Refactored crypto *_New functions.
This commit is contained in:
parent
92c15783dc
commit
b429d230cb
@ -490,14 +490,20 @@ static BOOL rdp_client_establish_keys(rdpRdp* rdp)
|
||||
|
||||
if (settings->EncryptionMethods == ENCRYPTION_METHOD_FIPS)
|
||||
{
|
||||
if (!winpr_Cipher_New(&rdp->fips_encrypt, WINPR_CIPHER_DES_EDE3_CBC,
|
||||
WINPR_ENCRYPT, rdp->fips_encrypt_key, fips_ivec))
|
||||
rdp->fips_encrypt = winpr_Cipher_New( WINPR_CIPHER_DES_EDE3_CBC,
|
||||
WINPR_ENCRYPT,
|
||||
rdp->fips_encrypt_key,
|
||||
fips_ivec);
|
||||
if (!rdp->fips_encrypt)
|
||||
{
|
||||
WLog_ERR(TAG, "unable to allocate des3 encrypt key");
|
||||
goto end;
|
||||
}
|
||||
if (!winpr_Cipher_New(&rdp->fips_decrypt, WINPR_CIPHER_DES_EDE3_CBC,
|
||||
WINPR_DECRYPT, rdp->fips_decrypt_key, fips_ivec))
|
||||
rdp->fips_decrypt = winpr_Cipher_New(WINPR_CIPHER_DES_EDE3_CBC,
|
||||
WINPR_DECRYPT,
|
||||
rdp->fips_decrypt_key,
|
||||
fips_ivec);
|
||||
if (!rdp->fips_decrypt)
|
||||
{
|
||||
WLog_ERR(TAG, "unable to allocate des3 decrypt key");
|
||||
goto end;
|
||||
@ -513,9 +519,9 @@ static BOOL rdp_client_establish_keys(rdpRdp* rdp)
|
||||
goto end;
|
||||
}
|
||||
|
||||
if (!winpr_RC4_New(&rdp->rc4_decrypt_key, rdp->decrypt_key, rdp->rc4_key_len))
|
||||
goto end;
|
||||
if (!winpr_RC4_New(&rdp->rc4_encrypt_key, rdp->encrypt_key, rdp->rc4_key_len))
|
||||
rdp->rc4_decrypt_key = winpr_RC4_New(rdp->decrypt_key, rdp->rc4_key_len);
|
||||
rdp->rc4_encrypt_key = winpr_RC4_New(rdp->encrypt_key, rdp->rc4_key_len);
|
||||
if (!rdp->rc4_decrypt_key || !rdp->rc4_encrypt_key)
|
||||
goto end;
|
||||
|
||||
ret = TRUE;
|
||||
@ -610,15 +616,21 @@ BOOL rdp_server_establish_keys(rdpRdp* rdp, wStream* s)
|
||||
|
||||
if (rdp->settings->EncryptionMethods == ENCRYPTION_METHOD_FIPS)
|
||||
{
|
||||
if (!winpr_Cipher_New(&rdp->fips_encrypt, WINPR_CIPHER_DES_EDE3_CBC,
|
||||
WINPR_ENCRYPT, rdp->fips_encrypt_key, fips_ivec))
|
||||
rdp->fips_encrypt = winpr_Cipher_New(WINPR_CIPHER_DES_EDE3_CBC,
|
||||
WINPR_ENCRYPT,
|
||||
rdp->fips_encrypt_key,
|
||||
fips_ivec);
|
||||
if (!rdp->fips_encrypt)
|
||||
{
|
||||
WLog_ERR(TAG, "unable to allocate des3 encrypt key");
|
||||
goto end;
|
||||
}
|
||||
|
||||
if (!winpr_Cipher_New(&rdp->fips_decrypt, WINPR_CIPHER_DES_EDE3_CBC,
|
||||
WINPR_DECRYPT, rdp->fips_decrypt_key, fips_ivec))
|
||||
rdp->fips_decrypt = winpr_Cipher_New(WINPR_CIPHER_DES_EDE3_CBC,
|
||||
WINPR_DECRYPT,
|
||||
rdp->fips_decrypt_key,
|
||||
fips_ivec);
|
||||
if (!rdp->fips_decrypt)
|
||||
{
|
||||
WLog_ERR(TAG, "unable to allocate des3 decrypt key");
|
||||
