Updated RC4 API, fixed crashing bug.

This commit is contained in:
Armin Novak 2016-02-28 11:12:17 +01:00
parent 238ff3b315
commit 92c15783dc
10 changed files with 139 additions and 80 deletions

View File

@ -513,12 +513,27 @@ static BOOL rdp_client_establish_keys(rdpRdp* rdp)
goto end;
}
winpr_RC4_Init(rdp->rc4_decrypt_key, rdp->decrypt_key, rdp->rc4_key_len);
winpr_RC4_Init(rdp->rc4_encrypt_key, rdp->encrypt_key, rdp->rc4_key_len);
if (!winpr_RC4_New(&rdp->rc4_decrypt_key, rdp->decrypt_key, rdp->rc4_key_len))
goto end;
if (!winpr_RC4_New(&rdp->rc4_encrypt_key, rdp->encrypt_key, rdp->rc4_key_len))
goto end;
ret = TRUE;
end:
free(crypt_client_random);
if (!ret)
{
winpr_Cipher_Free(rdp->fips_decrypt);
winpr_Cipher_Free(rdp->fips_encrypt);
winpr_RC4_Free(rdp->rc4_decrypt_key);
winpr_RC4_Free(rdp->rc4_encrypt_key);
rdp->fips_decrypt = NULL;
rdp->fips_encrypt = NULL;
rdp->rc4_decrypt_key = NULL;
rdp->rc4_encrypt_key = NULL;
}
return ret;
}
@ -575,12 +590,12 @@ BOOL rdp_server_establish_keys(rdpRdp* rdp, wStream* s)
if (rand_len != key_len + 8)
{
WLog_ERR(TAG, "invalid encrypted client random length");
goto end2;
goto end;
}
crypt_client_random = calloc(1, rand_len);
if (!crypt_client_random)
goto end2;
goto end;
Stream_Read(s, crypt_client_random, rand_len);
mod = rdp->settings->RdpServerRsaKey->Modulus;
@ -589,9 +604,7 @@ BOOL rdp_server_establish_keys(rdpRdp* rdp, wStream* s)
/* now calculate encrypt / decrypt and update keys */
if (!security_establish_keys(client_random, rdp))
{
goto end;
}
rdp->do_crypt = TRUE;
@ -621,15 +634,28 @@ BOOL rdp_server_establish_keys(rdpRdp* rdp, wStream* s)
goto end;
}
winpr_RC4_Init(rdp->rc4_decrypt_key, rdp->decrypt_key, rdp->rc4_key_len);
winpr_RC4_Init(rdp->rc4_encrypt_key, rdp->encrypt_key, rdp->rc4_key_len);
if (!winpr_RC4_New(&rdp->rc4_decrypt_key, rdp->decrypt_key, rdp->rc4_key_len))
goto end;
if (!winpr_RC4_New(&rdp->rc4_encrypt_key, rdp->encrypt_key, rdp->rc4_key_len))
goto end;
ret = TRUE;
end:
free(crypt_client_random);
end2:
free(client_random);
if (!ret)
{
winpr_Cipher_Free(rdp->fips_encrypt);
winpr_Cipher_Free(rdp->fips_decrypt);
winpr_RC4_Free(rdp->rc4_encrypt_key);
winpr_RC4_Free(rdp->rc4_decrypt_key);
rdp->fips_encrypt = NULL;
rdp->fips_decrypt = NULL;
rdp->rc4_encrypt_key = NULL;
rdp->rc4_decrypt_key = NULL;
}
return ret;
}

