libfreerdp-core: generation of licensing keys

2011-07-12 15:10:43 -04:00 · 2011-07-12 15:10:43 -04:00 · 0d2b3c0ca5
commit 0d2b3c0ca5
parent 30db2dc429
4 changed files with 112 additions and 8 deletions
--- a/libfreerdp-core/license.c
+++ b/libfreerdp-core/license.c
@ -146,9 +146,20 @@ void license_recv(rdpLicense* license, STREAM* s)

 void license_generate_keys(rdpLicense* license)
 {
-	/* FIXME: generate real keys, not null keys */
+	crypto_nonce(license->client_random, CLIENT_RANDOM_LENGTH); /* ClientRandom */
+	crypto_nonce(license->premaster_secret, PREMASTER_SECRET_LENGTH); /* PremasterSecret */

-	memset(license->client_random, 0, 32);
+	security_master_secret(license->premaster_secret, license->client_random,
+			license->server_random, license->master_secret); /* MasterSecret */
+
+	security_session_key_blob(license->master_secret, license->client_random,
+			license->server_random, license->session_key_blob); /* SessionKeyBlob */
+
+	security_mac_salt_key(license->session_key_blob, license->client_random,
+			license->server_random, license->mac_salt_key); /* MacSaltKey */
+
+	security_licensing_encryption_key(license->session_key_blob, license->client_random,
+			license->server_random, license->licensing_encryption_key); /* LicensingEncryptionKey */

 	license->encrypted_pre_master_secret->length = 72;
 	license->encrypted_pre_master_secret->data = (uint8*) xzalloc(72);
@ -164,12 +175,12 @@ void license_generate_hwid(rdpLicense* license)
 	CryptoMd5 md5;
 	uint8* mac_address;

-	memset(license->hwid, 0, 20);
+	memset(license->hwid, 0, HWID_LENGTH);
 	mac_address = license->rdp->transport->tcp->mac_address;

 	md5 = crypto_md5_init();
 	crypto_md5_update(md5, mac_address, 6);
-	crypto_md5_final(md5, &license->hwid[4]);
+	crypto_md5_final(md5, &license->hwid[HWID_PLATFORM_ID_LENGTH]);
 }

 /**
--- a/libfreerdp-core/license.h
+++ b/libfreerdp-core/license.h
@ -46,6 +46,18 @@ typedef struct rdp_license rdpLicense;
 #define LICENSE_PREAMBLE_LENGTH		4
 #define LICENSE_PACKET_HEADER_LENGTH	(RDP_PACKET_HEADER_LENGTH + RDP_SECURITY_HEADER_LENGTH + LICENSE_PREAMBLE_LENGTH)

+/* Cryptographic Lengths */
+#define CLIENT_RANDOM_LENGTH			32
+#define SERVER_RANDOM_LENGTH			32
+#define MASTER_SECRET_LENGTH			48
+#define PREMASTER_SECRET_LENGTH			48
+#define SESSION_KEY_BLOB_LENGTH			48
+#define MAC_SALT_KEY_LENGTH			16
+#define LICENSING_ENCRYPTION_KEY_LENGTH		16
+#define HWID_PLATFORM_ID_LENGTH			4
+#define HWID_UNIQUE_DATA_LENGTH			16
+#define HWID_LENGTH				20
+
 /* Licensing Preamble Flags */
 #define PREAMBLE_VERSION_2_0			0x02
 #define PREAMBLE_VERSION_3_0			0x03
@ -91,10 +103,15 @@ typedef struct

 struct rdp_license
 {
-	uint8 hwid[20];
 	struct rdp_rdp* rdp;
-	uint8 client_random[32];
-	uint8 server_random[32];
+	uint8 hwid[HWID_LENGTH];
+	uint8 client_random[CLIENT_RANDOM_LENGTH];
+	uint8 server_random[SERVER_RANDOM_LENGTH];
+	uint8 master_secret[MASTER_SECRET_LENGTH];
+	uint8 premaster_secret[PREMASTER_SECRET_LENGTH];
+	uint8 session_key_blob[SESSION_KEY_BLOB_LENGTH];
+	uint8 mac_salt_key[MAC_SALT_KEY_LENGTH];
+	uint8 licensing_encryption_key[LICENSING_ENCRYPTION_KEY_LENGTH];
 	PRODUCT_INFO* product_info;
 	LICENSE_BLOB* key_exchange_list;
 	LICENSE_BLOB* server_certificate;
--- a/libfreerdp-core/security.c
+++ b/libfreerdp-core/security.c
@ -19,4 +19,73 @@

 #include "security.h"

