For salted checksums we need separate counters, as the

encrypt_use_count and decrypt_use_count counters are reset during key
regeneration and we need counters that are never reset.

libfreerdp-core/rdp.h

@@ -136,8 +136,10 @@ struct rdp_rdp
 	struct rdp_mppc* mppc;
 	struct crypto_rc4_struct* rc4_decrypt_key;
 	int decrypt_use_count;
+	int decrypt_checksum_use_count;
 	struct crypto_rc4_struct* rc4_encrypt_key;
 	int encrypt_use_count;
+	int encrypt_checksum_use_count;
 	struct crypto_des3_struct* fips_encrypt;
 	struct crypto_des3_struct* fips_decrypt;
 	struct crypto_hmac_struct* fips_hmac;

libfreerdp-core/security.c

@@ -262,14 +262,17 @@ void security_salted_mac_signature(rdpRdp *rdp, uint8* data, uint32 length, bool
 
 	security_uint32_le(length_le, length); /* length must be little-endian */
 	if (encryption)
-		security_uint32_le(use_count_le, rdp->encrypt_use_count);
+	{
+		security_uint32_le(use_count_le, rdp->encrypt_checksum_use_count);
+	}
 	else
 	{
 		/*
 		 * We calculate checksum on plain text, so we must have already
-		 * decrypt it, which means decrypt_use_count is off by one.
+		 * decrypt it, which means decrypt_checksum_use_count is
+		 * off by one.
 		 */
-		security_uint32_le(use_count_le, rdp->decrypt_use_count - 1);
+		security_uint32_le(use_count_le, rdp->decrypt_checksum_use_count - 1);
 	}
 
 	/* SHA1_Digest = SHA1(MACKeyN + pad1 + length + data) */
@@ -461,7 +464,8 @@ boolean security_encrypt(uint8* data, int length, rdpRdp* rdp)
 		rdp->encrypt_use_count = 0;
 	}
 	crypto_rc4(rdp->rc4_encrypt_key, length, data, data);
-	rdp->encrypt_use_count += 1;
+	rdp->encrypt_use_count++;
+	rdp->encrypt_checksum_use_count++;
 	return true;
 }
 
@@ -476,6 +480,7 @@ boolean security_decrypt(uint8* data, int length, rdpRdp* rdp)
 	}
 	crypto_rc4(rdp->rc4_decrypt_key, length, data, data);
 	rdp->decrypt_use_count += 1;
+	rdp->decrypt_checksum_use_count++;
 	return true;
 }