View File

@ -458,20 +458,22 @@ BOOL license_encrypt_premaster_secret(rdpLicense* license)
BOOL license_decrypt_platform_challenge(rdpLicense* license)
{
WINPR_RC4_CTX rc4;
BOOL rc;
WINPR_RC4_CTX* rc4;
license->PlatformChallenge->data = (BYTE *)malloc(license->EncryptedPlatformChallenge->length);
if (!license->PlatformChallenge->data)
return FALSE;
license->PlatformChallenge->length = license->EncryptedPlatformChallenge->length;
winpr_RC4_Init(&rc4, license->LicensingEncryptionKey, LICENSING_ENCRYPTION_KEY_LENGTH);
winpr_RC4_Update(&rc4, license->EncryptedPlatformChallenge->length,
if (!winpr_RC4_New(&rc4, license->LicensingEncryptionKey, LICENSING_ENCRYPTION_KEY_LENGTH))
return FALSE;
rc = winpr_RC4_Update(rc4, license->EncryptedPlatformChallenge->length,
license->EncryptedPlatformChallenge->data,
license->PlatformChallenge->data);
winpr_RC4_Final(&rc4);
return TRUE;
winpr_RC4_Free(rc4);
return rc;
}
/**
@ -1015,7 +1017,7 @@ BOOL license_send_platform_challenge_response_packet(rdpLicense* license)
wStream* s;
int length;
BYTE* buffer;
WINPR_RC4_CTX rc4;
WINPR_RC4_CTX* rc4;
BYTE mac_data[16];
BOOL status;
@ -1036,14 +1038,20 @@ BOOL license_send_platform_challenge_response_packet(rdpLicense* license)
if (!status)
return FALSE;
winpr_RC4_Init(&rc4, license->LicensingEncryptionKey, LICENSING_ENCRYPTION_KEY_LENGTH);
if (!winpr_RC4_New(&rc4, license->LicensingEncryptionKey, LICENSING_ENCRYPTION_KEY_LENGTH))
return FALSE;
buffer = (BYTE*) malloc(HWID_LENGTH);
if (!buffer)
return FALSE;
winpr_RC4_Update(&rc4, HWID_LENGTH, license->HardwareId, buffer);
winpr_RC4_Final(&rc4);
status = winpr_RC4_Update(rc4, HWID_LENGTH, license->HardwareId, buffer);
winpr_RC4_Free(rc4);
if (!status)
{
free(buffer);
return FALSE;
}
license->EncryptedHardwareId->type = BB_DATA_BLOB;
license->EncryptedHardwareId->data = buffer;

View File

@ -1590,13 +1590,13 @@ void rdp_reset(rdpRdp* rdp)
if (rdp->rc4_decrypt_key)
{
winpr_RC4_Final(rdp->rc4_decrypt_key);
winpr_RC4_Free(rdp->rc4_decrypt_key);
rdp->rc4_decrypt_key = NULL;
}
if (rdp->rc4_encrypt_key)
{
winpr_RC4_Final(rdp->rc4_encrypt_key);
winpr_RC4_Free(rdp->rc4_encrypt_key);
rdp->rc4_encrypt_key = NULL;
}
@ -1661,8 +1661,8 @@ void rdp_free(rdpRdp* rdp)
{
if (rdp)
{
winpr_RC4_Final(rdp->rc4_decrypt_key);
winpr_RC4_Final(rdp->rc4_encrypt_key);
winpr_RC4_Free(rdp->rc4_decrypt_key);
winpr_RC4_Free(rdp->rc4_encrypt_key);
winpr_Cipher_Free(rdp->fips_encrypt);
winpr_Cipher_Free(rdp->fips_decrypt);
free(rdp->fips_hmac);

