Merge branch 'master' of github.com:FreeRDP/FreeRDP

This commit is contained in:
Marc-André Moreau 2015-10-13 11:09:43 -04:00
commit 1b7e36a20f
49 changed files with 2533 additions and 314 deletions

View File

@ -287,13 +287,13 @@ if(WIN32)
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -D_CRT_SECURE_NO_WARNINGS")
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWIN32_LEAN_AND_MEAN")
# Set product and vendor for dll and exe version information.
set(RC_VERSION_VENDOR ${VENDOR})
set(RC_VERSION_PRODUCT ${PRODUCT})
set(RC_VERSION_PATCH ${BUILD_NUMBER})
set(RC_VERSION_DESCRIPTION ${GIT_REVISION})
# Set product and vendor for dll and exe version information.
set(RC_VERSION_VENDOR ${VENDOR})
set(RC_VERSION_PRODUCT ${PRODUCT})
set(RC_VERSION_PATCH ${BUILD_NUMBER})
set(RC_VERSION_DESCRIPTION ${GIT_REVISION})
string(TIMESTAMP RC_VERSION_YEAR "%Y")
string(TIMESTAMP RC_VERSION_YEAR "%Y")
if(NOT DEFINED CMAKE_WINDOWS_VERSION)
set(CMAKE_WINDOWS_VERSION "WINXP")
@ -494,6 +494,10 @@ set(OPENSSL_FEATURE_TYPE "REQUIRED")
set(OPENSSL_FEATURE_PURPOSE "cryptography")
set(OPENSSL_FEATURE_DESCRIPTION "encryption, certificate validation, hashing functions")
set(MBEDTLS_FEATURE_TYPE "OPTIONAL")
set(MBEDTLS_FEATURE_PURPOSE "cryptography")
set(MBEDTLS_FEATURE_DESCRIPTION "encryption, certificate validation, hashing functions")
set(OPENSLES_FEATURE_TYPE "OPTIONAL")
set(OPENSLES_FEATURE_PURPOSE "multimedia")
set(OPENSLES_FEATURE_DESCRIPTION "OpenSLES audio / video")
@ -610,6 +614,7 @@ endif()
find_feature(ZLIB ${ZLIB_FEATURE_TYPE} ${ZLIB_FEATURE_PURPOSE} ${ZLIB_FEATURE_DESCRIPTION})
find_feature(OpenSSL ${OPENSSL_FEATURE_TYPE} ${OPENSSL_FEATURE_PURPOSE} ${OPENSSL_FEATURE_DESCRIPTION})
find_feature(MbedTLS ${MBEDTLS_FEATURE_TYPE} ${MBEDTLS_FEATURE_PURPOSE} ${MBEDTLS_FEATURE_DESCRIPTION})
find_feature(OpenSLES ${OPENSLES_FEATURE_TYPE} ${OPENSLES_FEATURE_PURPOSE} ${OPENSLES_FEATURE_DESCRIPTION})
find_feature(OSS ${OSS_FEATURE_TYPE} ${OSS_FEATURE_PURPOSE} ${OSS_FEATURE_DESCRIPTION})
@ -636,6 +641,14 @@ if(TARGET_ARCH MATCHES "x86|x64")
endif()
endif()
if(OPENSSL_FOUND)
add_definitions("-DWITH_OPENSSL")
endif()
if(MBEDTLS_FOUND)
add_definitions("-DWITH_MBEDTLS")
endif()
if (TARGET_ARCH MATCHES "sparc")
set(HAVE_ALIGNED_REQUIRED 1)
endif()

View File

@ -306,20 +306,11 @@ UINT cliprdr_process_format_data_response(cliprdrPlugin* cliprdr, wStream* s, UI
formatDataResponse.requestedFormatData = NULL;
if (dataLen)
{
formatDataResponse.requestedFormatData = (BYTE*) malloc(dataLen);
if (!formatDataResponse.requestedFormatData)
{
WLog_ERR(TAG, "malloc failed!");
return CHANNEL_RC_NO_MEMORY;
}
Stream_Read(s, formatDataResponse.requestedFormatData, dataLen);
}
formatDataResponse.requestedFormatData = (BYTE*) Stream_Pointer(s);
IFCALLRET(context->ServerFormatDataResponse, error, context, &formatDataResponse);
if (error)
WLog_ERR(TAG, "ServerFormatDataResponse failed with error %lu!", error);
free(formatDataResponse.requestedFormatData);
return error;
}

View File

@ -782,6 +782,8 @@ void rdpsnd_server_context_free(RdpsndServerContext* context)
free(context->client_formats);
free(context->priv);
free(context);
}

View File

@ -888,10 +888,7 @@ static LONG smartcard_StatusA_Call(SMARTCARD_DEVICE* smartcard, SMARTCARD_OPERAT
LPSTR mszReaderNames = NULL;
IRP* irp = operation->irp;
if (call->cbAtrLen > 32)
call->cbAtrLen = 32;
ret.cbAtrLen = call->cbAtrLen;
ret.cbAtrLen = 32;
ZeroMemory(ret.pbAtr, 32);
cchReaderLen = SCARD_AUTOALLOCATE;
@ -941,10 +938,7 @@ static LONG smartcard_StatusW_Call(SMARTCARD_DEVICE* smartcard, SMARTCARD_OPERAT
LPWSTR mszReaderNames = NULL;
IRP* irp = operation->irp;
if (call->cbAtrLen > 32)
call->cbAtrLen = 32;
ret.cbAtrLen = call->cbAtrLen;
ret.cbAtrLen = 32;
ZeroMemory(ret.pbAtr, 32);
cchReaderLen = SCARD_AUTOALLOCATE;

View File

@ -61,6 +61,9 @@
#define AV_CODEC_ID_AC3 CODEC_ID_AC3
#endif
#if LIBAVUTIL_VERSION_MAJOR < 52
#define AV_PIX_FMT_YUV420P PIX_FMT_YUV420P
#endif
typedef struct _TSMFFFmpegDecoder
{
@ -102,7 +105,11 @@ static BOOL tsmf_ffmpeg_init_video_stream(ITSMFDecoder* decoder, const TS_AM_MED
mdecoder->codec_context->bit_rate = media_type->BitRate;
mdecoder->codec_context->time_base.den = media_type->SamplesPerSecond.Numerator;
mdecoder->codec_context->time_base.num = media_type->SamplesPerSecond.Denominator;
#if LIBAVCODEC_VERSION_MAJOR < 55
mdecoder->frame = avcodec_alloc_frame();
#else
mdecoder->frame = av_frame_alloc();
#endif
return TRUE;
}
@ -328,7 +335,11 @@ static BOOL tsmf_ffmpeg_decode_video(ITSMFDecoder* decoder, const BYTE *data, UI
if (!mdecoder->decoded_data)
return FALSE;
#if LIBAVCODEC_VERSION_MAJOR < 55
frame = avcodec_alloc_frame();
#else
frame = av_frame_alloc();
#endif
avpicture_fill((AVPicture*) frame, mdecoder->decoded_data,
mdecoder->codec_context->pix_fmt,
mdecoder->codec_context->width, mdecoder->codec_context->height);
@ -400,7 +411,11 @@ static BOOL tsmf_ffmpeg_decode_audio(ITSMFDecoder* decoder, const BYTE *data, UI
(int16_t *) dst, &frame_size, src, src_size);
#else
{
#if LIBAVCODEC_VERSION_MAJOR < 55
AVFrame *decoded_frame = avcodec_alloc_frame();
#else
AVFrame *decoded_frame = av_frame_alloc();
#endif
int got_frame = 0;
AVPacket pkt;
av_init_packet(&pkt);
@ -480,7 +495,7 @@ static UINT32 tsmf_ffmpeg_get_decoded_format(ITSMFDecoder* decoder)
switch (mdecoder->codec_context->pix_fmt)
{
case PIX_FMT_YUV420P:
case AV_PIX_FMT_YUV420P:
return RDP_PIXFMT_I420;
default:
WLog_ERR(TAG, "unsupported pixel format %u",

View File

@ -381,6 +381,10 @@ int xf_keyboard_execute_action_script(xfContext* xfc, XF_MODIFIER_KEYS* mod, Key
}
keyStr = XKeysymToString(keysym);
if (keyStr == 0)
{
return 1;
}
if (mod->Shift)
strcat(combination, "Shift+");

View File

@ -574,7 +574,6 @@ void xf_SetWindowStyle(xfContext* xfc, xfAppWindow* appWindow, UINT32 style, UIN
void xf_SetWindowText(xfContext* xfc, xfAppWindow* appWindow, char* name)
{
XStoreName(xfc->display, appWindow->handle, name);
const size_t i = strlen(name);
XStoreName(xfc->display, appWindow->handle, name);
@ -703,6 +702,8 @@ int xf_AppWindowInit(xfContext* xfc, xfAppWindow* appWindow)
/* Move doesn't seem to work until window is mapped. */
xf_MoveWindow(xfc, appWindow, appWindow->x, appWindow->y, appWindow->width, appWindow->height);
xf_SetWindowText(xfc, appWindow, appWindow->title);
return 1;
}
@ -905,6 +906,7 @@ void xf_SetWindowRects(xfContext* xfc, xfAppWindow* appWindow, RECTANGLE_16* rec
if (nrects < 1)
return;
#ifdef WITH_XEXT
xrects = (XRectangle*) calloc(nrects, sizeof(XRectangle));
for (i = 0; i < nrects; i++)
@ -915,11 +917,10 @@ void xf_SetWindowRects(xfContext* xfc, xfAppWindow* appWindow, RECTANGLE_16* rec
xrects[i].height = rects[i].bottom - rects[i].top;
}
#ifdef WITH_XEXT
XShapeCombineRectangles(xfc->display, appWindow->handle, ShapeBounding, 0, 0, xrects, nrects, ShapeSet, 0);
free(xrects);
#endif
free(xrects);
}
void xf_SetWindowVisibilityRects(xfContext* xfc, xfAppWindow* appWindow, RECTANGLE_16* rects, int nrects)
@ -930,6 +931,7 @@ void xf_SetWindowVisibilityRects(xfContext* xfc, xfAppWindow* appWindow, RECTANG
if (nrects < 1)
return;
#ifdef WITH_XEXT
xrects = (XRectangle*) calloc(nrects, sizeof(XRectangle));
for (i = 0; i < nrects; i++)
@ -940,11 +942,10 @@ void xf_SetWindowVisibilityRects(xfContext* xfc, xfAppWindow* appWindow, RECTANG
xrects[i].height = rects[i].bottom - rects[i].top;
}
#ifdef WITH_XEXT
XShapeCombineRectangles(xfc->display, appWindow->handle, ShapeBounding, 0, 0, xrects, nrects, ShapeSet, 0);
free(xrects);
#endif
free(xrects);
}
void xf_UpdateWindowArea(xfContext* xfc, xfAppWindow* appWindow, int x, int y, int width, int height)

38
cmake/FindMbedTLS.cmake Normal file
View File

@ -0,0 +1,38 @@
find_path(MBEDTLS_INCLUDE_DIR
NAMES mbedtls/ssl.h
PATH_SUFFIXES include
HINTS ${MBEDTLS_ROOT})
find_library(MBEDTLS_LIBRARY
NAMES mbedtls
PATH_SUFFIXES lib
HINTS ${MBEDTLS_ROOT})
find_library(MBEDCRYPTO_LIBRARY
NAMES mbedcrypto
PATH_SUFFIXES lib
HINTS ${MBEDTLS_ROOT})
find_library(MBEDX509_LIBRARY
NAMES mbedx509
PATH_SUFFIXES lib
HINTS ${MBEDTLS_ROOT})
if(MBEDTLS_INCLUDE_DIR AND MBEDTLS_LIBRARY)
set(MBEDTLS_FOUND TRUE)
set(MBEDTLS_LIBRARIES ${MBEDTLS_LIBRARY} ${MBEDCRYPTO_LIBRARY} ${MBEDX509_LIBRARY})
endif()
if(MBEDTLS_FOUND)
if(NOT MBEDTLS_FIND_QUIETLY)
message(STATUS "Found mbed TLS: ${MBEDTLS_LIBRARIES}")
endif()
else()
if(MBEDTLS_FIND_REQUIRED)
message(FATAL_ERROR "mbed TLS was not found")
endif()
endif()
mark_as_advanced(MBEDTLS_INCLUDE_DIR MBEDTLS_LIBRARY)

View File

@ -529,7 +529,7 @@ BOOL region16_union_rect(REGION16 *dst, const REGION16 *src, const RECTANGLE_16
dstRect->top = rect->top;
dstRect->left = rect->left;
dstRect->right = rect->right;
dstRect->bottom = srcExtents->top;
dstRect->bottom = MIN(srcExtents->top, rect->bottom);
usedRects++;
dstRect++;

View File

@ -689,6 +689,68 @@ out:
return retCode;
}
static int test_norbert2_case() {
REGION16 region;
int retCode = -1;
const RECTANGLE_16 *rects;
int nbRects = 0;
int i;
RECTANGLE_16 rect1 = { 464, 696, 476, 709 };
RECTANGLE_16 rect2 = { 0, 0, 1024, 32 };
region16_init(&region);
if (!region16_union_rect(&region, &region, &rect1)) {
fprintf(stderr, "%s: Error 1 - region16_union_rect failed\n", __FUNCTION__);
goto out;
}
if (!(rects = region16_rects(&region, &nbRects))) {
fprintf(stderr, "%s: Error 2 - region16_rects failed\n", __FUNCTION__);
goto out;
}
if (nbRects != 1) {
fprintf(stderr, "%s: Error 3 - expected nbRects == 1 but got %d\n", __FUNCTION__, nbRects);
goto out;
}
if (!compareRectangles(&rects[0], &rect1, 1)) {
fprintf(stderr, "%s: Error 4 - compare failed\n", __FUNCTION__);
goto out;
}
if (!region16_union_rect(&region, &region, &rect2)) {
fprintf(stderr, "%s: Error 5 - region16_union_rect failed\n", __FUNCTION__);
goto out;
}
if (!(rects = region16_rects(&region, &nbRects))) {
fprintf(stderr, "%s: Error 6 - region16_rects failed\n", __FUNCTION__);
goto out;
}
if (nbRects != 2) {
fprintf(stderr, "%s: Error 7 - expected nbRects == 2 but got %d\n", __FUNCTION__, nbRects);
goto out;
}
if (!compareRectangles(&rects[0], &rect2, 1)) {
fprintf(stderr, "%s: Error 8 - compare failed\n", __FUNCTION__);
goto out;
}
if (!compareRectangles(&rects[1], &rect1, 1)) {
fprintf(stderr, "%s: Error 9 - compare failed\n", __FUNCTION__);
goto out;
}
retCode = 0;
out:
region16_uninit(&region);
return retCode;
}
static int test_empty_rectangle() {
REGION16 region, intersection;
int retCode = -1;
@ -765,7 +827,8 @@ struct UnitaryTest tests[] = {
{"data from weston", test_from_weston},
{"R1 & R3", test_r1_inter_r3},
{"(R1+R3)&R11 (band merge)",test_r1_r3_inter_r11},
{"norbert case", test_norbert_case},
{"norbert's case", test_norbert_case},
{"norbert's case 2", test_norbert2_case},
{"empty rectangle case", test_empty_rectangle},
{NULL, NULL}

View File

@ -33,6 +33,7 @@
#include <freerdp/crypto/tls.h>
#include <winpr/crt.h>
#include <winpr/sam.h>
#include <winpr/sspi.h>
#include <winpr/print.h>
#include <winpr/tchar.h>
@ -144,6 +145,8 @@ int nla_client_init(rdpNla* nla)
BOOL PromptPassword = FALSE;
freerdp* instance = nla->instance;
rdpSettings* settings = nla->settings;
WINPR_SAM* sam;
WINPR_SAM_ENTRY* entry;
nla->state = NLA_STATE_INITIAL;
@ -151,11 +154,33 @@ int nla_client_init(rdpNla* nla)
settings->DisableCredentialsDelegation = TRUE;
if ((!settings->Password) || (!settings->Username)
|| (!strlen(settings->Password)) || (!strlen(settings->Username)))
|| (!strlen(settings->Username)))
{
PromptPassword = TRUE;
}
if (PromptPassword && settings->Username && strlen(settings->Username))
{
sam = SamOpen(TRUE);
if (sam)
{
entry = SamLookupUserA(sam, settings->Username, strlen(settings->Username), NULL, 0);
if (entry)
{
/**
* The user could be found in SAM database.
* Use entry in SAM database later instead of prompt
*/
PromptPassword = FALSE;
SamFreeEntry(sam, entry);
}
SamClose(sam);
}
}
#ifndef _WIN32
if (PromptPassword)
{

View File

@ -359,8 +359,11 @@ BOOL rdp_recv_server_redirection_pdu(rdpRdp* rdp, wStream* s)
}
}
if (!Stream_SafeSeek(s, 8)) /* pad (8 bytes) */
return -1;
if (Stream_GetRemainingLength(s) >= 8)
{
/* some versions of windows don't included this padding before closing the connection */
Stream_Seek(s, 8); /* pad (8 bytes) */
}
if (redirection->flags & LB_NOREDIRECT)
return 0;

View File

@ -983,7 +983,6 @@ HANDLE WINAPI FreeRDP_WTSVirtualChannelOpen(HANDLE hServer, DWORD SessionId, LPS
goto error_receiveData;
}
channel->queue = MessageQueue_New(NULL);
channel->queue = MessageQueue_New(NULL);
if (!channel->queue)
goto error_queue;

