Moved assistance to winpr crypto.
This commit is contained in:
parent
52f1e6b27a
commit
2208a84cd4
@ -25,10 +25,9 @@ set(${MODULE_PREFIX}_SRCS
|
||||
|
||||
freerdp_module_add(${${MODULE_PREFIX}_SRCS})
|
||||
|
||||
freerdp_include_directory_add(${OPENSSL_INCLUDE_DIR})
|
||||
freerdp_include_directory_add(${ZLIB_INCLUDE_DIRS})
|
||||
|
||||
freerdp_library_add(${OPENSSL_LIBRARIES} ${ZLIB_LIBRARIES})
|
||||
freerdp_library_add(${ZLIB_LIBRARIES})
|
||||
|
||||
if(BUILD_TESTING)
|
||||
add_subdirectory(test)
|
||||
|
@ -26,11 +26,6 @@
|
||||
#include <winpr/print.h>
|
||||
#include <winpr/windows.h>
|
||||
|
||||
#include <openssl/ssl.h>
|
||||
#include <openssl/evp.h>
|
||||
#include <openssl/aes.h>
|
||||
#include <openssl/engine.h>
|
||||
|
||||
#include <freerdp/log.h>
|
||||
#include <freerdp/client/file.h>
|
||||
#include <freerdp/client/cmdline.h>
|
||||
@ -77,11 +72,12 @@
|
||||
|
||||
int freerdp_assistance_crypt_derive_key_sha1(BYTE* hash, int hashLength, BYTE* key, int keyLength)
|
||||
{
|
||||
int rc = -1;
|
||||
int i;
|
||||
BYTE* buffer;
|
||||
BYTE pad1[64];
|
||||
BYTE pad2[64];
|
||||
SHA_CTX hashCtx;
|
||||
WINPR_SHA1_CTX hashCtx;
|
||||
|
||||
memset(pad1, 0x36, 64);
|
||||
memset(pad2, 0x5C, 64);
|
||||
@ -95,21 +91,29 @@ int freerdp_assistance_crypt_derive_key_sha1(BYTE* hash, int hashLength, BYTE* k
|
||||
buffer = (BYTE*) calloc(1, hashLength * 2);
|
||||
|
||||
if (!buffer)
|
||||
return -1;
|
||||
goto fail;
|
||||
|
||||
SHA1_Init(&hashCtx);
|
||||
SHA1_Update(&hashCtx, pad1, 64);
|
||||
SHA1_Final((void*) buffer, &hashCtx);
|
||||
if (!winpr_SHA1_Init(&hashCtx))
|
||||
goto fail;
|
||||
if (!winpr_SHA1_Update(&hashCtx, pad1, 64))
|
||||
goto fail;
|
||||
if (!winpr_SHA1_Final(&hashCtx, buffer, hashLength))
|
||||
goto fail;
|
||||
|
||||
SHA1_Init(&hashCtx);
|
||||
SHA1_Update(&hashCtx, pad2, 64);
|
||||
SHA1_Final((void*) &buffer[hashLength], &hashCtx);
|
||||
if (!winpr_SHA1_Init(&hashCtx))
|
||||
goto fail;
|
||||
if (!winpr_SHA1_Update(&hashCtx, pad2, 64))
|
||||
goto fail;
|
||||
if (!winpr_SHA1_Final(&hashCtx, &buffer[hashLength], hashLength))
|
||||
goto fail;
|
||||
|
||||
CopyMemory(key, buffer, keyLength);
|
||||
|
||||
rc = 1;
|
||||
fail:
|
||||
free(buffer);
|
||||
|
||||
return 1;
|
||||
return rc;
|
||||
}
|
||||
|
||||
int freerdp_assistance_parse_address_list(rdpAssistanceFile* file, char* list)
|
||||
@ -543,15 +547,16 @@ char* freerdp_assistance_generate_pass_stub(DWORD flags)
|
||||
|
||||
BYTE* freerdp_assistance_encrypt_pass_stub(const char* password, const char* passStub, int* pEncryptedSize)
|
||||
{
|
||||
BOOL rc;
|
||||
int status;
|
||||
WINPR_MD5_CTX md5Ctx;
|
||||
int cbPasswordW;
|
||||
int cbPassStubW;
|
||||
int EncryptedSize;
|
||||
BYTE PasswordHash[WINPR_MD5_DIGEST_LENGTH];
|
||||
EVP_CIPHER_CTX rc4Ctx;
|
||||
WINPR_CIPHER_CTX* rc4Ctx;
|
||||
BYTE* pbIn, *pbOut;
|
||||
int cbOut, cbIn, cbFinal;
|
||||
