1;
error++;
if(!ber_read_sequence_tag(s, &length)) /* TBSCertificate (SEQUENCE) */
goto error1;
error++;
if(!ber_read_contextual_tag(s, 0, &length, TRUE)) /* Explicit Contextual Tag [0] */
goto error1;
error++;
if(!ber_read_integer(s, &version)) /* version (INTEGER) */
goto error1;
error++;
version++;
/* serialNumber */
if(!ber_read_integer(s, NULL)) /* CertificateSerialNumber (INTEGER) */
goto error1;
error++;
/* signature */
if(!ber_read_sequence_tag(s, &length) || !stream_skip(s, length)) /* AlgorithmIdentifier (SEQUENCE) */
goto error1;
error++;
/* issuer */
if(!ber_read_sequence_tag(s, &length) || !stream_skip(s, length)) /* Name (SEQUENCE) */
goto error1;
error++;
/* validity */
if(!ber_read_sequence_tag(s, &length) || !stream_skip(s, length)) /* Validity (SEQUENCE) */
goto error1;
error++;
/* subject */
if(!ber_read_sequence_tag(s, &length) || !stream_skip(s, length)) /* Name (SEQUENCE) */
goto error1;
error++;
/* subjectPublicKeyInfo */
if(!ber_read_sequence_tag(s, &length)) /* SubjectPublicKeyInfo (SEQUENCE) */
goto error1;
error++;
/* subjectPublicKeyInfo::AlgorithmIdentifier */
if(!ber_read_sequence_tag(s, &length) || !stream_skip(s, length)) /* AlgorithmIdentifier (SEQUENCE) */
goto error1;
error++;
/* subjectPublicKeyInfo::subjectPublicKey */
if(!ber_read_bit_string(s, &length, &padding)) /* BIT_STRING */
goto error1;
error++;
/* RSAPublicKey (SEQUENCE) */
if(!ber_read_sequence_tag(s, &length)) /* SEQUENCE */
goto error1;
error++;
if(!ber_read_integer_length(s, &modulus_length)) /* modulus (INTEGER) */
goto error1;
error++;
/* skip zero padding, if any */
do
{
if(stream_get_left(s) < 1)
goto error1;
stream_peek_BYTE(s, padding);
if (padding == 0)
{
if(!stream_skip(s, 1))
goto error1;
modulus_length--;
}
}
while (padding == 0);
error++;
if(stream_get_left(s) < modulus_length)
goto error1;
info->ModulusLength = modulus_length;
info->Modulus = (BYTE*) malloc(info->ModulusLength);
stream_read(s, info->Modulus, info->ModulusLength);
error++;
if(!ber_read_integer_length(s, &exponent_length)) /* publicExponent (INTEGER) */
goto error2;
error++;
if(stream_get_left(s) < exponent_length || exponent_length > 4)
goto error2;
stream_read(s, &info->exponent[4 - exponent_length], exponent_length);
crypto_reverse(info->Modulus, info->ModulusLength);
crypto_reverse(info->exponent, 4);
stream_detach(s);
stream_free(s);
return TRUE;
error2:
free(info->Modulus);
info->Modulus = 0;
error1:
fprintf(stderr, "error reading when reading certificate: part=%s error=%d\n", certificate_read_errors[error], error);
stream_detach(s);
stream_free(s);
return FALSE;
}
void certificate_read_x509_certificate(rdpCertBlob* cert, rdpCertInfo* info)
{
STREAM* s;
int length;
BYTE padding;
UINT32 version;
int modulus_length;
int exponent_length;
s = stream_new(0);
stream_attach(s, cert->data, cert->length);
ber_read_sequence_tag(s, &length); /* Certificate (SEQUENCE) */
ber_read_sequence_tag(s, &length); /* TBSCertificate (SEQUENCE) */
/* Explicit Contextual Tag [0] */
ber_read_contextual_tag(s, 0, &length, TRUE);
ber_read_integer(s, &version); /* version (INTEGER) */
version++;
/* serialNumber */
ber_read_integer(s, NULL); /* CertificateSerialNumber (INTEGER) */
/* signature */
ber_read_sequence_tag(s, &length); /* AlgorithmIdentifier (SEQUENCE) */
stream_seek(s, length);
/* issuer */
ber_read_sequence_tag(s, &length); /* Name (SEQUENCE) */
stream_seek(s, length);
/* validity */
ber_read_sequence_tag(s, &length); /* Validity (SEQUENCE) */
stream_seek(s, length);
/* subject */
ber_read_sequence_tag(s, &length); /* Name (SEQUENCE) */
stream_seek(s, length);
/* subjectPublicKeyInfo */
ber_read_sequence_tag(s, &length); /* SubjectPublicKeyInfo (SEQUENCE) */
/* subjectPublicKeyInfo::AlgorithmIdentifier */
ber_read_sequence_tag(s, &length); /* AlgorithmIdentifier (SEQUENCE) */
stream_seek(s, length);
/* subjectPublicKeyInfo::subjectPublicKey */
ber_read_bit_string(s, &length, &padding); /* BIT_STRING */
/* RSAPublicKey (SEQUENCE) */
ber_read_sequence_tag(s, &length); /* SEQUENCE */
ber_read_integer_length(s, &modulus_length); /* modulus (INTEGER) */
/* skip zero padding, if any */
do
{
stream_peek_BYTE(s, padding);
if (padding == 0)
{
stream_seek(s, 1);
modulus_length--;
}
}
while (padding == 0);
info->ModulusLength = modulus_length;
info->Modulus = (BYTE*) malloc(info->ModulusLength);
stream_read(s, info->Modulus, info->ModulusLength);
ber_read_integer_length(s, &exponent_length); /* publicExponent (INTEGER) */
stream_read(s, &info->exponent[4 - exponent_length], exponent_length);
crypto_reverse(info->Modulus, info->ModulusLength);
crypto_reverse(info->exponent, 4);
stream_detach(s);
stream_free(s);
}