View File

@ -746,7 +746,6 @@ int transport_check_fds(rdpTransport* transport)
int status;
int recv_status;
wStream* received;
HANDLE event;
if (!transport)
return -1;

View File

@ -33,6 +33,11 @@ freerdp_include_directory_add(${ZLIB_INCLUDE_DIRS})
freerdp_library_add(${OPENSSL_LIBRARIES})
if(MBEDTLS_FOUND)
freerdp_include_directory_add(${MBEDTLS_INCLUDE_DIR})
freerdp_library_add(${MBEDTLS_LIBRARIES})
endif()
if(WIN32)
freerdp_library_add(ws2_32)
else()

View File

@ -710,7 +710,14 @@ rdtkFont* rdtk_embedded_font_new(rdtkEngine* engine, BYTE* imageData, int imageS
void rdtk_font_free(rdtkFont* font)
{
free(font);
if (font)
{
free(font->family);
free(font->style);
winpr_image_free(font->image, TRUE);
free(font->glyphs);
free(font);
}
}
int rdtk_font_engine_init(rdtkEngine* engine)

View File

@ -239,7 +239,7 @@ BOOL shadow_client_post_connect(freerdp_peer* peer)
if (settings->Username && settings->Password)
settings->AutoLogonEnabled = TRUE;
if (settings->AutoLogonEnabled && server->authentication)
if (server->authentication)
{
if (subsystem->Authenticate)
{

View File

@ -625,6 +625,7 @@ int shadow_server_init(rdpShadowServer* server)
if (status >= 0)
return status;
shadow_subsystem_free(server->subsystem);
fail_subsystem_new:
freerdp_listener_free(server->listener);
server->listener = NULL;
@ -651,34 +652,34 @@ fail_client_array:
int shadow_server_uninit(rdpShadowServer* server)
{
if (!server)
return -1;
shadow_server_stop(server);
if (server->listener)
{
freerdp_listener_free(server->listener);
server->listener = NULL;
}
if (server->CertificateFile)
{
free(server->CertificateFile);
server->CertificateFile = NULL;
}
if (server->PrivateKeyFile)
{
free(server->PrivateKeyFile);
server->PrivateKeyFile = NULL;
}
if (server->ipcSocket)
{
free(server->ipcSocket);
server->ipcSocket = NULL;
}
shadow_subsystem_uninit(server->subsystem);
shadow_subsystem_free(server->subsystem);
freerdp_listener_free(server->listener);
server->listener = NULL;
free(server->CertificateFile);
server->CertificateFile = NULL;
free(server->PrivateKeyFile);
server->PrivateKeyFile = NULL;
free(server->ConfigPath);
server->ConfigPath = NULL;
DeleteCriticalSection(&(server->lock));
CloseHandle(server->StopEvent);
server->StopEvent = NULL;
ArrayList_Free(server->clients);
server->clients = NULL;
return 1;
}
@ -705,15 +706,8 @@ void shadow_server_free(rdpShadowServer* server)
if (!server)
return;
DeleteCriticalSection(&(server->lock));
if (server->clients)
{
ArrayList_Free(server->clients);
server->clients = NULL;
}
shadow_subsystem_free(server->subsystem);
free(server->ipcSocket);
server->ipcSocket = NULL;
free(server);
}

View File

@ -28,6 +28,7 @@ endif()
# Include cmake modules
include(CheckIncludeFiles)
include(CheckLibraryExists)
include(CheckSymbolExists)
include(CheckStructHasMember)
include(FindPkgConfig)
include(TestBigEndian)
@ -40,6 +41,8 @@ include(CheckCmakeCompat)
include(FindFeature)
include(AutoVersioning)
include(ConfigOptions)
include(ComplexLibrary)
include(FeatureSummary)
include(CheckCCompilerFlag)
include(GNUInstallDirsWrapper)
include(CMakePackageConfigHelpers)
@ -50,7 +53,80 @@ set(WINPR_VERSION_MINOR "1")
set(WINPR_VERSION_REVISION "0")
set(WINPR_VERSION "${WINPR_VERSION_MAJOR}.${WINPR_VERSION_MINOR}")
set(WINPR_VERSION_FULL "${WINPR_VERSION}.${WINPR_VERSION_REVISION}")
set(WINPR_VERSION_FULL ${WINPR_VERSION_FULL} PARENT_SCOPE)
if(FREERDP_BUILD)
set(WINPR_VERSION_FULL ${WINPR_VERSION_FULL} PARENT_SCOPE)
else()
set(CMAKE_THREAD_PREFER_PTHREAD TRUE)
if(NOT IOS AND NOT ANDROID)
find_package(Threads REQUIRED)
endif()
# Include files
if(NOT IOS)
check_include_files(fcntl.h HAVE_FCNTL_H)
check_include_files(unistd.h HAVE_UNISTD_H)
check_include_files(execinfo.h HAVE_EXECINFO_H)
check_include_files(stdint.h HAVE_STDINT_H)
check_include_files(inttypes.h HAVE_INTTYPES_H)
check_include_files(sys/modem.h HAVE_SYS_MODEM_H)
check_include_files(sys/filio.h HAVE_SYS_FILIO_H)
check_include_files(sys/sockio.h HAVE_SYS_SOCKIO_H)
check_include_files(sys/strtio.h HAVE_SYS_STRTIO_H)
check_include_files(sys/select.h HAVE_SYS_SELECT_H)
else()
set(HAVE_FCNTL_H 1)
set(HAVE_UNISTD_H 1)
set(HAVE_STDINT_H 1)
set(HAVE_INTTYPES_H 1)
set(HAVE_SYS_FILIO_H 1)
endif()
if(NOT IOS)
check_struct_has_member("struct tm" tm_gmtoff time.h HAVE_TM_GMTOFF)
else()
set(HAVE_TM_GMTOFF 1)
endif()
if(NOT WIN32)
check_library_exists(pthread pthread_mutex_timedlock "" HAVE_PTHREAD_MUTEX_TIMEDLOCK)
endif()
set(OPENSSL_FEATURE_TYPE "OPTIONAL")
set(OPENSSL_FEATURE_PURPOSE "cryptography")
set(OPENSSL_FEATURE_DESCRIPTION "encryption, certificate validation, hashing functions")
set(MBEDTLS_FEATURE_TYPE "OPTIONAL")
set(MBEDTLS_FEATURE_PURPOSE "cryptography")
set(MBEDTLS_FEATURE_DESCRIPTION "encryption, certificate validation, hashing functions")
find_feature(OpenSSL ${OPENSSL_FEATURE_TYPE} ${OPENSSL_FEATURE_PURPOSE} ${OPENSSL_FEATURE_DESCRIPTION})
find_feature(MbedTLS ${MBEDTLS_FEATURE_TYPE} ${MBEDTLS_FEATURE_PURPOSE} ${MBEDTLS_FEATURE_DESCRIPTION})
if(OPENSSL_FOUND)
add_definitions("-DWITH_OPENSSL")
endif()
if(MBEDTLS_FOUND)
add_definitions("-DWITH_MBEDTLS")
endif()
# Include directories
include_directories(${CMAKE_CURRENT_BINARY_DIR})
# Configure files
add_definitions("-DHAVE_CONFIG_H")
configure_file(${CMAKE_CURRENT_SOURCE_DIR}/../config.h.in ${CMAKE_CURRENT_BINARY_DIR}/config.h)
enable_testing()
if(MSVC)
set(TESTING_OUTPUT_DIRECTORY "${CMAKE_BINARY_DIR}")
else()
set(TESTING_OUTPUT_DIRECTORY "${CMAKE_BINARY_DIR}/Testing")
endif()
endif()
# Default to release build type
if(NOT CMAKE_BUILD_TYPE)

View File

@ -610,5 +610,423 @@ BOOL CryptBinaryToStringA(CONST BYTE* pbBinary, DWORD cbBinary, DWORD dwFlags, L
#define CALG_ECDSA (ALG_CLASS_SIGNATURE | ALG_TYPE_DSS | ALG_SID_ECDSA)
#endif
#endif /* WINPR_CRYPTO_H */
/**
* Custom Crypto API Abstraction Layer
*/
/**
* MD5 hashing
*/
struct _OPENSSL_MD5_CTX
{
UINT32 A, B, C, D;
UINT32 Nl, Nh;
UINT32 data[16];
UINT32 num;
};
typedef struct _OPENSSL_MD5_CTX OPENSSL_MD5_CTX;
struct _MBEDTLS_MD5_CTX
{
UINT32 total[2];
UINT32 state[4];
BYTE buffer[64];
};
typedef struct _MBEDTLS_MD5_CTX MBEDTLS_MD5_CTX;
union _WINPR_MD5_CTX
{
OPENSSL_MD5_CTX openssl;
MBEDTLS_MD5_CTX mbedtls;
};
typedef union _WINPR_MD5_CTX WINPR_MD5_CTX;
#ifdef __cplusplus
extern "C" {
#endif
WINPR_API void winpr_MD5_Init(WINPR_MD5_CTX* ctx);
WINPR_API void winpr_MD5_Update(WINPR_MD5_CTX* ctx, const BYTE* input, size_t ilen);
WINPR_API void winpr_MD5_Final(WINPR_MD5_CTX* ctx, BYTE* output);
WINPR_API void winpr_MD5(const BYTE* input, size_t ilen, BYTE* output);
#ifdef __cplusplus
}
#endif
/**
* MD4 hashing
*/
struct _OPENSSL_MD4_CTX
{
UINT32 A, B, C, D;
UINT32 Nl, Nh;
UINT32 data[16];
UINT32 num;
};
typedef struct _OPENSSL_MD4_CTX OPENSSL_MD4_CTX;
struct _MBEDTLS_MD4_CTX
{
UINT32 total[2];
UINT32 state[4];
BYTE buffer[64];
};
typedef struct _MBEDTLS_MD4_CTX MBEDTLS_MD4_CTX;
union _WINPR_MD4_CTX
{
OPENSSL_MD4_CTX openssl;
MBEDTLS_MD4_CTX mbedtls;
};
typedef union _WINPR_MD4_CTX WINPR_MD4_CTX;
#ifdef __cplusplus
extern "C" {
#endif
WINPR_API void winpr_MD4_Init(WINPR_MD4_CTX* ctx);
WINPR_API void winpr_MD4_Update(WINPR_MD4_CTX* ctx, const BYTE* input, size_t ilen);
WINPR_API void winpr_MD4_Final(WINPR_MD4_CTX* ctx, BYTE* output);
WINPR_API void winpr_MD4(const BYTE* input, size_t ilen, BYTE* output);
#ifdef __cplusplus
}
#endif
/**
* SHA1 Hashing
*/
struct _OPENSSL_SHA1_CTX
{
UINT32 h0, h1, h2, h3, h4;
UINT32 Nl, Nh;
UINT32 data[16];
UINT32 num;
};
typedef struct _OPENSSL_SHA1_CTX OPENSSL_SHA1_CTX;
struct _MBEDTLS_SHA1_CTX
{
UINT32 total[2];
UINT32 state[5];
BYTE buffer[64];
};
typedef struct _MBEDTLS_SHA1_CTX MBEDTLS_SHA1_CTX;
union _WINPR_SHA1_CTX
{
OPENSSL_SHA1_CTX openssl;
MBEDTLS_SHA1_CTX mbedtls;
};
typedef union _WINPR_SHA1_CTX WINPR_SHA1_CTX;
#ifdef __cplusplus
extern "C" {
#endif
WINPR_API void winpr_SHA1_Init(WINPR_SHA1_CTX* ctx);
WINPR_API void winpr_SHA1_Update(WINPR_SHA1_CTX* ctx, const BYTE* input, size_t ilen);
WINPR_API void winpr_SHA1_Final(WINPR_SHA1_CTX* ctx, BYTE* output);
WINPR_API void winpr_SHA1(const BYTE* input, size_t ilen, BYTE* output);
#ifdef __cplusplus
}
#endif
/**
* HMAC
*/
#define WINPR_MD_NONE 0
#define WINPR_MD_MD2 1
#define WINPR_MD_MD4 2
#define WINPR_MD_MD5 3
#define WINPR_MD_SHA1 4
#define WINPR_MD_SHA224 5
#define WINPR_MD_SHA256 6
#define WINPR_MD_SHA384 7
#define WINPR_MD_SHA512 8
#define WINPR_MD_RIPEMD160 9
struct _OPENSSL_EVP_MD_CTX
{
const void* digest;
void* engine;
unsigned long flags;
void* md_data;
void* pctx;
void* update;
};
typedef struct _OPENSSL_EVP_MD_CTX OPENSSL_EVP_MD_CTX;
struct _OPENSSL_HMAC_CTX
{
const void* md;
OPENSSL_EVP_MD_CTX md_ctx;
OPENSSL_EVP_MD_CTX i_ctx;
OPENSSL_EVP_MD_CTX o_ctx;
unsigned int key_length;
unsigned char key[128];
};
typedef struct _OPENSSL_HMAC_CTX OPENSSL_HMAC_CTX;
struct _MBEDTLS_HMAC_CTX
{
const void* md_info;
void* md_ctx;
void* hmac_ctx;
};
typedef struct _MBEDTLS_HMAC_CTX MBEDTLS_HMAC_CTX;
union _WINPR_HMAC_CTX
{
OPENSSL_HMAC_CTX openssl;
MBEDTLS_HMAC_CTX mbedtls;
};
typedef union _WINPR_HMAC_CTX WINPR_HMAC_CTX;
#ifdef __cplusplus
extern "C" {
#endif
WINPR_API int winpr_HMAC_Init(WINPR_HMAC_CTX* ctx, int md, const BYTE* key, size_t keylen);
WINPR_API int winpr_HMAC_Update(WINPR_HMAC_CTX* ctx, const BYTE* input, size_t ilen);
WINPR_API int winpr_HMAC_Final(WINPR_HMAC_CTX* ctx, BYTE* output);
WINPR_API int winpr_HMAC(int md, const BYTE* key, size_t keylen, const BYTE* input, size_t ilen, BYTE* output);
#ifdef __cplusplus
}
#endif
/**
* Generic Digest API
*/
struct _OPENSSL_DIGEST_CTX
{
const void* digest;
void* engine;
unsigned long flags;
void* md_data;
void* pctx;
void* update;
BYTE winpr_pad[8];
};
typedef struct _OPENSSL_DIGEST_CTX OPENSSL_DIGEST_CTX;
struct _MBEDTLS_DIGEST_CTX
{
const void* md_info;
void* md_ctx;
void* hmac_ctx;
BYTE winpr_pad[8];
};
typedef struct _MBEDTLS_DIGEST_CTX MBEDTLS_DIGEST_CTX;
union _WINPR_DIGEST_CTX
{
OPENSSL_DIGEST_CTX openssl;
MBEDTLS_DIGEST_CTX mbedtls;
};
typedef union _WINPR_DIGEST_CTX WINPR_DIGEST_CTX;
#ifdef __cplusplus
extern "C" {
#endif
WINPR_API int winpr_Digest_Init(WINPR_DIGEST_CTX* ctx, int md);
WINPR_API int winpr_Digest_Update(WINPR_DIGEST_CTX* ctx, const BYTE* input, size_t ilen);
WINPR_API int winpr_Digest_Final(WINPR_DIGEST_CTX* ctx, BYTE* output);
WINPR_API int winpr_Digest(int md, const BYTE* input, size_t ilen, BYTE* output);
#ifdef __cplusplus
}
#endif
/**
* Random Number Generation
*/
#ifdef __cplusplus
extern "C" {
#endif
WINPR_API int winpr_RAND(BYTE* output, size_t len);
WINPR_API int winpr_RAND_pseudo(BYTE* output, size_t len);
#ifdef __cplusplus
}
#endif
/**
* RC4
*/
struct _OPENSSL_RC4_CTX
{
int x, y;
int data[256];
};
typedef struct _OPENSSL_RC4_CTX OPENSSL_RC4_CTX;
struct _MBEDTLS_RC4_CTX
{
int x;
int y;
BYTE m[256];
};
typedef struct _MBEDTLS_RC4_CTX MBEDTLS_RC4_CTX;
union _WINPR_RC4_CTX
{
OPENSSL_RC4_CTX openssl;
MBEDTLS_RC4_CTX mbedtls;
};
typedef union _WINPR_RC4_CTX WINPR_RC4_CTX;
#ifdef __cplusplus
extern "C" {
#endif
WINPR_API void winpr_RC4_Init(WINPR_RC4_CTX* ctx, const BYTE* key, size_t keylen);
WINPR_API int winpr_RC4_Update(WINPR_RC4_CTX* ctx, size_t length, const BYTE* input, BYTE* output);
WINPR_API void winpr_RC4_Final(WINPR_RC4_CTX* ctx);
#ifdef __cplusplus
}
#endif
/**
* Generic Cipher API
*/
/* cipher operation types */
#define WINPR_ENCRYPT 0
#define WINPR_DECRYPT 1
/* cipher types */
#define WINPR_CIPHER_NONE 0
#define WINPR_CIPHER_NULL 1
#define WINPR_CIPHER_AES_128_ECB 2
#define WINPR_CIPHER_AES_192_ECB 3
#define WINPR_CIPHER_AES_256_ECB 4
#define WINPR_CIPHER_AES_128_CBC 5
#define WINPR_CIPHER_AES_192_CBC 6
#define WINPR_CIPHER_AES_256_CBC 7
#define WINPR_CIPHER_AES_128_CFB128 8
#define WINPR_CIPHER_AES_192_CFB128 9
#define WINPR_CIPHER_AES_256_CFB128 10
#define WINPR_CIPHER_AES_128_CTR 11
#define WINPR_CIPHER_AES_192_CTR 12
#define WINPR_CIPHER_AES_256_CTR 13
#define WINPR_CIPHER_AES_128_GCM 14
#define WINPR_CIPHER_AES_192_GCM 15
#define WINPR_CIPHER_AES_256_GCM 16
#define WINPR_CIPHER_CAMELLIA_128_ECB 17
#define WINPR_CIPHER_CAMELLIA_192_ECB 18
#define WINPR_CIPHER_CAMELLIA_256_ECB 19
#define WINPR_CIPHER_CAMELLIA_128_CBC 20
#define WINPR_CIPHER_CAMELLIA_192_CBC 21
#define WINPR_CIPHER_CAMELLIA_256_CBC 22
#define WINPR_CIPHER_CAMELLIA_128_CFB128 23
#define WINPR_CIPHER_CAMELLIA_192_CFB128 24
#define WINPR_CIPHER_CAMELLIA_256_CFB128 25
#define WINPR_CIPHER_CAMELLIA_128_CTR 26
#define WINPR_CIPHER_CAMELLIA_192_CTR 27
#define WINPR_CIPHER_CAMELLIA_256_CTR 28
#define WINPR_CIPHER_CAMELLIA_128_GCM 29
#define WINPR_CIPHER_CAMELLIA_192_GCM 30
#define WINPR_CIPHER_CAMELLIA_256_GCM 31
#define WINPR_CIPHER_DES_ECB 32
#define WINPR_CIPHER_DES_CBC 33
#define WINPR_CIPHER_DES_EDE_ECB 34
#define WINPR_CIPHER_DES_EDE_CBC 35
#define WINPR_CIPHER_DES_EDE3_ECB 36
#define WINPR_CIPHER_DES_EDE3_CBC 37
#define WINPR_CIPHER_BLOWFISH_ECB 38
#define WINPR_CIPHER_BLOWFISH_CBC 39
#define WINPR_CIPHER_BLOWFISH_CFB64 40
#define WINPR_CIPHER_BLOWFISH_CTR 41
#define WINPR_CIPHER_ARC4_128 42
#define WINPR_CIPHER_AES_128_CCM 43
#define WINPR_CIPHER_AES_192_CCM 44
#define WINPR_CIPHER_AES_256_CCM 45
#define WINPR_CIPHER_CAMELLIA_128_CCM 46
#define WINPR_CIPHER_CAMELLIA_192_CCM 47
#define WINPR_CIPHER_CAMELLIA_256_CCM 48
struct _OPENSSL_CIPHER_CTX
{
const void* cipher;
void* engine;
int encrypt;
int buf_len;
BYTE oiv[16];
BYTE iv[16];
BYTE buf[32];
int num;
void* app_data;
int key_len;
unsigned long flags;
void* cipher_data;
int final_used;
int block_mask;
BYTE final[32];
BYTE winpr_pad[32];
};
typedef struct _OPENSSL_CIPHER_CTX OPENSSL_CIPHER_CTX;
struct _MBEDTLS_CIPHER_CTX
{
const void* cipher_info;
int key_bitlen;
int operation;
void* add_padding;
int* get_padding;
BYTE unprocessed_data[16];
size_t unprocessed_len;
BYTE iv[16];
size_t iv_size;
void* cipher_ctx;
BYTE winpr_pad[32];
};
typedef struct _MBEDTLS_CIPHER_CTX MBEDTLS_CIPHER_CTX;
union _WINPR_CIPHER_CTX
{
OPENSSL_CIPHER_CTX openssl;
MBEDTLS_CIPHER_CTX mbedtls;
};
typedef union _WINPR_CIPHER_CTX WINPR_CIPHER_CTX;
#ifdef __cplusplus
extern "C" {
#endif
WINPR_API int winpr_Cipher_Init(WINPR_CIPHER_CTX* ctx, int cipher, int op, const BYTE* key, const BYTE* iv);
WINPR_API int winpr_Cipher_Update(WINPR_CIPHER_CTX* ctx, const BYTE* input, size_t ilen, BYTE* output, size_t* olen);
WINPR_API int winpr_Cipher_Final(WINPR_CIPHER_CTX* ctx, BYTE* output, size_t* olen);
#ifdef __cplusplus
}
#endif
/**
* Key Generation
*/
#ifdef __cplusplus
extern "C" {
#endif
WINPR_API int winpr_openssl_BytesToKey(int cipher, int md, const BYTE* salt, const BYTE* data, int datal, int count, BYTE* key, BYTE* iv);
#ifdef __cplusplus
}
#endif
#endif /* WINPR_CRYPTO_H */

