Moved assistance to winpr crypto.

2016-03-07 11:51:13 +01:00 · 2016-03-07 11:51:13 +01:00 · 2208a84cd4
commit 2208a84cd4
parent 52f1e6b27a
3 changed files with 56 additions and 72 deletions
--- a/libfreerdp/common/CMakeLists.txt
+++ b/libfreerdp/common/CMakeLists.txt
@ -25,10 +25,9 @@ set(${MODULE_PREFIX}_SRCS
 freerdp_module_add(${${MODULE_PREFIX}_SRCS})
 freerdp_include_directory_add(${OPENSSL_INCLUDE_DIR})
 freerdp_include_directory_add(${ZLIB_INCLUDE_DIRS})
-freerdp_library_add(${OPENSSL_LIBRARIES} ${ZLIB_LIBRARIES})
+freerdp_library_add(${ZLIB_LIBRARIES})
 if(BUILD_TESTING)
 	add_subdirectory(test)
--- a/libfreerdp/common/assistance.c
+++ b/libfreerdp/common/assistance.c
@ -26,11 +26,6 @@
 #include <winpr/print.h>
 #include <winpr/windows.h>
 #include <openssl/ssl.h>
 #include <openssl/evp.h>
 #include <openssl/aes.h>
 #include <openssl/engine.h>
 #include <freerdp/log.h>
 #include <freerdp/client/file.h>
 #include <freerdp/client/cmdline.h>
@ -77,11 +72,12 @@
 int freerdp_assistance_crypt_derive_key_sha1(BYTE* hash, int hashLength, BYTE* key, int keyLength)
 {
 	int rc = -1;
 	int i;
 	BYTE* buffer;
 	BYTE pad1[64];
 	BYTE pad2[64];
-	SHA_CTX hashCtx;
+	WINPR_SHA1_CTX hashCtx;
 	memset(pad1, 0x36, 64);
 	memset(pad2, 0x5C, 64);
@ -95,21 +91,29 @@ int freerdp_assistance_crypt_derive_key_sha1(BYTE* hash, int hashLength, BYTE* k
 	buffer = (BYTE*) calloc(1, hashLength * 2);
 	if (!buffer)
-		return -1;
+		goto fail;
-	SHA1_Init(&hashCtx);
+	if (!winpr_SHA1_Init(&hashCtx))
-	SHA1_Update(&hashCtx, pad1, 64);
+		goto fail;
-	SHA1_Final((void*) buffer, &hashCtx);
+	if (!winpr_SHA1_Update(&hashCtx, pad1, 64))
 		goto fail;
 	if (!winpr_SHA1_Final(&hashCtx, buffer, hashLength))
 		goto fail;
-	SHA1_Init(&hashCtx);
+	if (!winpr_SHA1_Init(&hashCtx))
-	SHA1_Update(&hashCtx, pad2, 64);
+		goto fail;
-	SHA1_Final((void*) &buffer[hashLength], &hashCtx);
+	if (!winpr_SHA1_Update(&hashCtx, pad2, 64))
 		goto fail;
 	if (!winpr_SHA1_Final(&hashCtx, &buffer[hashLength], hashLength))
 		goto fail;
 	CopyMemory(key, buffer, keyLength);
 	rc = 1;
 fail:
 	free(buffer);
-	return 1;
+	return rc;
 }
 int freerdp_assistance_parse_address_list(rdpAssistanceFile* file, char* list)
@ -543,15 +547,16 @@ char* freerdp_assistance_generate_pass_stub(DWORD flags)
 BYTE* freerdp_assistance_encrypt_pass_stub(const char* password, const char* passStub, int* pEncryptedSize)
 {
 	BOOL rc;
 	int status;
 	WINPR_MD5_CTX md5Ctx;
 	int cbPasswordW;
 	int cbPassStubW;
 	int EncryptedSize;
 	BYTE PasswordHash[WINPR_MD5_DIGEST_LENGTH];