View File

@ -538,7 +538,8 @@ BOOL security_key_update(BYTE* key, BYTE* update_key, int key_len, rdpRdp* rdp)
BYTE sha1h[WINPR_SHA1_DIGEST_LENGTH];
WINPR_MD5_CTX md5;
WINPR_SHA1_CTX sha1;
WINPR_RC4_CTX rc4;
WINPR_RC4_CTX* rc4;
BOOL rc;
BYTE salt[] = { 0xD1, 0x26, 0x9E }; /* 40 bits: 3 bytes, 56 bits: 1 byte */
if (!winpr_SHA1_Init(&sha1))
@ -563,11 +564,12 @@ BOOL security_key_update(BYTE* key, BYTE* update_key, int key_len, rdpRdp* rdp)
if (!winpr_MD5_Final(&md5, key, WINPR_MD5_DIGEST_LENGTH))
return FALSE;
if (!winpr_RC4_Init(&rc4, key, key_len))
if (!winpr_RC4_New(&rc4, key, key_len))
return FALSE;
if (!winpr_RC4_Update(&rc4, key_len, key, key))
return FALSE;
if (!winpr_RC4_Final(&rc4))
rc = winpr_RC4_Update(rc4, key_len, key, key);
winpr_RC4_Free(rc4);
if (!rc)
return FALSE;
if (rdp->settings->EncryptionMethods == ENCRYPTION_METHOD_40BIT)
@ -585,9 +587,8 @@ BOOL security_encrypt(BYTE* data, int length, rdpRdp* rdp)
if (!security_key_update(rdp->encrypt_key, rdp->encrypt_update_key, rdp->rc4_key_len, rdp))
return FALSE;
if (!winpr_RC4_Final(rdp->rc4_encrypt_key))
return FALSE;
if (!winpr_RC4_Init(rdp->rc4_encrypt_key, rdp->encrypt_key, rdp->rc4_key_len))
winpr_RC4_Free(rdp->rc4_encrypt_key);
if (!winpr_RC4_New(&rdp->rc4_encrypt_key, rdp->encrypt_key, rdp->rc4_key_len))
return FALSE;
rdp->encrypt_use_count = 0;
@ -609,9 +610,8 @@ BOOL security_decrypt(BYTE* data, int length, rdpRdp* rdp)
{
if (!security_key_update(rdp->decrypt_key, rdp->decrypt_update_key, rdp->rc4_key_len, rdp))
return FALSE;
if (!winpr_RC4_Final(rdp->rc4_decrypt_key))
return FALSE;
if (!winpr_RC4_Init(rdp->rc4_decrypt_key, rdp->decrypt_key, rdp->rc4_key_len))
winpr_RC4_Free(rdp->rc4_decrypt_key);
if (!winpr_RC4_New(&rdp->rc4_decrypt_key, rdp->decrypt_key, rdp->rc4_key_len))
return FALSE;
rdp->decrypt_use_count = 0;

View File

@ -901,9 +901,9 @@ typedef union _WINPR_RC4_CTX WINPR_RC4_CTX;
extern "C" {
#endif
WINPR_API BOOL winpr_RC4_Init(WINPR_RC4_CTX* ctx, const BYTE* key, size_t keylen);
WINPR_API BOOL winpr_RC4_New(WINPR_RC4_CTX** ctx, const BYTE* key, size_t keylen);
WINPR_API BOOL winpr_RC4_Update(WINPR_RC4_CTX* ctx, size_t length, const BYTE* input, BYTE* output);
WINPR_API BOOL winpr_RC4_Final(WINPR_RC4_CTX* ctx);
WINPR_API void winpr_RC4_Free(WINPR_RC4_CTX* ctx);
#ifdef __cplusplus
}

View File

@ -43,14 +43,25 @@
* RC4
*/
BOOL winpr_RC4_Init(WINPR_RC4_CTX* ctx, const BYTE* key, size_t keylen)
BOOL winpr_RC4_New(WINPR_RC4_CTX** octx, const BYTE* key, size_t keylen)
{
WINPR_RC4_CTX* ctx = NULL;
if (!octx || !key || (keylen == 0))
return FALSE;
ctx = calloc(1, sizeof(WINPR_RC4_CTX));
if (!ctx)
return FALSE;
#if defined(WITH_OPENSSL)
RC4_set_key((RC4_KEY*) ctx, keylen, key);
#elif defined(WITH_MBEDTLS) && defined(MBEDTLS_ARC4_C)
mbedtls_arc4_init((mbedtls_arc4_context*) ctx);
mbedtls_arc4_setup((mbedtls_arc4_context*) ctx, key, keylen);
#endif
*octx = ctx;
return TRUE;
}
@ -66,14 +77,17 @@ BOOL winpr_RC4_Update(WINPR_RC4_CTX* ctx, size_t length, const BYTE* input, BYTE
return TRUE;
}
BOOL winpr_RC4_Final(WINPR_RC4_CTX* ctx)
void winpr_RC4_Free(WINPR_RC4_CTX* ctx)
{
if (!ctx)
return;
#if defined(WITH_OPENSSL)
#elif defined(WITH_MBEDTLS) && defined(MBEDTLS_ARC4_C)
mbedtls_arc4_free((mbedtls_arc4_context*) ctx);
#endif
return TRUE;
free(ctx);
}
/**