goto end;
|
||||
@ -634,9 +646,9 @@ BOOL rdp_server_establish_keys(rdpRdp* rdp, wStream* s)
|
||||
goto end;
|
||||
}
|
||||
|
||||
if (!winpr_RC4_New(&rdp->rc4_decrypt_key, rdp->decrypt_key, rdp->rc4_key_len))
|
||||
goto end;
|
||||
if (!winpr_RC4_New(&rdp->rc4_encrypt_key, rdp->encrypt_key, rdp->rc4_key_len))
|
||||
rdp->rc4_decrypt_key = winpr_RC4_New(rdp->decrypt_key, rdp->rc4_key_len);
|
||||
rdp->rc4_encrypt_key = winpr_RC4_New(rdp->encrypt_key, rdp->rc4_key_len);
|
||||
if (!rdp->rc4_decrypt_key || rdp->rc4_encrypt_key)
|
||||
goto end;
|
||||
|
||||
ret = TRUE;
|
||||
|
@ -466,7 +466,8 @@ BOOL license_decrypt_platform_challenge(rdpLicense* license)
|
||||
return FALSE;
|
||||
license->PlatformChallenge->length = license->EncryptedPlatformChallenge->length;
|
||||
|
||||
if (!winpr_RC4_New(&rc4, license->LicensingEncryptionKey, LICENSING_ENCRYPTION_KEY_LENGTH))
|
||||
if ((rc4 = winpr_RC4_New(license->LicensingEncryptionKey,
|
||||
LICENSING_ENCRYPTION_KEY_LENGTH)) == NULL)
|
||||
return FALSE;
|
||||
rc = winpr_RC4_Update(rc4, license->EncryptedPlatformChallenge->length,
|
||||
license->EncryptedPlatformChallenge->data,
|
||||
@ -1038,7 +1039,9 @@ BOOL license_send_platform_challenge_response_packet(rdpLicense* license)
|
||||
if (!status)
|
||||
return FALSE;
|
||||
|
||||
if (!winpr_RC4_New(&rc4, license->LicensingEncryptionKey, LICENSING_ENCRYPTION_KEY_LENGTH))
|
||||
rc4 = winpr_RC4_New(license->LicensingEncryptionKey,
|
||||
LICENSING_ENCRYPTION_KEY_LENGTH);
|
||||
if (!rc4)
|
||||
return FALSE;
|
||||
|
||||
buffer = (BYTE*) malloc(HWID_LENGTH);
|
||||
|
@ -564,7 +564,7 @@ BOOL security_key_update(BYTE* key, BYTE* update_key, int key_len, rdpRdp* rdp)
|
||||
if (!winpr_MD5_Final(&md5, key, WINPR_MD5_DIGEST_LENGTH))
|
||||
return FALSE;
|
||||
|
||||
if (!winpr_RC4_New(&rc4, key, key_len))
|
||||
if ((rc4 = winpr_RC4_New(key, key_len)) == NULL)
|
||||
return FALSE;
|
||||
rc = winpr_RC4_Update(rc4, key_len, key, key);
|
||||
winpr_RC4_Free(rc4);
|
||||
@ -588,7 +588,8 @@ BOOL security_encrypt(BYTE* data, int length, rdpRdp* rdp)
|
||||
return FALSE;
|
||||
|
||||
winpr_RC4_Free(rdp->rc4_encrypt_key);
|
||||
if (!winpr_RC4_New(&rdp->rc4_encrypt_key, rdp->encrypt_key, rdp->rc4_key_len))
|
||||
rdp->rc4_encrypt_key = winpr_RC4_New(rdp->encrypt_key, rdp->rc4_key_len);
|
||||
if (!rdp->rc4_encrypt_key)
|
||||
return FALSE;
|
||||
|
||||
rdp->encrypt_use_count = 0;
|
||||
@ -611,7 +612,9 @@ BOOL security_decrypt(BYTE* data, int length, rdpRdp* rdp)
|
||||
if (!security_key_update(rdp->decrypt_key, rdp->decrypt_update_key, rdp->rc4_key_len, rdp))