-	EVP_CIPHER_CTX rc4Ctx;
+	WINPR_CIPHER_CTX* rc4Ctx;
 	BYTE* pbIn, *pbOut;
-	int cbOut, cbIn, cbFinal;
+	size_t cbOut, cbIn, cbFinal;
 	WCHAR* PasswordW = NULL;
 	WCHAR* PassStubW = NULL;
@ -617,21 +622,9 @@ BYTE* freerdp_assistance_encrypt_pass_stub(const char* password, const char* pas
 	free(PasswordW);
 	free(PassStubW);
-	EVP_CIPHER_CTX_init(&rc4Ctx);
+	rc4Ctx = winpr_Cipher_New(WINPR_CIPHER_ARC4_128, WINPR_ENCRYPT,
-
+				  PasswordHash, NULL);
-	status = EVP_EncryptInit_ex(&rc4Ctx, EVP_rc4(), NULL, NULL, NULL);
+	if (!rc4Ctx)
 	if (!status)
 	{
 		WLog_ERR(TAG,  "EVP_CipherInit_ex failure");
 		free (pbOut);
 		free (pbIn);
 		return NULL;
 	}
 	status = EVP_EncryptInit_ex(&rc4Ctx, NULL, NULL, PasswordHash, NULL);
 	if (!status)
 	{
 		WLog_ERR(TAG,  "EVP_CipherInit_ex failure");
 		free (pbOut);
@ -642,26 +635,26 @@ BYTE* freerdp_assistance_encrypt_pass_stub(const char* password, const char* pas
 	cbOut = cbFinal = 0;
 	cbIn = EncryptedSize;
-	status = EVP_EncryptUpdate(&rc4Ctx, pbOut, &cbOut, pbIn, cbIn);
+	rc = winpr_Cipher_Update(rc4Ctx, pbIn, cbIn, pbOut, &cbOut);
 	free(pbIn);
-	if (!status)
+	if (!rc)
 	{
 		WLog_ERR(TAG,  "EVP_CipherUpdate failure");
 		winpr_Cipher_Free(rc4Ctx);
 		free (pbOut);
 		return NULL;
 	}
-	status = EVP_EncryptFinal_ex(&rc4Ctx, pbOut + cbOut, &cbFinal);
+	if (!winpr_Cipher_Final(rc4Ctx, pbOut + cbOut, &cbFinal))
 	if (!status)
 	{
 		WLog_ERR(TAG,  "EVP_CipherFinal_ex failure");
 		winpr_Cipher_Free(rc4Ctx);
 		free (pbOut);
 		return NULL;
 	}
-	EVP_CIPHER_CTX_cleanup(&rc4Ctx);
+	winpr_Cipher_Free(rc4Ctx);
 	*pEncryptedSize = EncryptedSize;
@ -671,17 +664,17 @@ BYTE* freerdp_assistance_encrypt_pass_stub(const char* password, const char* pas
 int freerdp_assistance_decrypt2(rdpAssistanceFile* file, const char* password)
 {
 	int status;
-	SHA_CTX shaCtx;
+	WINPR_SHA1_CTX shaCtx;
 	int cbPasswordW;
 	int cchOutW = 0;
 	WCHAR* pbOutW = NULL;
-	EVP_CIPHER_CTX aesDec;
+	WINPR_CIPHER_CTX* aesDec;
 	WCHAR* PasswordW = NULL;
 	BYTE* pbIn, *pbOut;
-	int cbOut, cbIn, cbFinal;
+	size_t cbOut, cbIn, cbFinal;
-	BYTE DerivedKey[AES_BLOCK_SIZE];
+	BYTE DerivedKey[WINPR_AES_BLOCK_SIZE];
-	BYTE InitializationVector[AES_BLOCK_SIZE];
+	BYTE InitializationVector[WINPR_AES_BLOCK_SIZE];
-	BYTE PasswordHash[SHA_DIGEST_LENGTH];
+	BYTE PasswordHash[WINPR_SHA1_DIGEST_LENGTH];
 	status = ConvertToUnicode(CP_UTF8, 0, password, -1, &PasswordW, 0);
@ -690,9 +683,13 @@ int freerdp_assistance_decrypt2(rdpAssistanceFile* file, const char* password)