View File

@ -7,22 +7,26 @@ static const BYTE* TEST_RC4_KEY = (BYTE*) "Key";
static const char* TEST_RC4_PLAINTEXT = "Plaintext";
static const BYTE* TEST_RC4_CIPHERTEXT = (BYTE*) "\xBB\xF3\x16\xE8\xD9\x40\xAF\x0A\xD3";
BOOL test_crypto_cipher_rc4()
static BOOL test_crypto_cipher_rc4()
{
size_t len;
BYTE* text;
WINPR_RC4_CTX ctx;
BOOL rc = FALSE;
BYTE* text = NULL;
WINPR_RC4_CTX* ctx;
len = strlen(TEST_RC4_PLAINTEXT);
text = (BYTE*) calloc(1, len);
if (!text)
return FALSE;
goto out;
winpr_RC4_Init(&ctx, TEST_RC4_KEY, strlen((char*) TEST_RC4_KEY));
winpr_RC4_Update(&ctx, len, (BYTE*) TEST_RC4_PLAINTEXT, text);
winpr_RC4_Final(&ctx);
if (!winpr_RC4_New(&ctx, TEST_RC4_KEY, strlen((char*) TEST_RC4_KEY)))
goto out;
rc = winpr_RC4_Update(ctx, len, (BYTE*) TEST_RC4_PLAINTEXT, text);
winpr_RC4_Free(ctx);
if (!rc)
goto out;
if (memcmp(text, TEST_RC4_CIPHERTEXT, len) != 0)
{
@ -36,11 +40,14 @@ BOOL test_crypto_cipher_rc4()
free(actual);
free(expected);
return FALSE;
goto out;
}
return TRUE;
rc = TRUE;
out:
free(text);
return rc;
}
static const BYTE* TEST_RAND_DATA = (BYTE*)
@ -56,7 +63,7 @@ static const BYTE* TEST_CIPHER_KEY = (BYTE*)
static const BYTE* TEST_CIPHER_IV = (BYTE*)
"\xFE\xE3\x9F\xF0\xD1\x5E\x37\x0C\xAB\xAB\x9B\x04\xF3\xDB\x99\x15";
BOOL test_crypto_cipher_key()
static BOOL test_crypto_cipher_key()
{
int status;
BYTE key[32];

View File

@ -239,6 +239,8 @@ void ntlm_ContextFree(NTLM_CONTEXT* context)
if (!context)
return;
winpr_RC4_Free(context->SendRc4Seal);
winpr_RC4_Free(context->RecvRc4Seal);
sspi_SecBufferFree(&context->NegotiateMessage);
sspi_SecBufferFree(&context->ChallengeMessage);
sspi_SecBufferFree(&context->AuthenticateMessage);
@ -931,7 +933,7 @@ SECURITY_STATUS SEC_ENTRY ntlm_EncryptMessage(PCtxtHandle phContext, ULONG fQOP,
/* Encrypt message using with RC4, result overwrites original buffer */
if (context->confidentiality)
winpr_RC4_Update(&context->SendRc4Seal, length, (BYTE*) data, (BYTE*) data_buffer->pvBuffer);
winpr_RC4_Update(context->SendRc4Seal, length, (BYTE*) data, (BYTE*) data_buffer->pvBuffer);
else
CopyMemory(data_buffer->pvBuffer, data, length);
@ -943,7 +945,7 @@ SECURITY_STATUS SEC_ENTRY ntlm_EncryptMessage(PCtxtHandle phContext, ULONG fQOP,
#endif
free(data);
/* RC4-encrypt first 8 bytes of digest */
winpr_RC4_Update(&context->SendRc4Seal, 8, digest, checksum);
winpr_RC4_Update(context->SendRc4Seal, 8, digest, checksum);
signature = (BYTE*) signature_buffer->pvBuffer;
/* Concatenate version, ciphertext and sequence number to build signature */
CopyMemory(signature, (void*) &version, 4);
@ -1000,7 +1002,7 @@ SECURITY_STATUS SEC_ENTRY ntlm_DecryptMessage(PCtxtHandle phContext, PSecBufferD
/* Decrypt message using with RC4, result overwrites original buffer */
if (context->confidentiality)
winpr_RC4_Update(&context->RecvRc4Seal, length, (BYTE*) data, (BYTE*) data_buffer->pvBuffer);
winpr_RC4_Update(context->RecvRc4Seal, length, (BYTE*) data, (BYTE*) data_buffer->pvBuffer);
else
CopyMemory(data_buffer->pvBuffer, data, length);
@ -1017,7 +1019,7 @@ SECURITY_STATUS SEC_ENTRY ntlm_DecryptMessage(PCtxtHandle phContext, PSecBufferD
#endif
free(data);
/* RC4-encrypt first 8 bytes of digest */
winpr_RC4_Update(&context->RecvRc4Seal, 8, digest, checksum);
winpr_RC4_Update(context->RecvRc4Seal, 8, digest, checksum);
/* Concatenate version, ciphertext and sequence number to build signature */
CopyMemory(expected_signature, (void*) &version, 4);
CopyMemory(&expected_signature[4], (void*) checksum, 8);