View File

@ -16,9 +16,12 @@
# limitations under the License.
winpr_module_add(
hash.c
rand.c
cipher.c
cert.c
crypto.c
crypto.h
cert.c)
crypto.h)
if(WIN32)
winpr_library_add(crypt32)

View File

@ -0,0 +1,700 @@
/**
* WinPR: Windows Portable Runtime
*
* Copyright 2015 Marc-Andre Moreau <marcandre.moreau@gmail.com>
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#ifdef HAVE_CONFIG_H
#include "config.h"
#endif
#include <winpr/crt.h>
#include <winpr/crypto.h>
#ifdef WITH_OPENSSL
#include <openssl/aes.h>
#include <openssl/rc4.h>
#include <openssl/des.h>
#include <openssl/evp.h>
#endif
#ifdef WITH_MBEDTLS
#include <mbedtls/md.h>
#include <mbedtls/aes.h>
#include <mbedtls/arc4.h>
#include <mbedtls/des.h>
#include <mbedtls/cipher.h>
#endif
/**
* RC4
*/
void winpr_RC4_Init(WINPR_RC4_CTX* ctx, const BYTE* key, size_t keylen)
{
#if defined(WITH_OPENSSL)
RC4_set_key((RC4_KEY*) ctx, keylen, key);
#elif defined(WITH_MBEDTLS) && defined(MBEDTLS_ARC4_C)
mbedtls_arc4_init((mbedtls_arc4_context*) ctx);
mbedtls_arc4_setup((mbedtls_arc4_context*) ctx, key, keylen);
#endif
}
int winpr_RC4_Update(WINPR_RC4_CTX* ctx, size_t length, const BYTE* input, BYTE* output)
{
#if defined(WITH_OPENSSL)
RC4((RC4_KEY*) ctx, length, input, output);
return 0;
#elif defined(WITH_MBEDTLS) && defined(MBEDTLS_ARC4_C)
return mbedtls_arc4_crypt((mbedtls_arc4_context*) ctx, length, input, output);
#endif
}
void winpr_RC4_Final(WINPR_RC4_CTX* ctx)
{
#if defined(WITH_OPENSSL)
#elif defined(WITH_MBEDTLS) && defined(MBEDTLS_ARC4_C)
mbedtls_arc4_free((mbedtls_arc4_context*) ctx);
#endif
}
/**
* Generic Cipher API
*/
#ifdef WITH_OPENSSL
extern const EVP_MD* winpr_openssl_get_evp_md(int md);
#endif
#ifdef WITH_MBEDTLS
extern mbedtls_md_type_t winpr_mbedtls_get_md_type(int md);
#endif
#if defined(WITH_OPENSSL)
const EVP_CIPHER* winpr_openssl_get_evp_cipher(int cipher)
{
const EVP_CIPHER* evp = NULL;
OpenSSL_add_all_ciphers();
switch (cipher)
{
case WINPR_CIPHER_NULL:
evp = EVP_enc_null();
break;
case WINPR_CIPHER_AES_128_ECB:
evp = EVP_get_cipherbyname("aes-128-ecb");
break;
case WINPR_CIPHER_AES_192_ECB:
evp = EVP_get_cipherbyname("aes-192-ecb");
break;
case WINPR_CIPHER_AES_256_ECB:
evp = EVP_get_cipherbyname("aes-256-ecb");
break;
case WINPR_CIPHER_AES_128_CBC:
evp = EVP_get_cipherbyname("aes-128-cbc");
break;
case WINPR_CIPHER_AES_192_CBC:
evp = EVP_get_cipherbyname("aes-192-cbc");
break;
case WINPR_CIPHER_AES_256_CBC:
evp = EVP_get_cipherbyname("aes-256-cbc");
break;
case WINPR_CIPHER_AES_128_CFB128:
evp = EVP_get_cipherbyname("aes-128-cfb128");
break;
case WINPR_CIPHER_AES_192_CFB128:
evp = EVP_get_cipherbyname("aes-192-cfb128");
break;
case WINPR_CIPHER_AES_256_CFB128:
evp = EVP_get_cipherbyname("aes-256-cfb128");
break;
case WINPR_CIPHER_AES_128_CTR:
evp = EVP_get_cipherbyname("aes-128-ctr");
break;
case WINPR_CIPHER_AES_192_CTR:
evp = EVP_get_cipherbyname("aes-192-ctr");
break;
case WINPR_CIPHER_AES_256_CTR:
evp = EVP_get_cipherbyname("aes-256-ctr");
break;
case WINPR_CIPHER_AES_128_GCM:
evp = EVP_get_cipherbyname("aes-128-gcm");
break;
case WINPR_CIPHER_AES_192_GCM:
evp = EVP_get_cipherbyname("aes-192-gcm");
break;
case WINPR_CIPHER_AES_256_GCM:
evp = EVP_get_cipherbyname("aes-256-gcm");
break;
case WINPR_CIPHER_AES_128_CCM:
evp = EVP_get_cipherbyname("aes-128-ccm");
break;
case WINPR_CIPHER_AES_192_CCM:
evp = EVP_get_cipherbyname("aes-192-ccm");
break;
case WINPR_CIPHER_AES_256_CCM:
evp = EVP_get_cipherbyname("aes-256-ccm");
break;
case WINPR_CIPHER_CAMELLIA_128_ECB:
evp = EVP_get_cipherbyname("camellia-128-ecb");
break;
case WINPR_CIPHER_CAMELLIA_192_ECB:
evp = EVP_get_cipherbyname("camellia-192-ecb");
break;
case WINPR_CIPHER_CAMELLIA_256_ECB:
evp = EVP_get_cipherbyname("camellia-256-ecb");
break;
case WINPR_CIPHER_CAMELLIA_128_CBC:
evp = EVP_get_cipherbyname("camellia-128-cbc");
break;
case WINPR_CIPHER_CAMELLIA_192_CBC:
evp = EVP_get_cipherbyname("camellia-192-cbc");
break;
case WINPR_CIPHER_CAMELLIA_256_CBC:
evp = EVP_get_cipherbyname("camellia-256-cbc");
break;
case WINPR_CIPHER_CAMELLIA_128_CFB128:
evp = EVP_get_cipherbyname("camellia-128-cfb128");
break;
case WINPR_CIPHER_CAMELLIA_192_CFB128:
evp = EVP_get_cipherbyname("camellia-192-cfb128");
break;
case WINPR_CIPHER_CAMELLIA_256_CFB128:
evp = EVP_get_cipherbyname("camellia-256-cfb128");
break;
case WINPR_CIPHER_CAMELLIA_128_CTR:
evp = EVP_get_cipherbyname("camellia-128-ctr");
break;
case WINPR_CIPHER_CAMELLIA_192_CTR:
evp = EVP_get_cipherbyname("camellia-192-ctr");
break;
case WINPR_CIPHER_CAMELLIA_256_CTR:
evp = EVP_get_cipherbyname("camellia-256-ctr");
break;
case WINPR_CIPHER_CAMELLIA_128_GCM:
evp = EVP_get_cipherbyname("camellia-128-gcm");
break;
case WINPR_CIPHER_CAMELLIA_192_GCM:
evp = EVP_get_cipherbyname("camellia-192-gcm");
break;
case WINPR_CIPHER_CAMELLIA_256_GCM:
evp = EVP_get_cipherbyname("camellia-256-gcm");
break;
case WINPR_CIPHER_CAMELLIA_128_CCM:
evp = EVP_get_cipherbyname("camellia-128-ccm");
break;
case WINPR_CIPHER_CAMELLIA_192_CCM:
evp = EVP_get_cipherbyname("camellia-192-gcm");
break;
case WINPR_CIPHER_CAMELLIA_256_CCM:
evp = EVP_get_cipherbyname("camellia-256-gcm");
break;
case WINPR_CIPHER_DES_ECB:
evp = EVP_get_cipherbyname("des-ecb");
break;
case WINPR_CIPHER_DES_CBC:
evp = EVP_get_cipherbyname("des-cbc");
break;
case WINPR_CIPHER_DES_EDE_ECB:
evp = EVP_get_cipherbyname("des-ede-ecb");
break;
case WINPR_CIPHER_DES_EDE_CBC:
evp = EVP_get_cipherbyname("des-ede-cbc");
break;
case WINPR_CIPHER_DES_EDE3_ECB:
evp = EVP_get_cipherbyname("des-ede3-ecb");
break;
case WINPR_CIPHER_DES_EDE3_CBC:
evp = EVP_get_cipherbyname("des-ede3-cbc");
break;
case WINPR_CIPHER_ARC4_128:
evp = EVP_get_cipherbyname("rc4");
break;
case WINPR_CIPHER_BLOWFISH_ECB:
evp = EVP_get_cipherbyname("blowfish-ecb");
break;
case WINPR_CIPHER_BLOWFISH_CBC:
evp = EVP_get_cipherbyname("blowfish-cbc");
break;
case WINPR_CIPHER_BLOWFISH_CFB64:
evp = EVP_get_cipherbyname("blowfish-cfb64");
break;
case WINPR_CIPHER_BLOWFISH_CTR:
evp = EVP_get_cipherbyname("blowfish-ctr");
break;
}
return evp;
}
#elif defined(WITH_MBEDTLS)
mbedtls_cipher_type_t winpr_mbedtls_get_cipher_type(int cipher)
{
mbedtls_cipher_type_t type = MBEDTLS_CIPHER_NONE;
switch (cipher)
{
case WINPR_CIPHER_NONE:
type = MBEDTLS_CIPHER_NONE;
break;
case WINPR_CIPHER_NULL:
type = MBEDTLS_CIPHER_NULL;
break;
case WINPR_CIPHER_AES_128_ECB:
type = MBEDTLS_CIPHER_AES_128_ECB;
break;
case WINPR_CIPHER_AES_192_ECB:
type = MBEDTLS_CIPHER_AES_192_ECB;
break;
case WINPR_CIPHER_AES_256_ECB:
type = MBEDTLS_CIPHER_AES_256_ECB;
break;
case WINPR_CIPHER_AES_128_CBC:
type = MBEDTLS_CIPHER_AES_128_CBC;
break;
case WINPR_CIPHER_AES_192_CBC:
type = MBEDTLS_CIPHER_AES_192_CBC;
break;
case WINPR_CIPHER_AES_256_CBC:
type = MBEDTLS_CIPHER_AES_256_CBC;
break;
case WINPR_CIPHER_AES_128_CFB128:
type = MBEDTLS_CIPHER_AES_128_CFB128;
break;
case WINPR_CIPHER_AES_192_CFB128:
type = MBEDTLS_CIPHER_AES_192_CFB128;
break;
case WINPR_CIPHER_AES_256_CFB128:
type = MBEDTLS_CIPHER_AES_256_CFB128;
break;
case WINPR_CIPHER_AES_128_CTR:
type = MBEDTLS_CIPHER_AES_128_CTR;
break;
case WINPR_CIPHER_AES_192_CTR:
type = MBEDTLS_CIPHER_AES_192_CTR;
break;
case WINPR_CIPHER_AES_256_CTR:
type = MBEDTLS_CIPHER_AES_256_CTR;
break;
case WINPR_CIPHER_AES_128_GCM:
type = MBEDTLS_CIPHER_AES_128_GCM;
break;
case WINPR_CIPHER_AES_192_GCM:
type = MBEDTLS_CIPHER_AES_192_GCM;
break;
case WINPR_CIPHER_AES_256_GCM:
type = MBEDTLS_CIPHER_AES_256_GCM;
break;
case WINPR_CIPHER_CAMELLIA_128_ECB:
type = MBEDTLS_CIPHER_CAMELLIA_128_ECB;
break;
case WINPR_CIPHER_CAMELLIA_192_ECB:
type = MBEDTLS_CIPHER_CAMELLIA_192_ECB;
break;
case WINPR_CIPHER_CAMELLIA_256_ECB:
type = MBEDTLS_CIPHER_CAMELLIA_256_ECB;
break;
case WINPR_CIPHER_CAMELLIA_128_CBC:
type = MBEDTLS_CIPHER_CAMELLIA_128_CBC;
break;
case WINPR_CIPHER_CAMELLIA_192_CBC:
type = MBEDTLS_CIPHER_CAMELLIA_192_CBC;
break;
case WINPR_CIPHER_CAMELLIA_256_CBC:
type = MBEDTLS_CIPHER_CAMELLIA_256_CBC;
break;
case WINPR_CIPHER_CAMELLIA_128_CFB128:
type = MBEDTLS_CIPHER_CAMELLIA_128_CFB128;
break;
case WINPR_CIPHER_CAMELLIA_192_CFB128:
type = MBEDTLS_CIPHER_CAMELLIA_192_CFB128;
break;
case WINPR_CIPHER_CAMELLIA_256_CFB128:
type = MBEDTLS_CIPHER_CAMELLIA_256_CFB128;
break;
case WINPR_CIPHER_CAMELLIA_128_CTR:
type = MBEDTLS_CIPHER_CAMELLIA_128_CTR;
break;
case WINPR_CIPHER_CAMELLIA_192_CTR:
type = MBEDTLS_CIPHER_CAMELLIA_192_CTR;
break;
case WINPR_CIPHER_CAMELLIA_256_CTR:
type = MBEDTLS_CIPHER_CAMELLIA_256_CTR;
break;
case WINPR_CIPHER_CAMELLIA_128_GCM:
type = MBEDTLS_CIPHER_CAMELLIA_128_GCM;
break;
case WINPR_CIPHER_CAMELLIA_192_GCM:
type = MBEDTLS_CIPHER_CAMELLIA_192_GCM;
break;
case WINPR_CIPHER_CAMELLIA_256_GCM:
type = MBEDTLS_CIPHER_CAMELLIA_256_GCM;
break;
case WINPR_CIPHER_DES_ECB:
type = MBEDTLS_CIPHER_DES_ECB;
break;
case WINPR_CIPHER_DES_CBC:
type = MBEDTLS_CIPHER_DES_CBC;
break;
case WINPR_CIPHER_DES_EDE_ECB:
type = MBEDTLS_CIPHER_DES_EDE_ECB;
break;
case WINPR_CIPHER_DES_EDE_CBC:
type = MBEDTLS_CIPHER_DES_EDE_CBC;
break;
case WINPR_CIPHER_DES_EDE3_ECB:
type = MBEDTLS_CIPHER_DES_EDE3_ECB;
break;
case WINPR_CIPHER_DES_EDE3_CBC:
type = MBEDTLS_CIPHER_DES_EDE3_CBC;
break;
case WINPR_CIPHER_BLOWFISH_ECB:
type = MBEDTLS_CIPHER_BLOWFISH_ECB;
break;
case WINPR_CIPHER_BLOWFISH_CBC:
type = MBEDTLS_CIPHER_BLOWFISH_CBC;
break;
case WINPR_CIPHER_BLOWFISH_CFB64:
type = MBEDTLS_CIPHER_BLOWFISH_CFB64;
break;
case WINPR_CIPHER_BLOWFISH_CTR:
type = MBEDTLS_CIPHER_BLOWFISH_CTR;
break;
case WINPR_CIPHER_ARC4_128:
type = MBEDTLS_CIPHER_ARC4_128;
break;
case WINPR_CIPHER_AES_128_CCM:
type = MBEDTLS_CIPHER_AES_128_CCM;
break;
case WINPR_CIPHER_AES_192_CCM:
type = MBEDTLS_CIPHER_AES_192_CCM;
break;
case WINPR_CIPHER_AES_256_CCM:
type = MBEDTLS_CIPHER_AES_256_CCM;
break;
case WINPR_CIPHER_CAMELLIA_128_CCM:
type = MBEDTLS_CIPHER_CAMELLIA_128_CCM;
break;
case WINPR_CIPHER_CAMELLIA_192_CCM:
type = MBEDTLS_CIPHER_CAMELLIA_192_CCM;
break;
case WINPR_CIPHER_CAMELLIA_256_CCM:
type = MBEDTLS_CIPHER_CAMELLIA_256_CCM;
break;
}
return type;
}
#endif
int winpr_Cipher_Init(WINPR_CIPHER_CTX* ctx, int cipher, int op, const BYTE* key, const BYTE* iv)
{
#if defined(WITH_OPENSSL)
int operation;
const EVP_CIPHER* evp;
evp = winpr_openssl_get_evp_cipher(cipher);
if (!evp)
return -1;
operation = (op == WINPR_ENCRYPT) ? 1 : 0;
EVP_CIPHER_CTX_init((EVP_CIPHER_CTX*) ctx);
if (EVP_CipherInit_ex((EVP_CIPHER_CTX*) ctx, evp, NULL, key, iv, operation) != 1)
return -1;
#elif defined(WITH_MBEDTLS)
int key_bitlen;
mbedtls_operation_t operation;
mbedtls_cipher_type_t cipher_type;
const mbedtls_cipher_info_t* cipher_info;
cipher_type = winpr_mbedtls_get_cipher_type(cipher);
cipher_info = mbedtls_cipher_info_from_type(cipher_type);
if (!cipher_info)
return -1;
operation = (op == WINPR_ENCRYPT) ? MBEDTLS_ENCRYPT : MBEDTLS_DECRYPT;
mbedtls_cipher_init((mbedtls_cipher_context_t*) ctx);
if (mbedtls_cipher_setup((mbedtls_cipher_context_t*) ctx, cipher_info) != 0)
return -1;
key_bitlen = mbedtls_cipher_get_key_bitlen((mbedtls_cipher_context_t*) ctx);
if (mbedtls_cipher_setkey((mbedtls_cipher_context_t*) ctx, key, key_bitlen, operation) != 0)
return -1;
#endif
return 0;
}
int winpr_Cipher_Update(WINPR_CIPHER_CTX* ctx, const BYTE* input, size_t ilen, BYTE* output, size_t* olen)
{
#if defined(WITH_OPENSSL)
int outl = (int) *olen;
if (EVP_CipherUpdate((EVP_CIPHER_CTX*) ctx, output, &outl, input, ilen) != 1)
return -1;
*olen = (size_t) outl;
#elif defined(WITH_MBEDTLS)
if (mbedtls_cipher_update((mbedtls_cipher_context_t*) ctx, input, ilen, output, olen) != 0)
return -1;
#endif
return 0;
}
int winpr_Cipher_Final(WINPR_CIPHER_CTX* ctx, BYTE* output, size_t* olen)
{
#if defined(WITH_OPENSSL)
int outl = (int) *olen;
if (EVP_CipherFinal_ex((EVP_CIPHER_CTX*) ctx, output, &outl) != 1)
return -1;
EVP_CIPHER_CTX_cleanup((EVP_CIPHER_CTX*) ctx);
*olen = (size_t) outl;
#elif defined(WITH_MBEDTLS)
if (mbedtls_cipher_finish((mbedtls_cipher_context_t*) ctx, output, olen) != 0)
return -1;
mbedtls_cipher_free((mbedtls_cipher_context_t*) ctx);
#endif
return 0;
}
/**
* Key Generation
*/
int winpr_openssl_BytesToKey(int cipher, int md, const BYTE* salt, const BYTE* data, int datal, int count, BYTE* key, BYTE* iv)
{
/**
* Key and IV generation compatible with OpenSSL EVP_BytesToKey():
* https://www.openssl.org/docs/manmaster/crypto/EVP_BytesToKey.html
*/
#if defined(WITH_OPENSSL)
const EVP_MD* evp_md;
const EVP_CIPHER* evp_cipher;
evp_md = winpr_openssl_get_evp_md(md);
evp_cipher = winpr_openssl_get_evp_cipher(cipher);
return EVP_BytesToKey(evp_cipher, evp_md, salt, data, datal, count, key, iv);
#elif defined(WITH_MBEDTLS)
int rv = 0;
BYTE md_buf[64];
int niv, nkey, addmd = 0;
unsigned int mds = 0, i;
mbedtls_md_context_t ctx;
const mbedtls_md_info_t* md_info;
mbedtls_cipher_type_t cipher_type;
const mbedtls_cipher_info_t* cipher_info;
mbedtls_md_type_t md_type = winpr_mbedtls_get_md_type(md);
md_info = mbedtls_md_info_from_type(md_type);
cipher_type = winpr_mbedtls_get_cipher_type(cipher);
cipher_info = mbedtls_cipher_info_from_type(cipher_type);
nkey = cipher_info->key_bitlen / 8;
niv = cipher_info->iv_size;
if ((nkey > 64) || (niv > 64))
return 0;
if (!data)
return nkey;
mbedtls_md_init(&ctx);
while (1)
{
if (mbedtls_md_setup(&ctx, md_info, 0) != 0)
return 0;
if (mbedtls_md_starts(&ctx) != 0)
return 0;
if (addmd++)
{
if (mbedtls_md_update(&ctx, md_buf, mds) != 0)
goto err;
}
if (mbedtls_md_update(&ctx, data, datal) != 0)
goto err;
if (salt)
{
if (mbedtls_md_update(&ctx, salt, 8) != 0)
goto err;
}
if (mbedtls_md_finish(&ctx, md_buf) != 0)
goto err;
mds = mbedtls_md_get_size(md_info);
for (i = 1; i < (unsigned int) count; i++)
{
if (mbedtls_md_starts(&ctx) != 0)
goto err;
if (mbedtls_md_update(&ctx, md_buf, mds) != 0)
goto err;
if (mbedtls_md_finish(&ctx, md_buf) != 0)
goto err;
}
i = 0;
if (nkey)
{
while (1)
{
if (nkey == 0)
break;
if (i == mds)
break;
if (key)
*(key++) = md_buf[i];
nkey--;
i++;
}
}
if (niv && (i != mds))
{
while (1)
{
if (niv == 0)
break;
if (i == mds)
break;
if (iv)
*(iv++) = md_buf[i];
niv--;
i++;
}
}
if ((nkey == 0) && (niv == 0))
break;
}
rv = cipher_info->key_bitlen / 8;
err:
mbedtls_md_free(&ctx);
SecureZeroMemory(md_buf, 64);
return rv;
#endif
return 0;
}