size_t cbOut, cbIn, cbFinal;
|
||||
WCHAR* PasswordW = NULL;
|
||||
WCHAR* PassStubW = NULL;
|
||||
|
||||
@ -617,21 +622,9 @@ BYTE* freerdp_assistance_encrypt_pass_stub(const char* password, const char* pas
|
||||
free(PasswordW);
|
||||
free(PassStubW);
|
||||
|
||||
EVP_CIPHER_CTX_init(&rc4Ctx);
|
||||
|
||||
status = EVP_EncryptInit_ex(&rc4Ctx, EVP_rc4(), NULL, NULL, NULL);
|
||||
|
||||
if (!status)
|
||||
{
|
||||
WLog_ERR(TAG, "EVP_CipherInit_ex failure");
|
||||
free (pbOut);
|
||||
free (pbIn);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
status = EVP_EncryptInit_ex(&rc4Ctx, NULL, NULL, PasswordHash, NULL);
|
||||
|
||||
if (!status)
|
||||
rc4Ctx = winpr_Cipher_New(WINPR_CIPHER_ARC4_128, WINPR_ENCRYPT,
|
||||
PasswordHash, NULL);
|
||||
if (!rc4Ctx)
|
||||
{
|
||||
WLog_ERR(TAG, "EVP_CipherInit_ex failure");
|
||||
free (pbOut);
|
||||
@ -642,26 +635,26 @@ BYTE* freerdp_assistance_encrypt_pass_stub(const char* password, const char* pas
|
||||
cbOut = cbFinal = 0;
|
||||
cbIn = EncryptedSize;
|
||||
|
||||
status = EVP_EncryptUpdate(&rc4Ctx, pbOut, &cbOut, pbIn, cbIn);
|
||||
rc = winpr_Cipher_Update(rc4Ctx, pbIn, cbIn, pbOut, &cbOut);
|
||||
free(pbIn);
|
||||
|
||||
if (!status)
|
||||
if (!rc)
|
||||
{
|
||||
WLog_ERR(TAG, "EVP_CipherUpdate failure");
|
||||
winpr_Cipher_Free(rc4Ctx);
|
||||
free (pbOut);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
status = EVP_EncryptFinal_ex(&rc4Ctx, pbOut + cbOut, &cbFinal);
|
||||
|
||||
if (!status)
|
||||
if (!winpr_Cipher_Final(rc4Ctx, pbOut + cbOut, &cbFinal))
|
||||
{
|
||||
WLog_ERR(TAG, "EVP_CipherFinal_ex failure");
|
||||
winpr_Cipher_Free(rc4Ctx);
|
||||
free (pbOut);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
EVP_CIPHER_CTX_cleanup(&rc4Ctx);
|
||||
winpr_Cipher_Free(rc4Ctx);
|
||||
|
||||
*pEncryptedSize = EncryptedSize;
|
||||
|
||||
@ -671,17 +664,17 @@ BYTE* freerdp_assistance_encrypt_pass_stub(const char* password, const char* pas
|
||||
int freerdp_assistance_decrypt2(rdpAssistanceFile* file, const char* password)
|
||||
{
|
||||
int status;
|
||||
SHA_CTX shaCtx;
|
||||
WINPR_SHA1_CTX shaCtx;
|
||||
int cbPasswordW;
|
||||
int cchOutW = 0;
|
||||
WCHAR* pbOutW = NULL;
|
||||
EVP_CIPHER_CTX aesDec;
|
||||
WINPR_CIPHER_CTX* aesDec;
|
||||
WCHAR* PasswordW = NULL;
|
||||
BYTE* pbIn, *pbOut;
|
||||
int cbOut, cbIn, cbFinal;
|
||||
BYTE DerivedKey[AES_BLOCK_SIZE];
|
||||
BYTE InitializationVector[AES_BLOCK_SIZE];
|
||||
BYTE PasswordHash[SHA_DIGEST_LENGTH];
|
||||
size_t cbOut, cbIn, cbFinal;
|
||||
BYTE DerivedKey[WINPR_AES_BLOCK_SIZE];
|
||||
BYTE InitializationVector[WINPR_AES_BLOCK_SIZE];
|
||||
BYTE PasswordHash[WINPR_SHA1_DIGEST_LENGTH];
|
||||
|
||||
status = ConvertToUnicode(CP_UTF8, 0, password, -1, &PasswordW, 0);
|
||||
|
||||
@ -690,9 +683,13 @@ int freerdp_assistance_decrypt2(rdpAssistanceFile* file, const char* password)
|
||||
|
||||
cbPasswordW = (status - 1) * 2;
|
||||