+void security_salted_hash(uint8* salt, uint8* input, int length, uint8* client_random, uint8* server_random, uint8* output)
+{
+	CryptoMd5 md5;
+	CryptoSha1 sha1;
+	uint8 sha1_digest[20];
+
+	/* SaltedHash(Salt, Input) = MD5(S + SHA1(Input + Salt + ClientRandom + ServerRandom)) */
+
+	/* SHA1_Digest = SHA1(Input + Salt + ClientRandom + ServerRandom) */
+	sha1 = crypto_sha1_init();
+	crypto_sha1_update(sha1, input, length); /* Input */
+	crypto_sha1_update(sha1, salt, 48); /* Salt */
+	crypto_sha1_update(sha1, client_random, 32); /* ClientRandom */
+	crypto_sha1_update(sha1, server_random, 32); /* ServerRandom */
+	crypto_sha1_final(sha1, sha1_digest);
+
+	/* SaltedHash(S, I) = MD5(S + SHA1_Digest) */
+	md5 = crypto_md5_init();
+	crypto_md5_update(md5, salt, 48); /* Salt */
+	crypto_md5_update(md5, sha1_digest, 20); /* SHA1_Digest */
+	crypto_md5_final(md5, output);
+}
+
+void security_premaster_hash(uint8* input, int length, uint8* premaster_secret, uint8* client_random, uint8* server_random, uint8* output)
+{
+	/* PremasterHash(Input) = SaltedHash(PremasterSecret, Input) */
+	security_salted_hash(premaster_secret, input, length, client_random, server_random, output);
+}
+
+void security_master_secret(uint8* premaster_secret, uint8* client_random, uint8* server_random, uint8* output)
+{
+	/* MasterSecret = PremasterHash('A') + PremasterHash('BB') + PremasterHash('CCC') */
+	security_premaster_hash("A", 1, premaster_secret, client_random, server_random, &output[0]);
+	security_premaster_hash("BB", 2, premaster_secret, client_random, server_random, &output[16]);
+	security_premaster_hash("CCC", 3, premaster_secret, client_random, server_random, &output[32]);
+}
+
+void security_master_hash(uint8* input, int length, uint8* master_secret, uint8* client_random, uint8* server_random, uint8* output)
+{
+	/* MasterHash(Input) = SaltedHash(MasterSecret, Input) */
+	security_salted_hash(master_secret, input, length, client_random, server_random, output);
+}
+
+void security_session_key_blob(uint8* master_secret, uint8* client_random, uint8* server_random, uint8* output)
+{
+	/* MasterHash = MasterHash('A') + MasterHash('BB') + MasterHash('CCC') */
+	security_master_hash("A", 1, master_secret, client_random, server_random, &output[0]);
+	security_master_hash("BB", 2, master_secret, client_random, server_random, &output[16]);
+	security_master_hash("CCC", 3, master_secret, client_random, server_random, &output[32]);
+}
+
+void security_mac_salt_key(uint8* session_key_blob, uint8* client_random, uint8* server_random, uint8* output)
+{
+	/* MacSaltKey = First128Bits(SessionKeyBlob) */
+	memcpy(output, session_key_blob, 16);
+}
+
+void security_licensing_encryption_key(uint8* session_key_blob, uint8* client_random, uint8* server_random, uint8* output)
+{
+	CryptoMd5 md5;
+
+	/* LicensingEncryptionKey = MD5(Second128Bits(SessionKeyBlob) + ClientRandom + ServerRandom)) */
+
+	md5 = crypto_md5_init();
+	crypto_md5_update(md5, &session_key_blob[16], 16); /* Second128Bits(SessionKeyBlob) */
+	crypto_md5_update(md5, client_random, 32); /* ClientRandom */
+	crypto_md5_update(md5, server_random, 32); /* ServerRandom */
+	crypto_md5_final(md5, output);
+}

--- a/libfreerdp-core/security.h
+++ b/libfreerdp-core/security.h
@ -21,10 +21,17 @@
 #define __SECURITY_H

 #include "rdp.h"
+#include "crypto.h"

 #include <freerdp/freerdp.h>
 #include <freerdp/utils/stream.h>

-
+void security_salted_hash(uint8* salt, uint8* input, int length, uint8* client_random, uint8* server_random, uint8* output);
+void security_premaster_hash(uint8* input, int length, uint8* premaster_secret, uint8* client_random, uint8* server_random, uint8* output);
+void security_master_secret(uint8* premaster_secret, uint8* client_random, uint8* server_random, uint8* output);
+void security_master_hash(uint8* input, int length, uint8* master_secret, uint8* client_random, uint8* server_random, uint8* output);
+void security_session_key_blob(uint8* master_secret, uint8* client_random, uint8* server_random, uint8* output);
+void security_mac_salt_key(uint8* session_key_blob, uint8* client_random, uint8* server_random, uint8* output);
+void security_licensing_encryption_key(uint8* session_key_blob, uint8* client_random, uint8* server_random, uint8* output);

 #endif /* __SECURITY_H */