View File

@ -141,6 +141,7 @@
#include "crypto.h"
#include <winpr/crt.h>
#include <winpr/crypto.h>
#include <winpr/collections.h>
static wListDictionary* g_ProtectedMemoryBlocks = NULL;
@ -148,7 +149,8 @@ static wListDictionary* g_ProtectedMemoryBlocks = NULL;
BOOL CryptProtectMemory(LPVOID pData, DWORD cbData, DWORD dwFlags)
{
BYTE* pCipherText;
int cbOut, cbFinal;
size_t cbOut, cbFinal;
WINPR_CIPHER_CTX enc;
BYTE randomKey[256];
WINPR_PROTECTED_MEMORY_BLOCK* pMemBlock;
@ -158,11 +160,13 @@ BOOL CryptProtectMemory(LPVOID pData, DWORD cbData, DWORD dwFlags)
if (!g_ProtectedMemoryBlocks)
{
g_ProtectedMemoryBlocks = ListDictionary_New(TRUE);
if (!g_ProtectedMemoryBlocks)
return FALSE;
}
pMemBlock = (WINPR_PROTECTED_MEMORY_BLOCK*) calloc(1, sizeof(WINPR_PROTECTED_MEMORY_BLOCK));
if (!pMemBlock)
return FALSE;
@ -170,37 +174,26 @@ BOOL CryptProtectMemory(LPVOID pData, DWORD cbData, DWORD dwFlags)
pMemBlock->cbData = cbData;
pMemBlock->dwFlags = dwFlags;
/* AES Initialization */
winpr_RAND(pMemBlock->salt, 8);
winpr_RAND(randomKey, sizeof(randomKey));
RAND_bytes(pMemBlock->salt, 8);
RAND_bytes(randomKey, sizeof(randomKey));
EVP_BytesToKey(EVP_aes_256_cbc(), EVP_sha1(),
pMemBlock->salt,
randomKey, sizeof(randomKey),
4, pMemBlock->key, pMemBlock->iv);
winpr_openssl_BytesToKey(WINPR_CIPHER_AES_256_CBC, WINPR_MD_SHA1,
pMemBlock->salt, randomKey, sizeof(randomKey), 4, pMemBlock->key, pMemBlock->iv);
SecureZeroMemory(randomKey, sizeof(randomKey));
EVP_CIPHER_CTX_init(&(pMemBlock->enc));
EVP_EncryptInit_ex(&(pMemBlock->enc), EVP_aes_256_cbc(), NULL, pMemBlock->key, pMemBlock->iv);
EVP_CIPHER_CTX_init(&(pMemBlock->dec));
EVP_DecryptInit_ex(&(pMemBlock->dec), EVP_aes_256_cbc(), NULL, pMemBlock->key, pMemBlock->iv);
/* AES Encryption */
cbOut = pMemBlock->cbData + AES_BLOCK_SIZE - 1;
cbOut = pMemBlock->cbData + 16 - 1;
pCipherText = (BYTE*) malloc(cbOut);
if (!pCipherText)
{
free(pMemBlock);
return FALSE;
}
EVP_EncryptInit_ex(&(pMemBlock->enc), NULL, NULL, NULL, NULL);
EVP_EncryptUpdate(&(pMemBlock->enc), pCipherText, &cbOut, pMemBlock->pData, pMemBlock->cbData);
EVP_EncryptFinal_ex(&(pMemBlock->enc), pCipherText + cbOut, &cbFinal);
winpr_Cipher_Init(&enc, WINPR_CIPHER_AES_256_CBC, WINPR_ENCRYPT, pMemBlock->key, pMemBlock->iv);
winpr_Cipher_Update(&enc, pMemBlock->pData, pMemBlock->cbData, pCipherText, &cbOut);
winpr_Cipher_Final(&enc, pCipherText + cbOut, &cbFinal);
CopyMemory(pMemBlock->pData, pCipherText, pMemBlock->cbData);
free(pCipherText);
@ -211,7 +204,8 @@ BOOL CryptProtectMemory(LPVOID pData, DWORD cbData, DWORD dwFlags)
BOOL CryptUnprotectMemory(LPVOID pData, DWORD cbData, DWORD dwFlags)
{
BYTE* pPlainText;
int cbOut, cbFinal;
size_t cbOut, cbFinal;
WINPR_CIPHER_CTX dec;
WINPR_PROTECTED_MEMORY_BLOCK* pMemBlock;
if (dwFlags != CRYPTPROTECTMEMORY_SAME_PROCESS)
@ -225,16 +219,16 @@ BOOL CryptUnprotectMemory(LPVOID pData, DWORD cbData, DWORD dwFlags)
if (!pMemBlock)
return FALSE;
/* AES Decryption */
cbOut = pMemBlock->cbData + 16 - 1;
cbOut = pMemBlock->cbData + AES_BLOCK_SIZE - 1;
pPlainText = (BYTE*) malloc(cbOut);
if (!pPlainText)
return FALSE;
EVP_DecryptInit_ex(&(pMemBlock->dec), NULL, NULL, NULL, NULL);
EVP_DecryptUpdate(&(pMemBlock->dec), pPlainText, &cbOut, pMemBlock->pData, pMemBlock->cbData);
EVP_DecryptFinal_ex(&(pMemBlock->dec), pPlainText + cbOut, &cbFinal);
winpr_Cipher_Init(&dec, WINPR_CIPHER_AES_256_CBC, WINPR_DECRYPT, pMemBlock->key, pMemBlock->iv);
winpr_Cipher_Update(&dec, pMemBlock->pData, pMemBlock->cbData, pPlainText, &cbOut);
winpr_Cipher_Final(&dec, pPlainText + cbOut, &cbFinal);
CopyMemory(pMemBlock->pData, pPlainText, pMemBlock->cbData);
SecureZeroMemory(pPlainText, pMemBlock->cbData);
@ -242,11 +236,6 @@ BOOL CryptUnprotectMemory(LPVOID pData, DWORD cbData, DWORD dwFlags)
ListDictionary_Remove(g_ProtectedMemoryBlocks, pData);
/* AES Cleanup */
EVP_CIPHER_CTX_cleanup(&(pMemBlock->enc));
EVP_CIPHER_CTX_cleanup(&(pMemBlock->dec));
free(pMemBlock);
return TRUE;

View File

@ -22,17 +22,6 @@
#ifndef _WIN32
#include <openssl/evp.h>
#include <openssl/aes.h>
#include <openssl/rand.h>
struct _WINPR_CERTSTORE
{
LPCSTR lpszStoreProvider;
DWORD dwMsgAndCertEncodingType;
};
typedef struct _WINPR_CERTSTORE WINPR_CERTSTORE;
struct _WINPR_PROTECTED_MEMORY_BLOCK
{
BYTE* pData;
@ -41,11 +30,16 @@ struct _WINPR_PROTECTED_MEMORY_BLOCK
BYTE key[32];
BYTE iv[32];
BYTE salt[8];
EVP_CIPHER_CTX enc;
EVP_CIPHER_CTX dec;
};
typedef struct _WINPR_PROTECTED_MEMORY_BLOCK WINPR_PROTECTED_MEMORY_BLOCK;
struct _WINPR_CERTSTORE
{
LPCSTR lpszStoreProvider;
DWORD dwMsgAndCertEncodingType;
};
typedef struct _WINPR_CERTSTORE WINPR_CERTSTORE;
#endif
#endif /* WINPR_CRYPTO_PRIVATE_H */