|
||||
SHA1_Init(&shaCtx);
|
||||
SHA1_Update(&shaCtx, PasswordW, cbPasswordW);
|
||||
SHA1_Final((void*) PasswordHash, &shaCtx);
|
||||
if (!winpr_SHA1_Init(&shaCtx) ||
|
||||
!winpr_SHA1_Update(&shaCtx, (BYTE*)PasswordW, cbPasswordW) ||
|
||||
!winpr_SHA1_Final(&shaCtx, PasswordHash, sizeof(PasswordHash)))
|
||||
{
|
||||
free (PasswordW);
|
||||
return -1;
|
||||
}
|
||||
|
||||
status = freerdp_assistance_crypt_derive_key_sha1(PasswordHash, sizeof(PasswordHash),
|
||||
DerivedKey, sizeof(DerivedKey));
|
||||
@ -705,22 +702,9 @@ int freerdp_assistance_decrypt2(rdpAssistanceFile* file, const char* password)
|
||||
|
||||
ZeroMemory(InitializationVector, sizeof(InitializationVector));
|
||||
|
||||
EVP_CIPHER_CTX_init(&aesDec);
|
||||
|
||||
status = EVP_DecryptInit_ex(&aesDec, EVP_aes_128_cbc(), NULL, NULL, NULL);
|
||||
|
||||
if (status != 1)
|
||||
{
|
||||
free(PasswordW);
|
||||
return -1;
|
||||
}
|
||||
|
||||
EVP_CIPHER_CTX_set_key_length(&aesDec, (128 / 8));
|
||||
EVP_CIPHER_CTX_set_padding(&aesDec, 0);
|
||||
|
||||
status = EVP_DecryptInit_ex(&aesDec, EVP_aes_128_cbc(), NULL, DerivedKey, InitializationVector);
|
||||
|
||||
if (status != 1)
|
||||
aesDec = winpr_Cipher_New(WINPR_CIPHER_AES_128_CBC, WINPR_DECRYPT,
|
||||
DerivedKey, InitializationVector);
|
||||
if (!aesDec)
|
||||
{
|
||||
free(PasswordW);
|
||||
return -1;
|
||||
@ -729,34 +713,33 @@ int freerdp_assistance_decrypt2(rdpAssistanceFile* file, const char* password)
|
||||
cbOut = cbFinal = 0;
|
||||
cbIn = file->EncryptedLHTicketLength;
|
||||
pbIn = (BYTE*) file->EncryptedLHTicket;
|
||||
pbOut = (BYTE*) calloc(1, cbIn + AES_BLOCK_SIZE + 2);
|
||||
pbOut = (BYTE*) calloc(1, cbIn + WINPR_AES_BLOCK_SIZE + 2);
|
||||
|
||||
if (!pbOut)
|
||||
{
|
||||
winpr_Cipher_Free(aesDec);
|
||||
free(PasswordW);
|
||||
return -1;
|
||||
}
|
||||
|
||||
status = EVP_DecryptUpdate(&aesDec, pbOut, &cbOut, pbIn, cbIn);
|
||||
|
||||
if (status != 1)
|
||||
if (!winpr_Cipher_Update(aesDec, pbIn, cbIn, pbOut, &cbOut))
|
||||
{
|
||||
winpr_Cipher_Free(aesDec);
|
||||
free(PasswordW);
|
||||
free(pbOut);
|
||||
return -1;
|
||||
}
|
||||
|
||||
status = EVP_DecryptFinal_ex(&aesDec, pbOut + cbOut, &cbFinal);
|
||||
|
||||
if (status != 1)
|
||||
if (!winpr_Cipher_Final(aesDec, pbOut + cbOut, &cbFinal))
|
||||
{
|
||||
WLog_ERR(TAG, "EVP_DecryptFinal_ex failure");
|
||||
winpr_Cipher_Free(aesDec);
|
||||
free(PasswordW);
|
||||
free(pbOut);
|
||||
return -1;
|
||||
}
|
||||
|
||||
EVP_CIPHER_CTX_cleanup(&aesDec);
|
||||
winpr_Cipher_Free(aesDec);
|
||||
|
||||
cbOut += cbFinal;
|
||||
cbFinal = 0;
|
||||
|
@ -913,6 +913,8 @@ WINPR_API void winpr_RC4_Free(WINPR_RC4_CTX* ctx);
|
||||
* Generic Cipher API
|
||||
*/
|
||||
|
||||
#define WINPR_AES_BLOCK_SIZE 16
|
||||
|
||||
/* cipher operation types */
|
||||
#define WINPR_ENCRYPT 0
|
||||
#define WINPR_DECRYPT 1
|
||||
|
Loading…
Reference in New Issue
Block a user