|
||||
return FALSE;
|
||||
winpr_RC4_Free(rdp->rc4_decrypt_key);
|
||||
if (!winpr_RC4_New(&rdp->rc4_decrypt_key, rdp->decrypt_key, rdp->rc4_key_len))
|
||||
rdp->rc4_decrypt_key = winpr_RC4_New(rdp->decrypt_key,
|
||||
rdp->rc4_key_len);
|
||||
if (!rdp->rc4_decrypt_key)
|
||||
return FALSE;
|
||||
|
||||
rdp->decrypt_use_count = 0;
|
||||
|
@ -901,7 +901,7 @@ typedef union _WINPR_RC4_CTX WINPR_RC4_CTX;
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
WINPR_API BOOL winpr_RC4_New(WINPR_RC4_CTX** ctx, const BYTE* key, size_t keylen);
|
||||
WINPR_API WINPR_RC4_CTX* winpr_RC4_New(const BYTE* key, size_t keylen);
|
||||
WINPR_API BOOL winpr_RC4_Update(WINPR_RC4_CTX* ctx, size_t length, const BYTE* input, BYTE* output);
|
||||
WINPR_API void winpr_RC4_Free(WINPR_RC4_CTX* ctx);
|
||||
|
||||
@ -1016,7 +1016,7 @@ typedef union _WINPR_CIPHER_CTX WINPR_CIPHER_CTX;
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
WINPR_API BOOL winpr_Cipher_New(WINPR_CIPHER_CTX** ctx, int cipher, int op, const BYTE* key, const BYTE* iv);
|
||||
WINPR_API WINPR_CIPHER_CTX* winpr_Cipher_New(int cipher, int op, const BYTE* key, const BYTE* iv);
|
||||
WINPR_API BOOL winpr_Cipher_Update(WINPR_CIPHER_CTX* ctx, const BYTE* input, size_t ilen, BYTE* output, size_t* olen);
|
||||
WINPR_API BOOL winpr_Cipher_Final(WINPR_CIPHER_CTX* ctx, BYTE* output, size_t* olen);
|
||||
WINPR_API void winpr_Cipher_Free(WINPR_CIPHER_CTX* ctx);
|
||||
|
@ -43,16 +43,16 @@
|
||||
* RC4
|
||||
*/
|
||||
|
||||
BOOL winpr_RC4_New(WINPR_RC4_CTX** octx, const BYTE* key, size_t keylen)
|
||||
WINPR_RC4_CTX* winpr_RC4_New(const BYTE* key, size_t keylen)
|
||||
{
|
||||
WINPR_RC4_CTX* ctx = NULL;
|
||||
|
||||
if (!octx || !key || (keylen == 0))
|
||||
return FALSE;
|
||||
if (!key || (keylen == 0))
|
||||
return NULL;
|
||||
|
||||
ctx = calloc(1, sizeof(WINPR_RC4_CTX));
|
||||
if (!ctx)
|
||||
return FALSE;
|
||||
return NULL;
|
||||
|
||||
#if defined(WITH_OPENSSL)
|
||||
RC4_set_key((RC4_KEY*) ctx, keylen, key);
|
||||
@ -60,9 +60,7 @@ BOOL winpr_RC4_New(WINPR_RC4_CTX** octx, const BYTE* key, size_t keylen)
|
||||
mbedtls_arc4_init((mbedtls_arc4_context*) ctx);
|
||||
mbedtls_arc4_setup((mbedtls_arc4_context*) ctx, key, keylen);
|
||||
#endif
|
||||
*octx = ctx;
|
||||
|
||||
return TRUE;
|
||||
return ctx;
|
||||
}
|
||||
|
||||
BOOL winpr_RC4_Update(WINPR_RC4_CTX* ctx, size_t length, const BYTE* input, BYTE* output)
|
||||
@ -514,7 +512,7 @@ mbedtls_cipher_type_t winpr_mbedtls_get_cipher_type(int cipher)
|
||||
}
|
||||
#endif
|
||||
|
||||