View File

@ -0,0 +1,429 @@
/**
* WinPR: Windows Portable Runtime
*
* Copyright 2015 Marc-Andre Moreau <marcandre.moreau@gmail.com>
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#ifdef HAVE_CONFIG_H
#include "config.h"
#endif
#include <winpr/crt.h>
#include <winpr/crypto.h>
#ifdef WITH_OPENSSL
#include <openssl/md4.h>
#include <openssl/md5.h>
#include <openssl/sha.h>
#include <openssl/evp.h>
#include <openssl/hmac.h>
#endif
#ifdef WITH_MBEDTLS
#include <mbedtls/md4.h>
#include <mbedtls/md5.h>
#include <mbedtls/sha1.h>
#include <mbedtls/md.h>
#endif
/**
* MD5
*/
void winpr_MD5_Init(WINPR_MD5_CTX* ctx)
{
#if defined(WITH_OPENSSL)
MD5_Init((MD5_CTX*) ctx);
#elif defined(WITH_MBEDTLS) && defined(MBEDTLS_MD5_C)
mbedtls_md5_init((mbedtls_md5_context*) ctx);
mbedtls_md5_starts((mbedtls_md5_context*) ctx);
#endif
}
void winpr_MD5_Update(WINPR_MD5_CTX* ctx, const BYTE* input, size_t ilen)
{
#if defined(WITH_OPENSSL)
MD5_Update((MD5_CTX*) ctx, input, ilen);
#elif defined(WITH_MBEDTLS) && defined(MBEDTLS_MD5_C)
mbedtls_md5_update((mbedtls_md5_context*) ctx, input, ilen);
#endif
}
void winpr_MD5_Final(WINPR_MD5_CTX* ctx, BYTE* output)
{
#if defined(WITH_OPENSSL)
MD5_Final(output, (MD5_CTX*) ctx);
#elif defined(WITH_MBEDTLS) && defined(MBEDTLS_MD5_C)
mbedtls_md5_finish((mbedtls_md5_context*) ctx, output);
mbedtls_md5_free((mbedtls_md5_context*) ctx);
#endif
}
void winpr_MD5(const BYTE* input, size_t ilen, BYTE* output)
{
WINPR_MD5_CTX ctx;
winpr_MD5_Init(&ctx);
winpr_MD5_Update(&ctx, input, ilen);
winpr_MD5_Final(&ctx, output);
}
/**
* MD4
*/
void winpr_MD4_Init(WINPR_MD4_CTX* ctx)
{
#if defined(WITH_OPENSSL)
MD4_Init((MD4_CTX*) ctx);
#elif defined(WITH_MBEDTLS) && defined(MBEDTLS_MD4_C)
mbedtls_md4_init((mbedtls_md4_context*) ctx);
mbedtls_md4_starts((mbedtls_md4_context*) ctx);
#endif
}
void winpr_MD4_Update(WINPR_MD4_CTX* ctx, const BYTE* input, size_t ilen)
{
#if defined(WITH_OPENSSL)
MD4_Update((MD4_CTX*) ctx, input, ilen);
#elif defined(WITH_MBEDTLS) && defined(MBEDTLS_MD4_C)
mbedtls_md4_update((mbedtls_md4_context*) ctx, input, ilen);
#endif
}
void winpr_MD4_Final(WINPR_MD4_CTX* ctx, BYTE* output)
{
#if defined(WITH_OPENSSL)
MD4_Final(output, (MD4_CTX*) ctx);
#elif defined(WITH_MBEDTLS) && defined(MBEDTLS_MD4_C)
mbedtls_md4_finish((mbedtls_md4_context*) ctx, output);
mbedtls_md4_free((mbedtls_md4_context*) ctx);
#endif
}
void winpr_MD4(const BYTE* input, size_t ilen, BYTE* output)
{
WINPR_MD4_CTX ctx;
winpr_MD4_Init(&ctx);
winpr_MD4_Update(&ctx, input, ilen);
winpr_MD4_Final(&ctx, output);
}
/**
* SHA1
*/
void winpr_SHA1_Init(WINPR_SHA1_CTX* ctx)
{
#if defined(WITH_OPENSSL)
SHA1_Init((SHA_CTX*) ctx);
#elif defined(WITH_MBEDTLS) && defined(MBEDTLS_SHA1_C)
mbedtls_sha1_init((mbedtls_sha1_context*) ctx);
mbedtls_sha1_starts((mbedtls_sha1_context*) ctx);
#endif
}
void winpr_SHA1_Update(WINPR_SHA1_CTX* ctx, const BYTE* input, size_t ilen)
{
#if defined(WITH_OPENSSL)
SHA1_Update((SHA_CTX*) ctx, input, ilen);
#elif defined(WITH_MBEDTLS) && defined(MBEDTLS_SHA1_C)
mbedtls_sha1_update((mbedtls_sha1_context*) ctx, input, ilen);
#endif
}
void winpr_SHA1_Final(WINPR_SHA1_CTX* ctx, BYTE* output)
{
#if defined(WITH_OPENSSL)
SHA1_Final(output, (SHA_CTX*) ctx);
#elif defined(WITH_MBEDTLS) && defined(MBEDTLS_SHA1_C)
mbedtls_sha1_finish((mbedtls_sha1_context*) ctx, output);
mbedtls_sha1_free((mbedtls_sha1_context*) ctx);
#endif
}
void winpr_SHA1(const BYTE* input, size_t ilen, BYTE* output)
{
WINPR_SHA1_CTX ctx;
winpr_SHA1_Init(&ctx);
winpr_SHA1_Update(&ctx, input, ilen);
winpr_SHA1_Final(&ctx, output);
}
/**
* HMAC
*/
#ifdef WITH_OPENSSL
const EVP_MD* winpr_openssl_get_evp_md(int md)
{
const EVP_MD* evp = NULL;
OpenSSL_add_all_digests();
switch (md)
{
case WINPR_MD_MD2:
evp = EVP_get_digestbyname("md2");
break;
case WINPR_MD_MD4:
evp = EVP_get_digestbyname("md4");
break;
case WINPR_MD_MD5:
evp = EVP_get_digestbyname("md5");
break;
case WINPR_MD_SHA1:
evp = EVP_get_digestbyname("sha1");
break;
case WINPR_MD_SHA224:
evp = EVP_get_digestbyname("sha224");
break;
case WINPR_MD_SHA256:
evp = EVP_get_digestbyname("sha256");
break;
case WINPR_MD_SHA384:
evp = EVP_get_digestbyname("sha384");
break;
case WINPR_MD_SHA512:
evp = EVP_get_digestbyname("sha512");
break;
case WINPR_MD_RIPEMD160:
evp = EVP_get_digestbyname("ripemd160");
break;
}
return evp;
}
#endif
#ifdef WITH_MBEDTLS
mbedtls_md_type_t winpr_mbedtls_get_md_type(int md)
{
mbedtls_md_type_t type = MBEDTLS_MD_NONE;
switch (md)
{
case WINPR_MD_MD2:
type = MBEDTLS_MD_MD2;
break;
case WINPR_MD_MD4:
type = MBEDTLS_MD_MD4;
break;
case WINPR_MD_MD5:
type = MBEDTLS_MD_MD5;
break;
case WINPR_MD_SHA1:
type = MBEDTLS_MD_SHA1;
break;
case WINPR_MD_SHA224:
type = MBEDTLS_MD_SHA224;
break;
case WINPR_MD_SHA256:
type = MBEDTLS_MD_SHA256;
break;
case WINPR_MD_SHA384:
type = MBEDTLS_MD_SHA384;
break;
case WINPR_MD_SHA512:
type = MBEDTLS_MD_SHA512;
break;
case WINPR_MD_RIPEMD160:
type = MBEDTLS_MD_RIPEMD160;
break;
}
return type;
}
#endif
int winpr_HMAC_Init(WINPR_HMAC_CTX* ctx, int md, const BYTE* key, size_t keylen)
{
#if defined(WITH_OPENSSL)
const EVP_MD* evp = winpr_openssl_get_evp_md(md);
if (!evp)
return -1;
HMAC_CTX_init((HMAC_CTX*) ctx);
#if (OPENSSL_VERSION_NUMBER < 0x10000000L)
HMAC_Init_ex((HMAC_CTX*) ctx, key, keylen, evp, NULL);
#else
if (HMAC_Init_ex((HMAC_CTX*) ctx, key, keylen, evp, NULL) != 1)
return -1;
#endif
#elif defined(WITH_MBEDTLS)
const mbedtls_md_info_t* md_info;
mbedtls_md_type_t md_type = winpr_mbedtls_get_md_type(md);
md_info = mbedtls_md_info_from_type(md_type);
if (!md_info)
return -1;
mbedtls_md_init((mbedtls_md_context_t*) ctx);
if (mbedtls_md_setup((mbedtls_md_context_t*) ctx, md_info, 1) != 0)
return -1;
if (mbedtls_md_hmac_starts((mbedtls_md_context_t*) ctx, key, keylen) != 0)
return -1;
#endif
return 0;
}
int winpr_HMAC_Update(WINPR_HMAC_CTX* ctx, const BYTE* input, size_t ilen)
{
#if defined(WITH_OPENSSL)
#if (OPENSSL_VERSION_NUMBER < 0x10000000L)
HMAC_Update((HMAC_CTX*) ctx, input, ilen);
#else
if (HMAC_Update((HMAC_CTX*) ctx, input, ilen) != 1)
return -1;
#endif
#elif defined(WITH_MBEDTLS)
if (mbedtls_md_hmac_update((mbedtls_md_context_t*) ctx, input, ilen) != 0)
return -1;
#endif
return 0;
}
int winpr_HMAC_Final(WINPR_HMAC_CTX* ctx, BYTE* output)
{
#if defined(WITH_OPENSSL)
#if (OPENSSL_VERSION_NUMBER < 0x10000000L)
HMAC_Final((HMAC_CTX*) ctx, output, NULL);
#else
if (HMAC_Final((HMAC_CTX*) ctx, output, NULL) != 1)
return -1;
#endif
HMAC_CTX_cleanup((HMAC_CTX*) ctx);
#elif defined(WITH_MBEDTLS)
if (mbedtls_md_hmac_finish((mbedtls_md_context_t*) ctx, output) != 0)
return -1;
mbedtls_md_free((mbedtls_md_context_t*) ctx);
#endif
return 0;
}
int winpr_HMAC(int md, const BYTE* key, size_t keylen, const BYTE* input, size_t ilen, BYTE* output)
{
WINPR_HMAC_CTX ctx;
if (winpr_HMAC_Init(&ctx, md, key, keylen) != 0)
return -1;
if (winpr_HMAC_Update(&ctx, input, ilen) != 0)
return -1;
if (winpr_HMAC_Final(&ctx, output) != 0)
return -1;
return 0;
}
/**
* Generic Digest API
*/
int winpr_Digest_Init(WINPR_DIGEST_CTX* ctx, int md)
{
#if defined(WITH_OPENSSL)
const EVP_MD* evp = winpr_openssl_get_evp_md(md);
if (!evp)
return -1;
EVP_MD_CTX_init((EVP_MD_CTX*) ctx);
if (EVP_DigestInit_ex((EVP_MD_CTX*) ctx, evp, NULL) != 1)
return -1;
#elif defined(WITH_MBEDTLS)
const mbedtls_md_info_t* md_info;
mbedtls_md_type_t md_type = winpr_mbedtls_get_md_type(md);
md_info = mbedtls_md_info_from_type(md_type);
if (!md_info)
return -1;
mbedtls_md_init((mbedtls_md_context_t*) ctx);
if (mbedtls_md_setup((mbedtls_md_context_t*) ctx, md_info, 0) != 0)
return -1;
if (mbedtls_md_starts((mbedtls_md_context_t*) ctx) != 0)
return -1;
#endif
return 0;
}
int winpr_Digest_Update(WINPR_DIGEST_CTX* ctx, const BYTE* input, size_t ilen)
{
#if defined(WITH_OPENSSL)
if (EVP_DigestUpdate((EVP_MD_CTX*) ctx, input, ilen) != 1)
return -1;
#elif defined(WITH_MBEDTLS)
if (mbedtls_md_update((mbedtls_md_context_t*) ctx, input, ilen) != 0)
return -1;
#endif
return 0;
}
int winpr_Digest_Final(WINPR_DIGEST_CTX* ctx, BYTE* output)
{
#if defined(WITH_OPENSSL)
if (EVP_DigestFinal_ex((EVP_MD_CTX*) ctx, output, NULL) != 1)
return -1;
#elif defined(WITH_MBEDTLS)
if (mbedtls_md_finish((mbedtls_md_context_t*) ctx, output) != 0)
return -1;
mbedtls_md_free((mbedtls_md_context_t*) ctx);
#endif
return 0;
}
int winpr_Digest(int md, const BYTE* input, size_t ilen, BYTE* output)
{
WINPR_DIGEST_CTX ctx;
if (winpr_Digest_Init(&ctx, md) != 0)
return -1;
if (winpr_Digest_Update(&ctx, input, ilen) != 0)
return -1;
if (winpr_Digest_Final(&ctx, output) != 0)
return -1;
return 0;
}

View File

@ -0,0 +1,70 @@
/**
* WinPR: Windows Portable Runtime
*
* Copyright 2015 Marc-Andre Moreau <marcandre.moreau@gmail.com>
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#ifdef HAVE_CONFIG_H
#include "config.h"
#endif
#include <winpr/crt.h>
#include <winpr/crypto.h>
#ifdef WITH_OPENSSL
#include <openssl/rand.h>
#endif
#ifdef WITH_MBEDTLS
#include <mbedtls/md.h>
#include <mbedtls/entropy.h>
#include <mbedtls/havege.h>
#include <mbedtls/hmac_drbg.h>
#endif
int winpr_RAND(BYTE* output, size_t len)
{
#if defined(WITH_OPENSSL)
if (RAND_bytes(output, len) != 1)
return -1;
#elif defined(WITH_MBEDTLS) && defined(MBEDTLS_HAVEGE_C)
mbedtls_havege_state hs;
mbedtls_havege_init(&hs);
if (mbedtls_havege_random(&hs, output, len) != 0)
return -1;
mbedtls_havege_free(&hs);
#endif
return 0;
}
int winpr_RAND_pseudo(BYTE* output, size_t len)
{
#if defined(WITH_OPENSSL)
if (RAND_pseudo_bytes(output, len) != 1)
return -1;
#elif defined(WITH_MBEDTLS) && defined(MBEDTLS_HAVEGE_C)
mbedtls_havege_state hs;
mbedtls_havege_init(&hs);
if (mbedtls_havege_random(&hs, output, len) != 0)
return -1;
mbedtls_havege_free(&hs);
#endif
return 0;
}

View File

@ -5,6 +5,9 @@ set(MODULE_PREFIX "TEST_CRYPTO")
set(${MODULE_PREFIX}_DRIVER ${MODULE_NAME}.c)
set(${MODULE_PREFIX}_TESTS
TestCryptoHash.c
TestCryptoRand.c
TestCryptoCipher.c
TestCryptoProtectData.c
TestCryptoProtectMemory.c
TestCryptoCertEnumCertificatesInStore.c)

View File

@ -0,0 +1,106 @@
#include <winpr/crt.h>
#include <winpr/print.h>
#include <winpr/crypto.h>
static const BYTE* TEST_RC4_KEY = (BYTE*) "Key";
static const char* TEST_RC4_PLAINTEXT = "Plaintext";
static const BYTE* TEST_RC4_CIPHERTEXT = (BYTE*) "\xBB\xF3\x16\xE8\xD9\x40\xAF\x0A\xD3";
BOOL test_crypto_cipher_rc4()
{
size_t len;
BYTE* text;
WINPR_RC4_CTX ctx;
len = strlen(TEST_RC4_PLAINTEXT);
text = (BYTE*) calloc(1, len);
if (!text)
return FALSE;
winpr_RC4_Init(&ctx, TEST_RC4_KEY, strlen((char*) TEST_RC4_KEY));
winpr_RC4_Update(&ctx, len, (BYTE*) TEST_RC4_PLAINTEXT, text);
winpr_RC4_Final(&ctx);
if (memcmp(text, TEST_RC4_CIPHERTEXT, len) != 0)
{
char* actual;
char* expected;
actual = winpr_BinToHexString(text, len, FALSE);
expected = winpr_BinToHexString(TEST_RC4_CIPHERTEXT, len, FALSE);
fprintf(stderr, "unexpected RC4 ciphertext: Actual: %s Expected: %s\n", actual, expected);
free(actual);
free(expected);
return FALSE;
}
return TRUE;
}
static const BYTE* TEST_RAND_DATA = (BYTE*)
"\x1F\xC2\xEE\x4C\xA3\x66\x80\xA2\xCE\xFE\x56\xB4\x9E\x08\x30\x96"
"\x33\x6A\xA9\x6D\x36\xFD\x3C\xB7\x83\x04\x4E\x5E\xDC\x22\xCD\xF3"
"\x48\xDF\x3A\x2A\x61\xF1\xA8\xFA\x1F\xC6\xC7\x1B\x81\xB4\xE1\x0E"
"\xCB\xA2\xEF\xA1\x12\x4A\x83\xE5\x1D\x72\x1D\x2D\x26\xA8\x6B\xC0";
static const BYTE* TEST_CIPHER_KEY = (BYTE*)
"\x9D\x7C\xC0\xA1\x94\x3B\x07\x67\x2F\xD3\x83\x10\x51\x83\x38\x0E"
"\x1C\x74\x8C\x4E\x15\x79\xD6\xFF\xE2\xF0\x37\x7F\x8C\xD7\xD2\x13";
static const BYTE* TEST_CIPHER_IV = (BYTE*)
"\xFE\xE3\x9F\xF0\xD1\x5E\x37\x0C\xAB\xAB\x9B\x04\xF3\xDB\x99\x15";
BOOL test_crypto_cipher_key()
{
int status;
BYTE key[32];
BYTE iv[16];
BYTE salt[8] = { 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77 };
ZeroMemory(key, sizeof(key));
ZeroMemory(iv, sizeof(iv));
status = winpr_openssl_BytesToKey(WINPR_CIPHER_AES_256_CBC, WINPR_MD_SHA1,
salt, TEST_RAND_DATA, 64, 4, key, iv);
if (status != 32 || memcmp(key, TEST_CIPHER_KEY, 32) || memcmp(iv, TEST_CIPHER_IV, 16))
{
char* akstr;
char* ekstr;
char* aivstr;
char* eivstr;
akstr = winpr_BinToHexString(key, 32, 0);
ekstr = winpr_BinToHexString(TEST_CIPHER_KEY, 32, 0);
aivstr = winpr_BinToHexString(iv, 16, 0);
eivstr = winpr_BinToHexString(TEST_CIPHER_IV, 16, 0);
fprintf(stderr, "Unexpected EVP_BytesToKey Key: Actual: %s, Expected: %s\n", akstr, ekstr);
fprintf(stderr, "Unexpected EVP_BytesToKey IV : Actual: %s, Expected: %s\n", aivstr, eivstr);
free(akstr);
free(ekstr);
free(aivstr);
free(eivstr);
}
return TRUE;
}
int TestCryptoCipher(int argc, char* argv[])
{
if (!test_crypto_cipher_rc4())
return -1;
if (!test_crypto_cipher_key())
return -1;
return 0;
}