 	cbPasswordW = (status - 1) * 2;
-	SHA1_Init(&shaCtx);
+	if (!winpr_SHA1_Init(&shaCtx) ||
-	SHA1_Update(&shaCtx, PasswordW, cbPasswordW);
+	    !winpr_SHA1_Update(&shaCtx, (BYTE*)PasswordW, cbPasswordW) ||
-	SHA1_Final((void*) PasswordHash, &shaCtx);
+	    !winpr_SHA1_Final(&shaCtx, PasswordHash, sizeof(PasswordHash)))
 	{
 		free (PasswordW);
 		return -1;
 	}
 	status = freerdp_assistance_crypt_derive_key_sha1(PasswordHash, sizeof(PasswordHash),
 			 DerivedKey, sizeof(DerivedKey));
@ -705,22 +702,9 @@ int freerdp_assistance_decrypt2(rdpAssistanceFile* file, const char* password)
 	ZeroMemory(InitializationVector, sizeof(InitializationVector));
-	EVP_CIPHER_CTX_init(&aesDec);
+	aesDec = winpr_Cipher_New(WINPR_CIPHER_AES_128_CBC, WINPR_DECRYPT,
-
+				  DerivedKey, InitializationVector);
-	status = EVP_DecryptInit_ex(&aesDec, EVP_aes_128_cbc(), NULL, NULL, NULL);
+	if (!aesDec)
 	if (status != 1)
 	{
 		free(PasswordW);
 		return -1;
 	}
 	EVP_CIPHER_CTX_set_key_length(&aesDec, (128 / 8));
 	EVP_CIPHER_CTX_set_padding(&aesDec, 0);
 	status = EVP_DecryptInit_ex(&aesDec, EVP_aes_128_cbc(), NULL, DerivedKey, InitializationVector);
 	if (status != 1)
 	{
 		free(PasswordW);
 		return -1;
@ -729,34 +713,33 @@ int freerdp_assistance_decrypt2(rdpAssistanceFile* file, const char* password)
 	cbOut = cbFinal = 0;
 	cbIn = file->EncryptedLHTicketLength;
 	pbIn = (BYTE*) file->EncryptedLHTicket;
-	pbOut = (BYTE*) calloc(1, cbIn + AES_BLOCK_SIZE + 2);
+	pbOut = (BYTE*) calloc(1, cbIn + WINPR_AES_BLOCK_SIZE + 2);
 	if (!pbOut)
 	{
 		winpr_Cipher_Free(aesDec);
 		free(PasswordW);
 		return -1;
 	}
-	status = EVP_DecryptUpdate(&aesDec, pbOut, &cbOut, pbIn, cbIn);
+	if (!winpr_Cipher_Update(aesDec, pbIn, cbIn, pbOut, &cbOut))
 	if (status != 1)
 	{
 		winpr_Cipher_Free(aesDec);
 		free(PasswordW);
 		free(pbOut);
 		return -1;
 	}
-	status = EVP_DecryptFinal_ex(&aesDec, pbOut + cbOut, &cbFinal);
+	if (!winpr_Cipher_Final(aesDec, pbOut + cbOut, &cbFinal))
 	if (status != 1)
 	{
 		WLog_ERR(TAG,  "EVP_DecryptFinal_ex failure");
 		winpr_Cipher_Free(aesDec);
 		free(PasswordW);
 		free(pbOut);
 		return -1;
 	}
-	EVP_CIPHER_CTX_cleanup(&aesDec);
+	winpr_Cipher_Free(aesDec);
 	cbOut += cbFinal;
 	cbFinal = 0;
--- a/winpr/include/winpr/crypto.h
+++ b/winpr/include/winpr/crypto.h
@ -913,6 +913,8 @@ WINPR_API void winpr_RC4_Free(WINPR_RC4_CTX* ctx);
 * Generic Cipher API
 */
 #define WINPR_AES_BLOCK_SIZE			16
 /* cipher operation types */
 #define WINPR_ENCRYPT				0
 #define WINPR_DECRYPT				1