BOOL winpr_Cipher_New(WINPR_CIPHER_CTX** cctx, int cipher, int op, const BYTE* key, const BYTE* iv)
|
||||
WINPR_CIPHER_CTX* winpr_Cipher_New(int cipher, int op, const BYTE* key, const BYTE* iv)
|
||||
{
|
||||
WINPR_CIPHER_CTX* ctx;
|
||||
#if defined(WITH_OPENSSL)
|
||||
@ -530,20 +528,20 @@ BOOL winpr_Cipher_New(WINPR_CIPHER_CTX** cctx, int cipher, int op, const BYTE* k
|
||||
|
||||
ctx = calloc(1, sizeof(WINPR_CIPHER_CTX));
|
||||
if (!ctx)
|
||||
return FALSE;
|
||||
return NULL;
|
||||
|
||||
#if defined(WITH_OPENSSL)
|
||||
octx = (EVP_CIPHER_CTX*)ctx;
|
||||
evp = winpr_openssl_get_evp_cipher(cipher);
|
||||
|
||||
if (!evp)
|
||||
return FALSE;
|
||||
return NULL;
|
||||
|
||||
operation = (op == WINPR_ENCRYPT) ? 1 : 0;
|
||||
EVP_CIPHER_CTX_init(octx);
|
||||
|
||||
if (EVP_CipherInit_ex(octx, evp, NULL, key, iv, operation) != 1)
|
||||
return FALSE;
|
||||
return NULL;
|
||||
|
||||
EVP_CIPHER_CTX_set_padding(octx, 0);
|
||||
#elif defined(WITH_MBEDTLS)
|
||||
@ -551,22 +549,20 @@ BOOL winpr_Cipher_New(WINPR_CIPHER_CTX** cctx, int cipher, int op, const BYTE* k
|
||||
cipher_info = mbedtls_cipher_info_from_type(cipher_type);
|
||||
|
||||
if (!cipher_info)
|
||||
return FALSE;
|
||||
return NULL;
|
||||
|
||||
operation = (op == WINPR_ENCRYPT) ? MBEDTLS_ENCRYPT : MBEDTLS_DECRYPT;
|
||||
mbedtls_cipher_init((mbedtls_cipher_context_t*) ctx);
|
||||
|
||||
if (mbedtls_cipher_setup((mbedtls_cipher_context_t*) ctx, cipher_info) != 0)
|
||||
return FALSE;
|
||||
return NULL;
|
||||
|
||||
key_bitlen = mbedtls_cipher_get_key_bitlen((mbedtls_cipher_context_t*) ctx);
|
||||
|
||||
if (mbedtls_cipher_setkey((mbedtls_cipher_context_t*) ctx, key, key_bitlen, operation) != 0)
|
||||
return FALSE;
|
||||
return NULL;
|
||||
#endif
|
||||
|
||||
*cctx = ctx;
|
||||
return TRUE;
|
||||
return ctx;
|
||||
}
|
||||
|
||||
BOOL winpr_Cipher_Update(WINPR_CIPHER_CTX* ctx, const BYTE* input, size_t ilen, BYTE* output, size_t* olen)
|
||||
|
@ -186,9 +186,10 @@ BOOL CryptProtectMemory(LPVOID pData, DWORD cbData, DWORD dwFlags)
|
||||
pCipherText = (BYTE*) malloc(cbOut);
|
||||
|
||||
if (!pCipherText)
|
||||
goto out;
|
||||
goto out;
|
||||
|
||||
if (!winpr_Cipher_New(&enc, WINPR_CIPHER_AES_256_CBC, WINPR_ENCRYPT, pMemBlock->key, pMemBlock->iv))
|
||||
if ((enc = winpr_Cipher_New(WINPR_CIPHER_AES_256_CBC, WINPR_ENCRYPT,
|
||||
pMemBlock->key, pMemBlock->iv)) == NULL)
|
||||
goto out;
|
||||
if (!winpr_Cipher_Update(enc, pMemBlock->pData, pMemBlock->cbData, pCipherText, &cbOut))
|
||||
goto out;
|
||||
@ -233,7 +234,8 @@ BOOL CryptUnprotectMemory(LPVOID pData, DWORD cbData, DWORD dwFlags)