View File

@ -0,0 +1,182 @@
#include <winpr/crt.h>
#include <winpr/print.h>
#include <winpr/crypto.h>
static const char* TEST_MD5_DATA = "test";
static const BYTE* TEST_MD5_HASH = (BYTE*) "\x09\x8f\x6b\xcd\x46\x21\xd3\x73\xca\xde\x4e\x83\x26\x27\xb4\xf6";
BOOL test_crypto_hash_md5()
{
BYTE hash[16];
WINPR_MD5_CTX ctx;
winpr_MD5_Init(&ctx);
winpr_MD5_Update(&ctx, (BYTE*) TEST_MD5_DATA, strlen(TEST_MD5_DATA));
winpr_MD5_Final(&ctx, hash);
if (memcmp(hash, TEST_MD5_HASH, 16) != 0)
{
char* actual;
char* expected;
actual = winpr_BinToHexString(hash, 16, FALSE);
expected = winpr_BinToHexString(TEST_MD5_HASH, 16, FALSE);
fprintf(stderr, "unexpected MD5 hash: Actual: %s Expected: %s\n", actual, expected);
free(actual);
free(expected);
return -1;
}
return TRUE;
}
static const char* TEST_MD4_DATA = "test";
static const BYTE* TEST_MD4_HASH = (BYTE*) "\xdb\x34\x6d\x69\x1d\x7a\xcc\x4d\xc2\x62\x5d\xb1\x9f\x9e\x3f\x52";
BOOL test_crypto_hash_md4()
{
BYTE hash[16];
WINPR_MD4_CTX ctx;
winpr_MD4_Init(&ctx);
winpr_MD4_Update(&ctx, (BYTE*) TEST_MD4_DATA, strlen(TEST_MD4_DATA));
winpr_MD4_Final(&ctx, hash);
if (memcmp(hash, TEST_MD4_HASH, 16) != 0)
{
char* actual;
char* expected;
actual = winpr_BinToHexString(hash, 16, FALSE);
expected = winpr_BinToHexString(TEST_MD4_HASH, 16, FALSE);
fprintf(stderr, "unexpected MD4 hash: Actual: %s Expected: %s\n", actual, expected);
free(actual);
free(expected);
return -1;
}
return TRUE;
}
static const char* TEST_SHA1_DATA = "test";
static const BYTE* TEST_SHA1_HASH = (BYTE*) "\xa9\x4a\x8f\xe5\xcc\xb1\x9b\xa6\x1c\x4c\x08\x73\xd3\x91\xe9\x87\x98\x2f\xbb\xd3";
BOOL test_crypto_hash_sha1()
{
BYTE hash[20];
WINPR_SHA1_CTX ctx;
winpr_SHA1_Init(&ctx);
winpr_SHA1_Update(&ctx, (BYTE*) TEST_SHA1_DATA, strlen(TEST_SHA1_DATA));
winpr_SHA1_Final(&ctx, hash);
if (memcmp(hash, TEST_SHA1_HASH, 20) != 0)
{
char* actual;
char* expected;
actual = winpr_BinToHexString(hash, 20, FALSE);
expected = winpr_BinToHexString(TEST_SHA1_HASH, 20, FALSE);
fprintf(stderr, "unexpected SHA1 hash: Actual: %s Expected: %s\n", actual, expected);
free(actual);
free(expected);
return -1;
}
return TRUE;
}
static const char* TEST_HMAC_MD5_DATA = "Hi There";
static const BYTE* TEST_HMAC_MD5_KEY = (BYTE*) "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b";
static const BYTE* TEST_HMAC_MD5_HASH = (BYTE*) "\x92\x94\x72\x7a\x36\x38\xbb\x1c\x13\xf4\x8e\xf8\x15\x8b\xfc\x9d";
BOOL test_crypto_hash_hmac_md5()
{
BYTE hash[16];
WINPR_HMAC_CTX ctx;
winpr_HMAC_Init(&ctx, WINPR_MD_MD5, TEST_HMAC_MD5_KEY, 16);
winpr_HMAC_Update(&ctx, (BYTE*) TEST_HMAC_MD5_DATA, strlen(TEST_HMAC_MD5_DATA));
winpr_HMAC_Final(&ctx, hash);
if (memcmp(hash, TEST_HMAC_MD5_HASH, 16) != 0)
{
char* actual;
char* expected;
actual = winpr_BinToHexString(hash, 16, FALSE);
expected = winpr_BinToHexString(TEST_HMAC_MD5_HASH, 16, FALSE);
fprintf(stderr, "unexpected HMAC-MD5 hash: Actual: %s Expected: %s\n", actual, expected);
free(actual);
free(expected);
return -1;
}
return TRUE;
}
static const char* TEST_HMAC_SHA1_DATA = "Hi There";
static const BYTE* TEST_HMAC_SHA1_KEY = (BYTE*) "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b";
static const BYTE* TEST_HMAC_SHA1_HASH = (BYTE*) "\xb6\x17\x31\x86\x55\x05\x72\x64\xe2\x8b\xc0\xb6\xfb\x37\x8c\x8e\xf1\x46\xbe\x00";
BOOL test_crypto_hash_hmac_sha1()
{
BYTE hash[20];
WINPR_HMAC_CTX ctx;
winpr_HMAC_Init(&ctx, WINPR_MD_SHA1, TEST_HMAC_SHA1_KEY, 20);
winpr_HMAC_Update(&ctx, (BYTE*) TEST_HMAC_SHA1_DATA, strlen(TEST_HMAC_SHA1_DATA));
winpr_HMAC_Final(&ctx, hash);
if (memcmp(hash, TEST_HMAC_SHA1_HASH, 20) != 0)
{
char* actual;
char* expected;
actual = winpr_BinToHexString(hash, 20, FALSE);
expected = winpr_BinToHexString(TEST_HMAC_SHA1_HASH, 20, FALSE);
fprintf(stderr, "unexpected HMAC-SHA1 hash: Actual: %s Expected: %s\n", actual, expected);
free(actual);
free(expected);
return -1;
}
return TRUE;
}
int TestCryptoHash(int argc, char* argv[])
{
if (!test_crypto_hash_md5())
return -1;
if (!test_crypto_hash_md4())
return -1;
if (!test_crypto_hash_sha1())
return -1;
if (!test_crypto_hash_hmac_md5())
return -1;
if (!test_crypto_hash_hmac_sha1())
return -1;
return 0;
}

View File

@ -0,0 +1,25 @@
#include <winpr/crt.h>
#include <winpr/print.h>
#include <winpr/crypto.h>
int TestCryptoRand(int argc, char* argv[])
{
char* str;
BYTE rnd[16];
ZeroMemory(rnd, sizeof(rnd));
winpr_RAND(rnd, sizeof(rnd));
str = winpr_BinToHexString(rnd, sizeof(rnd), FALSE);
//fprintf(stderr, "Rand: %s\n", str);
free(str);
if (memcmp(rnd, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 16) == 0)
{
return -1;
}
return 0;
}

View File

@ -21,15 +21,12 @@
#include "config.h"
#endif
#include <stdio.h>
#include <winpr/crt.h>
#include <winpr/rpc.h>
#include <winpr/crypto.h>
#ifndef _WIN32
#include <openssl/rand.h>
#include "../log.h"
#define TAG WINPR_TAG("rpc")
@ -658,13 +655,13 @@ static UUID UUID_NIL =
RPC_STATUS UuidCreate(UUID* Uuid)
{
RAND_pseudo_bytes((void*) Uuid, 16);
winpr_RAND_pseudo((BYTE*) Uuid, 16);
return RPC_S_OK;
}
RPC_STATUS UuidCreateSequential(UUID* Uuid)
{
RAND_pseudo_bytes((void*) Uuid, 16);
winpr_RAND_pseudo((BYTE*) Uuid, 16);
return RPC_S_OK;
}

View File

@ -673,6 +673,7 @@ char* PCSC_ConvertReaderNameToWinSCard(const char* name)
char* p, *q;
char* tokens[64][2];
char* nameWinSCard;
char *checkAliasName;
/**
* pcsc-lite reader name format:
* name [interface] (serial) index slot
@ -796,10 +797,20 @@ char* PCSC_ConvertReaderNameToWinSCard(const char* name)
/**
* pcsc-lite appears to use an index number based on all readers,
* while WinSCard uses an index number based on readers of the same name.
* Force an index number of 0 for now, fix later.
* Set index for this reader by checking if index is already used by another reader
* and incrementing until available index found.
*/
index = 0;
sprintf_s(nameWinSCard, size, "%.*s %d", length, p, index);
checkAliasName = PCSC_GetReaderNameFromAlias(nameWinSCard);
while ((checkAliasName != NULL) && (strcmp(checkAliasName, name) != 0))
{
index++;
sprintf_s(nameWinSCard, size, "%.*s %d", length, p, index);
checkAliasName = PCSC_GetReaderNameFromAlias(nameWinSCard);
}
return nameWinSCard;
}

View File

@ -54,11 +54,15 @@ winpr_module_add(${${MODULE_PREFIX}_NTLM_SRCS}
${${MODULE_PREFIX}_SCHANNEL_SRCS}
${${MODULE_PREFIX}_SRCS})
winpr_include_directory_add(${ZLIB_INCLUDE_DIRS}
${OPENSSL_INCLUDE_DIR})
if(OPENSSL_FOUND)
winpr_include_directory_add(${OPENSSL_INCLUDE_DIR})
winpr_library_add(${OPENSSL_LIBRARIES})
endif()
winpr_library_add(${ZLIB_LIBRARIES}
${OPENSSL_LIBRARIES})
if(MBEDTLS_FOUND)
winpr_include_directory_add(${MBEDTLS_INCLUDE_DIR})
winpr_library_add(${MBEDTLS_LIBRARIES})
endif()
if(WIN32)
winpr_library_add(ws2_32)

View File

@ -21,19 +21,12 @@
#include "config.h"
#endif
#include <time.h>
#include <openssl/des.h>
#include <openssl/md4.h>
#include <openssl/hmac.h>
#include <openssl/rand.h>
#include <openssl/engine.h>
#include <winpr/crt.h>
#include <winpr/sspi.h>
#include <winpr/print.h>
#include <winpr/tchar.h>
#include <winpr/sysinfo.h>
#include <winpr/registry.h>
#include <winpr/tchar.h>
#include "ntlm.h"
#include "../sspi.h"
@ -156,6 +149,7 @@ NTLM_CONTEXT* ntlm_ContextNew()
DWORD dwSize;
DWORD dwValue;
NTLM_CONTEXT* context;
context = (NTLM_CONTEXT*) calloc(1, sizeof(NTLM_CONTEXT));
if (!context)
@ -810,11 +804,11 @@ SECURITY_STATUS SEC_ENTRY ntlm_EncryptMessage(PCtxtHandle phContext, ULONG fQOP,
int length;
void* data;
UINT32 SeqNo;
HMAC_CTX hmac;
BYTE digest[16];
BYTE checksum[8];
BYTE* signature;
ULONG version = 1;
WINPR_HMAC_CTX hmac;
NTLM_CONTEXT* context;
PSecBuffer data_buffer = NULL;
PSecBuffer signature_buffer = NULL;
@ -844,17 +838,15 @@ SECURITY_STATUS SEC_ENTRY ntlm_EncryptMessage(PCtxtHandle phContext, ULONG fQOP,
CopyMemory(data, data_buffer->pvBuffer, length);
/* Compute the HMAC-MD5 hash of ConcatenationOf(seq_num,data) using the client signing key */
HMAC_CTX_init(&hmac);
HMAC_Init_ex(&hmac, context->SendSigningKey, 16, EVP_md5(), NULL);
HMAC_Update(&hmac, (void*) &(SeqNo), 4);
HMAC_Update(&hmac, (void*) data, length);
HMAC_Final(&hmac, digest, NULL);
HMAC_CTX_cleanup(&hmac);
winpr_HMAC_Init(&hmac, WINPR_MD_MD5, context->SendSigningKey, 16);
winpr_HMAC_Update(&hmac, (void*) &(SeqNo), 4);
winpr_HMAC_Update(&hmac, (void*) data, length);
winpr_HMAC_Final(&hmac, digest);
/* Encrypt message using with RC4, result overwrites original buffer */
if (context->confidentiality)
RC4(&context->SendRc4Seal, length, (BYTE*) data, (BYTE*) data_buffer->pvBuffer);
winpr_RC4_Update(&context->SendRc4Seal, length, (BYTE*) data, (BYTE*) data_buffer->pvBuffer);
else
CopyMemory(data_buffer->pvBuffer, data, length);
@ -866,7 +858,7 @@ SECURITY_STATUS SEC_ENTRY ntlm_EncryptMessage(PCtxtHandle phContext, ULONG fQOP,
#endif
free(data);
/* RC4-encrypt first 8 bytes of digest */
RC4(&context->SendRc4Seal, 8, digest, checksum);
winpr_RC4_Update(&context->SendRc4Seal, 8, digest, checksum);
signature = (BYTE*) signature_buffer->pvBuffer;
/* Concatenate version, ciphertext and sequence number to build signature */
CopyMemory(signature, (void*) &version, 4);
@ -886,10 +878,10 @@ SECURITY_STATUS SEC_ENTRY ntlm_DecryptMessage(PCtxtHandle phContext, PSecBufferD
int length;
void* data;
UINT32 SeqNo;
HMAC_CTX hmac;
BYTE digest[16];
BYTE checksum[8];
UINT32 version = 1;
WINPR_HMAC_CTX hmac;
NTLM_CONTEXT* context;
BYTE expected_signature[16];
PSecBuffer data_buffer = NULL;
@ -923,17 +915,15 @@ SECURITY_STATUS SEC_ENTRY ntlm_DecryptMessage(PCtxtHandle phContext, PSecBufferD
/* Decrypt message using with RC4, result overwrites original buffer */
if (context->confidentiality)
RC4(&context->RecvRc4Seal, length, (BYTE*) data, (BYTE*) data_buffer->pvBuffer);
winpr_RC4_Update(&context->RecvRc4Seal, length, (BYTE*) data, (BYTE*) data_buffer->pvBuffer);
else
CopyMemory(data_buffer->pvBuffer, data, length);
/* Compute the HMAC-MD5 hash of ConcatenationOf(seq_num,data) using the client signing key */
HMAC_CTX_init(&hmac);
HMAC_Init_ex(&hmac, context->RecvSigningKey, 16, EVP_md5(), NULL);
HMAC_Update(&hmac, (void*) &(SeqNo), 4);
HMAC_Update(&hmac, (void*) data_buffer->pvBuffer, data_buffer->cbBuffer);
HMAC_Final(&hmac, digest, NULL);
HMAC_CTX_cleanup(&hmac);
winpr_HMAC_Init(&hmac, WINPR_MD_MD5, context->RecvSigningKey, 16);
winpr_HMAC_Update(&hmac, (void*) &(SeqNo), 4);
winpr_HMAC_Update(&hmac, (void*) data_buffer->pvBuffer, data_buffer->cbBuffer);
winpr_HMAC_Final(&hmac, digest);
#ifdef WITH_DEBUG_NTLM
WLog_DBG(TAG, "Encrypted Data Buffer (length = %d)", length);
winpr_HexDump(TAG, WLOG_DEBUG, data, length);
@ -942,7 +932,7 @@ SECURITY_STATUS SEC_ENTRY ntlm_DecryptMessage(PCtxtHandle phContext, PSecBufferD
#endif
free(data);
/* RC4-encrypt first 8 bytes of digest */
RC4(&context->RecvRc4Seal, 8, digest, checksum);
winpr_RC4_Update(&context->RecvRc4Seal, 8, digest, checksum);
/* Concatenate version, ciphertext and sequence number to build signature */
CopyMemory(expected_signature, (void*) &version, 4);
CopyMemory(&expected_signature[4], (void*) checksum, 8);

View File

@ -24,16 +24,7 @@
#include <winpr/windows.h>
#include <winpr/nt.h>
#include <time.h>
#include <openssl/des.h>
#include <openssl/md4.h>
#include <openssl/md5.h>
#include <openssl/sha.h>
#include <openssl/rc4.h>
#include <openssl/hmac.h>
#include <openssl/rand.h>
#include <openssl/engine.h>
#include <winpr/crypto.h>
#include "../sspi.h"
@ -234,8 +225,8 @@ struct _NTLM_CONTEXT
BYTE MachineID[32];
BOOL SendVersionInfo;
BOOL confidentiality;
RC4_KEY SendRc4Seal;
RC4_KEY RecvRc4Seal;
WINPR_RC4_CTX SendRc4Seal;
WINPR_RC4_CTX RecvRc4Seal;
BYTE* SendSigningKey;
BYTE* RecvSigningKey;
BYTE* SendSealingKey;