View File

@ -225,8 +225,8 @@ struct _NTLM_CONTEXT
BYTE MachineID[32];
BOOL SendVersionInfo;
BOOL confidentiality;
WINPR_RC4_CTX SendRc4Seal;
WINPR_RC4_CTX RecvRc4Seal;
WINPR_RC4_CTX* SendRc4Seal;
WINPR_RC4_CTX* RecvRc4Seal;
BYTE* SendSigningKey;
BYTE* RecvSigningKey;
BYTE* SendSealingKey;

View File

@ -442,10 +442,12 @@ int ntlm_compute_ntlm_v2_response(NTLM_CONTEXT* context)
void ntlm_rc4k(BYTE* key, int length, BYTE* plaintext, BYTE* ciphertext)
{
WINPR_RC4_CTX rc4;
winpr_RC4_Init(&rc4, (void*) key, 16);
winpr_RC4_Update(&rc4, length, (void*) plaintext, (void*) ciphertext);
winpr_RC4_Final(&rc4);
WINPR_RC4_CTX* rc4;
if (winpr_RC4_New(&rc4, (void*) key, 16))
{
winpr_RC4_Update(rc4, length, (void*) plaintext, (void*) ciphertext);
winpr_RC4_Free(rc4);
}
}
/**
@ -662,8 +664,8 @@ void ntlm_init_rc4_seal_states(NTLM_CONTEXT* context)
context->RecvSigningKey = context->ClientSigningKey;
context->SendSealingKey = context->ClientSealingKey;
context->RecvSealingKey = context->ServerSealingKey;
winpr_RC4_Init(&context->SendRc4Seal, context->ServerSealingKey, 16);
winpr_RC4_Init(&context->RecvRc4Seal, context->ClientSealingKey, 16);
winpr_RC4_New(&context->SendRc4Seal, context->ServerSealingKey, 16);
winpr_RC4_New(&context->RecvRc4Seal, context->ClientSealingKey, 16);
}
else
{
@ -671,8 +673,8 @@ void ntlm_init_rc4_seal_states(NTLM_CONTEXT* context)
context->RecvSigningKey = context->ServerSigningKey;
context->SendSealingKey = context->ServerSealingKey;
context->RecvSealingKey = context->ClientSealingKey;
winpr_RC4_Init(&context->SendRc4Seal, context->ClientSealingKey, 16);
winpr_RC4_Init(&context->RecvRc4Seal, context->ServerSealingKey, 16);
winpr_RC4_New(&context->SendRc4Seal, context->ClientSealingKey, 16);
winpr_RC4_New(&context->RecvRc4Seal, context->ServerSealingKey, 16);
}
}