|
||||
if (!pPlainText)
|
||||
goto out;
|
||||
|
||||
if (!winpr_Cipher_New(&dec, WINPR_CIPHER_AES_256_CBC, WINPR_DECRYPT, pMemBlock->key, pMemBlock->iv))
|
||||
if ((dec = winpr_Cipher_New(WINPR_CIPHER_AES_256_CBC, WINPR_DECRYPT,
|
||||
pMemBlock->key, pMemBlock->iv)) == NULL)
|
||||
goto out;
|
||||
if (!winpr_Cipher_Update(dec, pMemBlock->pData, pMemBlock->cbData, pPlainText, &cbOut))
|
||||
goto out;
|
||||
|
@ -21,7 +21,7 @@ static BOOL test_crypto_cipher_rc4()
|
||||
if (!text)
|
||||
goto out;
|
||||
|
||||
if (!winpr_RC4_New(&ctx, TEST_RC4_KEY, strlen((char*) TEST_RC4_KEY)))
|
||||
if ((ctx = winpr_RC4_New(TEST_RC4_KEY, strlen((char*) TEST_RC4_KEY))) == NULL)
|
||||
goto out;
|
||||
rc = winpr_RC4_Update(ctx, len, (BYTE*) TEST_RC4_PLAINTEXT, text);
|
||||
winpr_RC4_Free(ctx);
|
||||
|
@ -442,10 +442,10 @@ int ntlm_compute_ntlm_v2_response(NTLM_CONTEXT* context)
|
||||
|
||||
void ntlm_rc4k(BYTE* key, int length, BYTE* plaintext, BYTE* ciphertext)
|
||||
{
|
||||
WINPR_RC4_CTX* rc4;
|
||||
if (winpr_RC4_New(&rc4, (void*) key, 16))
|
||||
WINPR_RC4_CTX* rc4 = winpr_RC4_New(key, 16);
|
||||
if (rc4)
|
||||
{
|
||||
winpr_RC4_Update(rc4, length, (void*) plaintext, (void*) ciphertext);
|
||||
winpr_RC4_Update(rc4, length, plaintext, ciphertext);
|
||||
winpr_RC4_Free(rc4);
|
||||
}
|
||||
}
|
||||
@ -664,8 +664,8 @@ void ntlm_init_rc4_seal_states(NTLM_CONTEXT* context)
|
||||
context->RecvSigningKey = context->ClientSigningKey;
|
||||
context->SendSealingKey = context->ClientSealingKey;
|
||||
context->RecvSealingKey = context->ServerSealingKey;
|
||||
winpr_RC4_New(&context->SendRc4Seal, context->ServerSealingKey, 16);
|
||||
winpr_RC4_New(&context->RecvRc4Seal, context->ClientSealingKey, 16);
|
||||
context->SendRc4Seal = winpr_RC4_New(context->ServerSealingKey, 16);
|
||||
context->RecvRc4Seal = winpr_RC4_New(context->ClientSealingKey, 16);
|
||||
}
|
||||
else
|
||||
{
|
||||
@ -673,8 +673,8 @@ void ntlm_init_rc4_seal_states(NTLM_CONTEXT* context)
|
||||
context->RecvSigningKey = context->ServerSigningKey;
|
||||
context->SendSealingKey = context->ServerSealingKey;
|
||||
context->RecvSealingKey = context->ClientSealingKey;
|
||||
winpr_RC4_New(&context->SendRc4Seal, context->ClientSealingKey, 16);
|
||||
winpr_RC4_New(&context->RecvRc4Seal, context->ServerSealingKey, 16);
|
||||
context->SendRc4Seal = winpr_RC4_New(context->ClientSealingKey, 16);
|
||||
context->RecvRc4Seal = winpr_RC4_New(context->ServerSealingKey, 16);
|
||||
}
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user