View File

@ -30,6 +30,7 @@
#include <winpr/print.h>
#include <winpr/sysinfo.h>
#include <winpr/tchar.h>
#include <winpr/crypto.h>
#include "ntlm_compute.h"
@ -242,22 +243,23 @@ typedef struct gss_channel_bindings_struct {
} *gss_channel_bindings_t;
*/
static void ntlm_md5_update_uint32_be(MD5_CTX* md5, UINT32 num)
static void ntlm_md5_update_uint32_be(WINPR_MD5_CTX* md5, UINT32 num)
{
BYTE be32[4];
be32[0] = (num >> 0) & 0xFF;
be32[1] = (num >> 8) & 0xFF;
be32[2] = (num >> 16) & 0xFF;
be32[3] = (num >> 24) & 0xFF;
MD5_Update(md5, be32, 4);
winpr_MD5_Update(md5, be32, 4);
}
void ntlm_compute_channel_bindings(NTLM_CONTEXT* context)
{
MD5_CTX md5;
WINPR_MD5_CTX md5;
BYTE* ChannelBindingToken;
UINT32 ChannelBindingTokenLength;
SEC_CHANNEL_BINDINGS* ChannelBindings;
ZeroMemory(context->ChannelBindingsHash, 16);
ChannelBindings = context->Bindings.Bindings;
@ -266,14 +268,14 @@ void ntlm_compute_channel_bindings(NTLM_CONTEXT* context)
ChannelBindingTokenLength = context->Bindings.BindingsLength - sizeof(SEC_CHANNEL_BINDINGS);
ChannelBindingToken = &((BYTE*) ChannelBindings)[ChannelBindings->dwApplicationDataOffset];
MD5_Init(&md5);
winpr_MD5_Init(&md5);
ntlm_md5_update_uint32_be(&md5, ChannelBindings->dwInitiatorAddrType);
ntlm_md5_update_uint32_be(&md5, ChannelBindings->cbInitiatorLength);
ntlm_md5_update_uint32_be(&md5, ChannelBindings->dwAcceptorAddrType);
ntlm_md5_update_uint32_be(&md5, ChannelBindings->cbAcceptorLength);
ntlm_md5_update_uint32_be(&md5, ChannelBindings->cbApplicationDataLength);
MD5_Update(&md5, (void*) ChannelBindingToken, ChannelBindingTokenLength);
MD5_Final(context->ChannelBindingsHash, &md5);
winpr_MD5_Update(&md5, (void*) ChannelBindingToken, ChannelBindingTokenLength);
winpr_MD5_Final(&md5, context->ChannelBindingsHash);
}
void ntlm_compute_single_host_data(NTLM_CONTEXT* context)

View File

@ -28,6 +28,7 @@
#include <winpr/sam.h>
#include <winpr/ntlm.h>
#include <winpr/print.h>
#include <winpr/crypto.h>
#include <winpr/sysinfo.h>
#include "ntlm_compute.h"
@ -194,14 +195,14 @@ int ntlm_fetch_ntlm_v2_hash(NTLM_CONTEXT* context, BYTE* hash)
WINPR_SAM* sam;
WINPR_SAM_ENTRY* entry;
SSPI_CREDENTIALS* credentials = context->credentials;
sam = SamOpen(TRUE);
if (!sam)
return -1;
entry = SamLookupUserW(sam,
(LPWSTR) credentials->identity.User, credentials->identity.UserLength * 2,
(LPWSTR) credentials->identity.Domain, credentials->identity.DomainLength * 2);
entry = SamLookupUserW(sam, (LPWSTR) credentials->identity.User, credentials->identity.UserLength * 2,
(LPWSTR) credentials->identity.Domain, credentials->identity.DomainLength * 2);
if (entry)
{
@ -210,16 +211,15 @@ int ntlm_fetch_ntlm_v2_hash(NTLM_CONTEXT* context, BYTE* hash)
winpr_HexDump(TAG, WLOG_DEBUG, entry->NtHash, 16);
#endif
NTOWFv2FromHashW(entry->NtHash,
(LPWSTR) credentials->identity.User, credentials->identity.UserLength * 2,
(LPWSTR) credentials->identity.Domain, credentials->identity.DomainLength * 2,
(BYTE*) hash);
(LPWSTR) credentials->identity.User, credentials->identity.UserLength * 2,
(LPWSTR) credentials->identity.Domain, credentials->identity.DomainLength * 2,
(BYTE*) hash);
SamFreeEntry(sam, entry);
SamClose(sam);
return 1;
}
entry = SamLookupUserW(sam,
(LPWSTR) credentials->identity.User, credentials->identity.UserLength * 2, NULL, 0);
entry = SamLookupUserW(sam, (LPWSTR) credentials->identity.User, credentials->identity.UserLength * 2, NULL, 0);
if (entry)
{
@ -228,9 +228,9 @@ int ntlm_fetch_ntlm_v2_hash(NTLM_CONTEXT* context, BYTE* hash)
winpr_HexDump(TAG, WLOG_DEBUG, entry->NtHash, 16);
#endif
NTOWFv2FromHashW(entry->NtHash,
(LPWSTR) credentials->identity.User, credentials->identity.UserLength * 2,
(LPWSTR) credentials->identity.Domain, credentials->identity.DomainLength * 2,
(BYTE*) hash);
(LPWSTR) credentials->identity.User, credentials->identity.UserLength * 2,
(LPWSTR) credentials->identity.Domain, credentials->identity.DomainLength * 2,
(BYTE*) hash);
SamFreeEntry(sam, entry);
SamClose(sam);
return 1;
@ -283,9 +283,9 @@ int ntlm_compute_ntlm_v2_hash(NTLM_CONTEXT* context, BYTE* hash)
if (memcmp(context->NtlmHash, NTLM_NULL_BUFFER, 16) != 0)
{
NTOWFv2FromHashW(context->NtlmHash,
(LPWSTR) credentials->identity.User, credentials->identity.UserLength * 2,
(LPWSTR) credentials->identity.Domain, credentials->identity.DomainLength * 2,
(BYTE*) hash);
(LPWSTR) credentials->identity.User, credentials->identity.UserLength * 2,
(LPWSTR) credentials->identity.Domain, credentials->identity.DomainLength * 2,
(BYTE*) hash);
}
else if (credentials->identity.PasswordLength > 256)
{
@ -294,15 +294,15 @@ int ntlm_compute_ntlm_v2_hash(NTLM_CONTEXT* context, BYTE* hash)
return -1;
NTOWFv2FromHashW(context->NtlmHash,
(LPWSTR) credentials->identity.User, credentials->identity.UserLength * 2,
(LPWSTR) credentials->identity.Domain, credentials->identity.DomainLength * 2,
(BYTE*) hash);
(LPWSTR) credentials->identity.User, credentials->identity.UserLength * 2,
(LPWSTR) credentials->identity.Domain, credentials->identity.DomainLength * 2,
(BYTE*) hash);
}
else if (credentials->identity.PasswordLength > 0)
else if (credentials->identity.Password)
{
NTOWFv2W((LPWSTR) credentials->identity.Password, credentials->identity.PasswordLength * 2,
(LPWSTR) credentials->identity.User, credentials->identity.UserLength * 2,
(LPWSTR) credentials->identity.Domain, credentials->identity.DomainLength * 2, (BYTE*) hash);
(LPWSTR) credentials->identity.User, credentials->identity.UserLength * 2,
(LPWSTR) credentials->identity.Domain, credentials->identity.DomainLength * 2, (BYTE*) hash);
}
else if (context->UseSamFileDatabase)
{
@ -340,7 +340,7 @@ int ntlm_compute_lm_v2_response(NTLM_CONTEXT* context)
response = (BYTE*) context->LmChallengeResponse.pvBuffer;
/* Compute the HMAC-MD5 hash of the resulting value using the NTLMv2 hash as the key */
HMAC(EVP_md5(), (void*) context->NtlmV2Hash, 16, (BYTE*) value, 16, (BYTE*) response, NULL);
winpr_HMAC(WINPR_MD_MD5, (void*) context->NtlmV2Hash, 16, (BYTE*) value, 16, (BYTE*) response);
/* Concatenate the resulting HMAC-MD5 hash and the client challenge, giving us the LMv2 response (24 bytes) */
CopyMemory(&response[16], context->ClientChallenge, 8);
return 1;
@ -409,8 +409,8 @@ int ntlm_compute_ntlm_v2_response(NTLM_CONTEXT* context)
blob = (BYTE*) ntlm_v2_temp_chal.pvBuffer;
CopyMemory(blob, context->ServerChallenge, 8);
CopyMemory(&blob[8], ntlm_v2_temp.pvBuffer, ntlm_v2_temp.cbBuffer);
HMAC(EVP_md5(), (BYTE*) context->NtlmV2Hash, 16, (BYTE*) ntlm_v2_temp_chal.pvBuffer,
ntlm_v2_temp_chal.cbBuffer, (BYTE*) nt_proof_str, NULL);
winpr_HMAC(WINPR_MD_MD5, (BYTE*) context->NtlmV2Hash, 16, (BYTE*) ntlm_v2_temp_chal.pvBuffer,
ntlm_v2_temp_chal.cbBuffer, (BYTE*) nt_proof_str);
/* NtChallengeResponse, Concatenate NTProofStr with temp */
@ -421,7 +421,7 @@ int ntlm_compute_ntlm_v2_response(NTLM_CONTEXT* context)
CopyMemory(blob, nt_proof_str, 16);
CopyMemory(&blob[16], ntlm_v2_temp.pvBuffer, ntlm_v2_temp.cbBuffer);
/* Compute SessionBaseKey, the HMAC-MD5 hash of NTProofStr using the NTLMv2 hash as the key */
HMAC(EVP_md5(), (BYTE*) context->NtlmV2Hash, 16, (BYTE*) nt_proof_str, 16, (BYTE*) context->SessionBaseKey, NULL);
winpr_HMAC(WINPR_MD_MD5, (BYTE*) context->NtlmV2Hash, 16, (BYTE*) nt_proof_str, 16, (BYTE*) context->SessionBaseKey);
sspi_SecBufferFree(&ntlm_v2_temp);
sspi_SecBufferFree(&ntlm_v2_temp_chal);
return 1;
@ -437,11 +437,10 @@ int ntlm_compute_ntlm_v2_response(NTLM_CONTEXT* context)
void ntlm_rc4k(BYTE* key, int length, BYTE* plaintext, BYTE* ciphertext)
{
RC4_KEY rc4;
/* Initialize RC4 cipher with key */
RC4_set_key(&rc4, 16, (void*) key);
/* Encrypt plaintext with key */
RC4(&rc4, length, (void*) plaintext, (void*) ciphertext);
WINPR_RC4_CTX rc4;
winpr_RC4_Init(&rc4, (void*) key, 16);
winpr_RC4_Update(&rc4, length, (void*) plaintext, (void*) ciphertext);
winpr_RC4_Final(&rc4);
}
/**
@ -453,7 +452,7 @@ void ntlm_generate_client_challenge(NTLM_CONTEXT* context)
{
/* ClientChallenge is used in computation of LMv2 and NTLMv2 responses */
if (memcmp(context->ClientChallenge, NTLM_NULL_BUFFER, 8) == 0)
RAND_bytes(context->ClientChallenge, 8);
winpr_RAND(context->ClientChallenge, 8);
}
/**
@ -464,7 +463,7 @@ void ntlm_generate_client_challenge(NTLM_CONTEXT* context)
void ntlm_generate_server_challenge(NTLM_CONTEXT* context)
{
if (memcmp(context->ServerChallenge, NTLM_NULL_BUFFER, 8) == 0)
RAND_bytes(context->ServerChallenge, 8);
winpr_RAND(context->ServerChallenge, 8);
}
/**
@ -486,7 +485,7 @@ void ntlm_generate_key_exchange_key(NTLM_CONTEXT* context)
void ntlm_generate_random_session_key(NTLM_CONTEXT* context)
{
RAND_bytes(context->RandomSessionKey, 16);
winpr_RAND(context->RandomSessionKey, 16);
}
/**
@ -543,7 +542,8 @@ int ntlm_generate_signing_key(BYTE* exported_session_key, PSecBuffer sign_magic,
{
int length;
BYTE* value;
MD5_CTX md5;
WINPR_MD5_CTX md5;
length = 16 + sign_magic->cbBuffer;
value = (BYTE*) malloc(length);
@ -553,9 +553,9 @@ int ntlm_generate_signing_key(BYTE* exported_session_key, PSecBuffer sign_magic,
/* Concatenate ExportedSessionKey with sign magic */
CopyMemory(value, exported_session_key, 16);
CopyMemory(&value[16], sign_magic->pvBuffer, sign_magic->cbBuffer);
MD5_Init(&md5);
MD5_Update(&md5, value, length);
MD5_Final(signing_key, &md5);
winpr_MD5_Init(&md5);
winpr_MD5_Update(&md5, value, length);
winpr_MD5_Final(&md5, signing_key);
free(value);
return 1;
}
@ -599,7 +599,7 @@ void ntlm_generate_server_signing_key(NTLM_CONTEXT* context)
int ntlm_generate_sealing_key(BYTE* exported_session_key, PSecBuffer seal_magic, BYTE* sealing_key)
{
BYTE* p;
MD5_CTX md5;
WINPR_MD5_CTX md5;
SecBuffer buffer;
if (!sspi_SecBufferAlloc(&buffer, 16 + seal_magic->cbBuffer))
@ -609,9 +609,9 @@ int ntlm_generate_sealing_key(BYTE* exported_session_key, PSecBuffer seal_magic,
/* Concatenate ExportedSessionKey with seal magic */
CopyMemory(p, exported_session_key, 16);
CopyMemory(&p[16], seal_magic->pvBuffer, seal_magic->cbBuffer);
MD5_Init(&md5);
MD5_Update(&md5, buffer.pvBuffer, buffer.cbBuffer);
MD5_Final(sealing_key, &md5);
winpr_MD5_Init(&md5);
winpr_MD5_Update(&md5, buffer.pvBuffer, buffer.cbBuffer);
winpr_MD5_Final(&md5, sealing_key);
sspi_SecBufferFree(&buffer);
return 1;
}
@ -657,8 +657,8 @@ void ntlm_init_rc4_seal_states(NTLM_CONTEXT* context)
context->RecvSigningKey = context->ClientSigningKey;
context->SendSealingKey = context->ClientSealingKey;
context->RecvSealingKey = context->ServerSealingKey;
RC4_set_key(&context->SendRc4Seal, 16, context->ServerSealingKey);
RC4_set_key(&context->RecvRc4Seal, 16, context->ClientSealingKey);
winpr_RC4_Init(&context->SendRc4Seal, context->ServerSealingKey, 16);
winpr_RC4_Init(&context->RecvRc4Seal, context->ClientSealingKey, 16);
}
else
{
@ -666,24 +666,22 @@ void ntlm_init_rc4_seal_states(NTLM_CONTEXT* context)
context->RecvSigningKey = context->ServerSigningKey;
context->SendSealingKey = context->ServerSealingKey;
context->RecvSealingKey = context->ClientSealingKey;
RC4_set_key(&context->SendRc4Seal, 16, context->ClientSealingKey);
RC4_set_key(&context->RecvRc4Seal, 16, context->ServerSealingKey);
winpr_RC4_Init(&context->SendRc4Seal, context->ClientSealingKey, 16);
winpr_RC4_Init(&context->RecvRc4Seal, context->ServerSealingKey, 16);
}
}
void ntlm_compute_message_integrity_check(NTLM_CONTEXT* context)
{
HMAC_CTX hmac_ctx;
WINPR_HMAC_CTX hmac;
/*
* Compute the HMAC-MD5 hash of ConcatenationOf(NEGOTIATE_MESSAGE,
* CHALLENGE_MESSAGE, AUTHENTICATE_MESSAGE) using the ExportedSessionKey
*/
HMAC_CTX_init(&hmac_ctx);
HMAC_Init_ex(&hmac_ctx, context->ExportedSessionKey, 16, EVP_md5(), NULL);
HMAC_Update(&hmac_ctx, (BYTE*) context->NegotiateMessage.pvBuffer, context->NegotiateMessage.cbBuffer);
HMAC_Update(&hmac_ctx, (BYTE*) context->ChallengeMessage.pvBuffer, context->ChallengeMessage.cbBuffer);
HMAC_Update(&hmac_ctx, (BYTE*) context->AuthenticateMessage.pvBuffer, context->AuthenticateMessage.cbBuffer);
HMAC_Final(&hmac_ctx, context->MessageIntegrityCheck, NULL);
HMAC_CTX_cleanup(&hmac_ctx);
}
winpr_HMAC_Init(&hmac, WINPR_MD_MD5, context->ExportedSessionKey, 16);
winpr_HMAC_Update(&hmac, (BYTE*) context->NegotiateMessage.pvBuffer, context->NegotiateMessage.cbBuffer);
winpr_HMAC_Update(&hmac, (BYTE*) context->ChallengeMessage.pvBuffer, context->ChallengeMessage.cbBuffer);
winpr_HMAC_Update(&hmac, (BYTE*) context->AuthenticateMessage.pvBuffer, context->AuthenticateMessage.cbBuffer);
winpr_HMAC_Final(&hmac, context->MessageIntegrityCheck);
}

View File

@ -39,6 +39,7 @@ SCHANNEL_CONTEXT* schannel_ContextNew()
return NULL;
context->openssl = schannel_openssl_new();
if (!context->openssl)
{
free(context);

View File

@ -21,12 +21,29 @@
#include "config.h"
#endif
#include "schannel_openssl.h"
#ifdef WITH_OPENSSL
#include <winpr/crt.h>
#include <winpr/sspi.h>
#include <winpr/ssl.h>
#include <winpr/print.h>
#include "schannel_openssl.h"
#include <openssl/ssl.h>
#include <openssl/err.h>
#include <openssl/bio.h>
struct _SCHANNEL_OPENSSL
{
SSL* ssl;
SSL_CTX* ctx;
BOOL connected;
BIO* bioRead;
BIO* bioWrite;
BYTE* ReadBuffer;
BYTE* WriteBuffer;
};
#include "../../log.h"
#define TAG WINPR_TAG("sspi.schannel")
@ -172,7 +189,7 @@ int schannel_openssl_server_init(SCHANNEL_OPENSSL* context)
{
int status;
long options = 0;
//context->ctx = SSL_CTX_new(SSLv23_server_method());
context->ctx = SSL_CTX_new(TLSv1_server_method());
if (!context->ctx)
@ -524,3 +541,47 @@ void schannel_openssl_free(SCHANNEL_OPENSSL* context)
free(context);
}
}
#else
int schannel_openssl_client_init(SCHANNEL_OPENSSL* context)
{
return 0;
}
int schannel_openssl_server_init(SCHANNEL_OPENSSL* context)
{
return 0;
}
SECURITY_STATUS schannel_openssl_client_process_tokens(SCHANNEL_OPENSSL* context, PSecBufferDesc pInput, PSecBufferDesc pOutput)
{
return SEC_E_OK;
}
SECURITY_STATUS schannel_openssl_server_process_tokens(SCHANNEL_OPENSSL* context, PSecBufferDesc pInput, PSecBufferDesc pOutput)
{
return SEC_E_OK;
}
SECURITY_STATUS schannel_openssl_encrypt_message(SCHANNEL_OPENSSL* context, PSecBufferDesc pMessage)
{
return SEC_E_OK;
}
SECURITY_STATUS schannel_openssl_decrypt_message(SCHANNEL_OPENSSL* context, PSecBufferDesc pMessage)
{
return SEC_E_OK;
}
SCHANNEL_OPENSSL* schannel_openssl_new(void)
{
return NULL;
}
void schannel_openssl_free(SCHANNEL_OPENSSL* context)
{
}
#endif

View File

@ -27,20 +27,6 @@
/* OpenSSL includes windows.h */
#include <winpr/windows.h>
#include <openssl/ssl.h>
#include <openssl/err.h>
#include <openssl/bio.h>
struct _SCHANNEL_OPENSSL
{
SSL* ssl;
SSL_CTX* ctx;
BOOL connected;
BIO* bioRead;
BIO* bioWrite;
BYTE* ReadBuffer;
BYTE* WriteBuffer;
};
typedef struct _SCHANNEL_OPENSSL SCHANNEL_OPENSSL;
int schannel_openssl_client_init(SCHANNEL_OPENSSL* context);

View File

@ -21,8 +21,6 @@
#include "config.h"
#endif
#include <stdlib.h>
#include <winpr/windows.h>
#include <winpr/crt.h>
@ -30,9 +28,6 @@
#include <winpr/ssl.h>
#include <winpr/print.h>
#include <openssl/ssl.h>
#include <openssl/err.h>
#include "sspi.h"
#include "sspi_winpr.h"
@ -447,7 +442,7 @@ int sspi_CopyAuthIdentity(SEC_WINNT_AUTH_IDENTITY* identity, SEC_WINNT_AUTH_IDEN
if (identity->PasswordLength > 256)
identity->PasswordLength /= SSPI_CREDENTIALS_HASH_LENGTH_FACTOR;
if (identity->PasswordLength > 0)
if (srcIdentity->Password)
{
identity->Password = (UINT16*) malloc((identity->PasswordLength + 1) * sizeof(WCHAR));

View File

@ -17,14 +17,11 @@ create_test_sourcelist(${MODULE_PREFIX}_SRCS
${${MODULE_PREFIX}_DRIVER}
${${MODULE_PREFIX}_TESTS})
include_directories(${ZLIB_INCLUDE_DIRS})
include_directories(${OPENSSL_INCLUDE_DIR})
add_executable(${MODULE_NAME} ${${MODULE_PREFIX}_SRCS})
set(${MODULE_PREFIX}_LIBS
${ZLIB_LIBRARIES}
${OPENSSL_LIBRARIES})
set(${MODULE_PREFIX}_LIBS ${OPENSSL_LIBRARIES})
if(WIN32)
set(${MODULE_PREFIX}_LIBS ${${MODULE_PREFIX}_LIBS} secur32 crypt32)

View File

@ -103,13 +103,17 @@ winpr_module_add(${${MODULE_PREFIX}_SRCS}
winpr_include_directory_add(
"lodepng"
"trio"
"."
${ZLIB_INCLUDE_DIRS}
${OPENSSL_INCLUDE_DIR})
".")
if(OPENSSL_FOUND)
winpr_include_directory_add(${OPENSSL_INCLUDE_DIR})
winpr_library_add(${OPENSSL_LIBRARIES})
endif()
winpr_library_add(
${ZLIB_LIBRARIES}
${OPENSSL_LIBRARIES})
if(MBEDTLS_FOUND)
winpr_include_directory_add(${MBEDTLS_INCLUDE_DIR})
winpr_library_add(${MBEDTLS_LIBRARIES})
endif()
if(UNIX)
winpr_library_add(m)

View File

@ -24,9 +24,7 @@
#include <winpr/ntlm.h>
#include <winpr/crt.h>
#include <openssl/ssl.h>
#include <openssl/md4.h>
#include <winpr/crypto.h>
/**
* Define NTOWFv1(Password, User, Domain) as
@ -36,7 +34,7 @@
BYTE* NTOWFv1W(LPWSTR Password, UINT32 PasswordLength, BYTE* NtHash)
{
MD4_CTX md4_ctx;
WINPR_MD4_CTX md4;
if (!Password)
return NULL;
@ -44,9 +42,9 @@ BYTE* NTOWFv1W(LPWSTR Password, UINT32 PasswordLength, BYTE* NtHash)
if (!NtHash && !(NtHash = malloc(16)))
return NULL;
MD4_Init(&md4_ctx);
MD4_Update(&md4_ctx, Password, PasswordLength);
MD4_Final((void*) NtHash, &md4_ctx);
winpr_MD4_Init(&md4);
winpr_MD4_Update(&md4, (BYTE*) Password, (size_t) PasswordLength);
winpr_MD4_Final(&md4, NtHash);
return NtHash;
}
@ -105,7 +103,7 @@ BYTE* NTOWFv2W(LPWSTR Password, UINT32 PasswordLength, LPWSTR User,
CopyMemory(&buffer[UserLength], Domain, DomainLength);
/* Compute the HMAC-MD5 hash of the above value using the NTLMv1 hash as the key, the result is the NTLMv2 hash */
HMAC(EVP_md5(), (void*) NtHashV1, 16, buffer, UserLength + DomainLength, (void*) NtHash, NULL);
winpr_HMAC(WINPR_MD_MD5, NtHashV1, 16, buffer, UserLength + DomainLength, NtHash);
free(buffer);
@ -167,7 +165,7 @@ BYTE* NTOWFv2FromHashW(BYTE* NtHashV1, LPWSTR User, UINT32 UserLength, LPWSTR Do
}
/* Compute the HMAC-MD5 hash of the above value using the NTLMv1 hash as the key, the result is the NTLMv2 hash */
HMAC(EVP_md5(), (void*) NtHashV1, 16, buffer, UserLength + DomainLength, (void*) NtHash, NULL);
winpr_HMAC(WINPR_MD_MD5, NtHashV1, 16, buffer, UserLength + DomainLength, NtHash);
free(buffer);

View File

@ -18,11 +18,17 @@
* limitations under the License.
*/
#ifdef HAVE_CONFIG_H
#include "config.h"
#endif
#include <winpr/crt.h>
#include <winpr/synch.h>
#include <winpr/ssl.h>
#include <winpr/thread.h>
#ifdef WITH_OPENSSL
#include <openssl/ssl.h>
#include <openssl/err.h>
@ -277,3 +283,17 @@ BOOL winpr_CleanupSSL(DWORD flags)
return TRUE;
}
#else
BOOL winpr_InitializeSSL(DWORD flags)
{
return TRUE;
}
BOOL winpr_CleanupSSL(DWORD flags)
{
return TRUE;
}
#endif

View File

@ -18,34 +18,28 @@
set(MODULE_NAME "winpr-hash")
set(MODULE_PREFIX "WINPR_TOOLS_HASH")
include_directories(${ZLIB_INCLUDE_DIRS})
include_directories(${OPENSSL_INCLUDE_DIR})
set(${MODULE_PREFIX}_SRCS
hash.c)
# On windows create dll version information.
# On windows create dll version information.
# Vendor, product and year are already set in top level CMakeLists.txt
if (WIN32)
set (RC_VERSION_MAJOR ${WINPR_VERSION_MAJOR})
set (RC_VERSION_MINOR ${WINPR_VERSION_MINOR})
set (RC_VERSION_BUILD ${WINPR_VERSION_REVISION})
set (RC_VERSION_FILE "${MODULE_NAME}${CMAKE_EXECUTABLE_SUFFIX}" )
set(RC_VERSION_MAJOR ${WINPR_VERSION_MAJOR})
set(RC_VERSION_MINOR ${WINPR_VERSION_MINOR})
set(RC_VERSION_BUILD ${WINPR_VERSION_REVISION})
set(RC_VERSION_FILE "${MODULE_NAME}${CMAKE_EXECUTABLE_SUFFIX}")
configure_file(
${CMAKE_SOURCE_DIR}/cmake/WindowsDLLVersion.rc.in
${CMAKE_CURRENT_BINARY_DIR}/version.rc
@ONLY)
configure_file(
${CMAKE_SOURCE_DIR}/cmake/WindowsDLLVersion.rc.in
${CMAKE_CURRENT_BINARY_DIR}/version.rc
@ONLY)
set ( ${MODULE_PREFIX}_SRCS ${${MODULE_PREFIX}_SRCS} ${CMAKE_CURRENT_BINARY_DIR}/version.rc)
set(${MODULE_PREFIX}_SRCS ${${MODULE_PREFIX}_SRCS} ${CMAKE_CURRENT_BINARY_DIR}/version.rc)
endif()
add_executable(${MODULE_NAME} ${${MODULE_PREFIX}_SRCS})
set(${MODULE_PREFIX}_LIBS
${ZLIB_LIBRARIES}
${OPENSSL_LIBRARIES}
winpr)
set(${MODULE_PREFIX}_LIBS winpr)
target_link_libraries(${MODULE_NAME} ${${MODULE_PREFIX}_LIBS})

View File

@ -20,15 +20,25 @@ set(MODULE_PREFIX "WINPR_MAKECERT_TOOL")
set(${MODULE_PREFIX}_SRCS makecert.c)
include_directories(${ZLIB_INCLUDE_DIRS})
include_directories(${OPENSSL_INCLUDE_DIR})
if(OPENSSL_FOUND)
include_directories(${OPENSSL_INCLUDE_DIR})
endif()
if(MBEDTLS_FOUND)
include_directories(${MBEDTLS_INCLUDE_DIR})
endif()
add_library(${MODULE_NAME} STATIC ${${MODULE_PREFIX}_SRCS})
set(${MODULE_PREFIX}_LIBS
${ZLIB_LIBRARIES}
${OPENSSL_LIBRARIES}
winpr)
set(${MODULE_PREFIX}_LIBS winpr)
if(OPENSSL_FOUND)
list(APPEND ${MODULE_PREFIX}_LIBS ${OPENSSL_LIBRARIES})
endif()
if(MBEDTLS_FOUND)
list(APPEND ${MODULE_PREFIX}_LIBS ${MBEDTLS_LIBRARIES})
endif()
target_link_libraries(${MODULE_NAME} ${${MODULE_PREFIX}_LIBS})

View File

@ -23,20 +23,20 @@ include_directories(..)
set(${MODULE_PREFIX}_SRCS
main.c)
# On windows create dll version information.
# On windows create dll version information.
# Vendor, product and year are already set in top level CMakeLists.txt
if (WIN32)
set (RC_VERSION_MAJOR ${WINPR_VERSION_MAJOR})
set (RC_VERSION_MINOR ${WINPR_VERSION_MINOR})
set (RC_VERSION_BUILD ${WINPR_VERSION_REVISION})
set (RC_VERSION_FILE "${MODULE_NAME}${CMAKE_EXECUTABLE_SUFFIX}" )
set(RC_VERSION_MAJOR ${WINPR_VERSION_MAJOR})
set(RC_VERSION_MINOR ${WINPR_VERSION_MINOR})
set(RC_VERSION_BUILD ${WINPR_VERSION_REVISION})
set(RC_VERSION_FILE "${MODULE_NAME}${CMAKE_EXECUTABLE_SUFFIX}")
configure_file(
${CMAKE_SOURCE_DIR}/cmake/WindowsDLLVersion.rc.in
${CMAKE_CURRENT_BINARY_DIR}/version.rc
@ONLY)
configure_file(
${CMAKE_SOURCE_DIR}/cmake/WindowsDLLVersion.rc.in
${CMAKE_CURRENT_BINARY_DIR}/version.rc
@ONLY)
set ( ${MODULE_PREFIX}_SRCS ${${MODULE_PREFIX}_SRCS} ${CMAKE_CURRENT_BINARY_DIR}/version.rc)
set(${MODULE_PREFIX}_SRCS ${${MODULE_PREFIX}_SRCS} ${CMAKE_CURRENT_BINARY_DIR}/version.rc)
endif()
add_executable(${MODULE_NAME} ${${MODULE_PREFIX}_SRCS})

View File

@ -17,19 +17,17 @@
* limitations under the License.
*/
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <winpr/crt.h>
#include <winpr/path.h>
#include <winpr/cmdline.h>
#include <winpr/sysinfo.h>
#ifdef WITH_OPENSSL
#include <openssl/conf.h>
#include <openssl/pem.h>
#include <openssl/pkcs12.h>
#include <openssl/x509v3.h>
#endif
#include <winpr/tools/makecert.h>
@ -38,10 +36,12 @@ struct _MAKECERT_CONTEXT
int argc;
char** argv;
#ifdef WITH_OPENSSL
RSA* rsa;
X509* x509;
EVP_PKEY* pkey;
PKCS12* pkcs12;
#endif
BOOL live;
BOOL silent;
@ -263,6 +263,7 @@ int makecert_print_command_line_help(int argc, char** argv)
return 1;
}
#ifdef WITH_OPENSSL
int x509_add_ext(X509* cert, int nid, char* value)
{
X509V3_CTX ctx;
@ -281,6 +282,7 @@ int x509_add_ext(X509* cert, int nid, char* value)
return 1;
}
#endif
char* x509_name_parse(char* name, char* txt, int* length)
{
@ -309,7 +311,7 @@ char* x509_get_default_name()
CHAR* computerName = NULL;
DWORD nSize = 0;
if (GetComputerNameExA(ComputerNamePhysicalDnsFullyQualified, NULL, &nSize) ||
if (GetComputerNameExA(ComputerNamePhysicalDnsFullyQualified, NULL, &nSize) ||
GetLastError() != ERROR_MORE_DATA)
goto fallback;
@ -320,10 +322,10 @@ char* x509_get_default_name()
if (!GetComputerNameExA(ComputerNamePhysicalDnsFullyQualified, computerName, &nSize))
goto fallback;
return computerName;
return computerName;
fallback:
free(computerName);
free(computerName);
if (GetComputerNameExA(ComputerNamePhysicalNetBIOS, NULL, &nSize) ||
GetLastError() != ERROR_MORE_DATA)
@ -493,6 +495,7 @@ int makecert_context_set_output_file_name(MAKECERT_CONTEXT* context, char* name)
int makecert_context_output_certificate_file(MAKECERT_CONTEXT* context, char* path)
{
#ifdef WITH_OPENSSL
FILE* fp = NULL;
int status;
int length;
@ -741,10 +744,14 @@ out_fail:
free(fullpath);
return ret;
#else
return 1;
#endif
}
int makecert_context_output_private_key_file(MAKECERT_CONTEXT* context, char* path)
{
#ifdef WITH_OPENSSL
FILE* fp = NULL;
int status;
int length;
@ -853,10 +860,14 @@ out_fail:
free(fullpath);
return ret;
#else
return 1;
#endif
}
int makecert_context_process(MAKECERT_CONTEXT* context, int argc, char** argv)
{
#ifdef WITH_OPENSSL
int length;
char* entry;
int key_length;
@ -1099,7 +1110,7 @@ int makecert_context_process(MAKECERT_CONTEXT* context, int argc, char** argv)
return -1;
}
}
#endif
return 0;
}
@ -1124,15 +1135,16 @@ void makecert_context_free(MAKECERT_CONTEXT* context)
{
free(context->password);
X509_free(context->x509);
EVP_PKEY_free(context->pkey);
free(context->default_name);
free(context->common_name);
free(context->output_file);
free(context->output_path);
#ifdef WITH_OPENSSL
X509_free(context->x509);
EVP_PKEY_free(context->pkey);
CRYPTO_cleanup_all_ex_data();
#endif
free(context);
}