client/common: start parsing of .msrcIncident Remote Assistance file

2014-06-28 16:04:49 -04:00 · 2014-06-28 16:04:49 -04:00 · f6b6c1188b
commit f6b6c1188b
parent f1a866340e
5 changed files with 585 additions and 3 deletions
--- a/client/common/CMakeLists.txt
+++ b/client/common/CMakeLists.txt
@ -28,6 +28,7 @@ endif()
 set(${MODULE_PREFIX}_SRCS
 	client.c
 	cmdline.c
+	assistance.c
 	compatibility.c
 	compatibility.h
 	file.c)
@ -52,6 +53,9 @@ set_target_properties(${MODULE_NAME} PROPERTIES VERSION ${FREERDP_VERSION} SOVER
 set(${MODULE_PREFIX}_LIBS ${${MODULE_PREFIX}_LIBS}
 	${FREERDP_CHANNELS_CLIENT_LIBS})
 	
+set(${MODULE_PREFIX}_LIBS ${${MODULE_PREFIX}_LIBS}
+	${OPENSSL_LIBRARIES} ${ZLIB_LIBRARIES})
+	
 set_complex_link_libraries(VARIABLE ${MODULE_PREFIX}_LIBS MONOLITHIC ${MONOLITHIC_BUILD}
 	MODULE freerdp
 	MODULES freerdp-core)
@ -60,8 +64,6 @@ set_complex_link_libraries(VARIABLE ${MODULE_PREFIX}_LIBS MONOLITHIC ${MONOLITHI
 	MODULE winpr
 	MODULES winpr-crt winpr-utils)

-
-
 target_link_libraries(${MODULE_NAME} ${${MODULE_PREFIX}_LIBS})

 install(TARGETS ${MODULE_NAME} DESTINATION ${CMAKE_INSTALL_LIBDIR} COMPONENT libraries EXPORT FreeRDPTargets)
--- a/client/common/assistance.c
+++ b/client/common/assistance.c
@ -0,0 +1,443 @@
+/**
+ * FreeRDP: A Remote Desktop Protocol Implementation
+ * Remote Assistance
+ *
+ * Copyright 2014 Marc-Andre Moreau <marcandre.moreau@gmail.com>
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifdef HAVE_CONFIG_H
+#include "config.h"
+#endif
+
+#include <winpr/crt.h>
+#include <winpr/windows.h>
+
+#include <openssl/ssl.h>
+#include <openssl/md5.h>
+#include <openssl/rc4.h>
+#include <openssl/sha.h>
+#include <openssl/evp.h>
+#include <openssl/aes.h>
+#include <openssl/rand.h>
+#include <openssl/engine.h>
+
+#include <freerdp/client/file.h>
+#include <freerdp/client/cmdline.h>
+
+#include <freerdp/client/assistance.h>
+
+/**
+ * CryptDeriveKey Function:
+ * http://msdn.microsoft.com/en-us/library/windows/desktop/aa379916/
+ *
+ * Let n be the required derived key length, in bytes.
+ * The derived key is the first n bytes of the hash value after the hash computation
+ * has been completed by CryptDeriveKey. If the hash is not a member of the SHA-2
+ * family and the required key is for either 3DES or AES, the key is derived as follows:
+ *
+ * Form a 64-byte buffer by repeating the constant 0x36 64 times.
+ * Let k be the length of the hash value that is represented by the input parameter hBaseData.
+ * Set the first k bytes of the buffer to the result of an XOR operation of the first k bytes
+ * of the buffer with the hash value that is represented by the input parameter hBaseData.
+ *
+ * Form a 64-byte buffer by repeating the constant 0x5C 64 times.
+ * Set the first k bytes of the buffer to the result of an XOR operation of the first k bytes
+ * of the buffer with the hash value that is represented by the input parameter hBaseData.
+ *
+ * Hash the result of step 1 by using the same hash algorithm as that used to compute the hash
+ * value that is represented by the hBaseData parameter.
+ *
+ * Hash the result of step 2 by using the same hash algorithm as that used to compute the hash
+ * value that is represented by the hBaseData parameter.
+ *
+ * Concatenate the result of step 3 with the result of step 4.
+ * Use the first n bytes of the result of step 5 as the derived key.
+ */
+
+int freerdp_client_assistance_crypt_derive_key(BYTE* hash, int hashLength, BYTE* key, int keyLength)
+{
+	int i;
+	BYTE* bufferHash;
+	BYTE buffer36[64];
+	BYTE buffer5c[64];
+
+	memset(buffer36, 0x36, sizeof(buffer36));
+	memset(buffer5c, 0x5C, sizeof(buffer5c));
+
+	for (i = 0; i < hashLength; i++)
+	{
+		buffer36[i] ^= hash[i];
+		buffer5c[i] ^= hash[i];
+	}
+
+	bufferHash = (BYTE*) calloc(1, hashLength * 2);
+
+	if (!bufferHash)
+		return -1;
+
+	SHA1(buffer36, 64, bufferHash);
+	SHA1(buffer5c, 64, &bufferHash[hashLength]);
+
+	CopyMemory(key, bufferHash, keyLength);
+
+	free(bufferHash);
+
+	return 1;
+}
+
+int freerdp_client_assistance_decrypt(rdpAssistanceFile* file, const char* password)
+{
+	int status;
+	SHA_CTX shaCtx;
+	int cbOut, cbFinal;
+	EVP_CIPHER_CTX aesDec;
+	WCHAR* PasswordW = NULL;
+	BYTE EncryptionKey[AES_BLOCK_SIZE];
+	BYTE PasswordHash[SHA_DIGEST_LENGTH];
+
+	status = ConvertToUnicode(CP_UTF8, 0, password, -1, &PasswordW, 0);
+
+	if (status <= 0)
+		return -1;
+
+	SHA_Init(&shaCtx);
+	SHA_Update(&shaCtx, PasswordW, status * 2);
+	SHA_Final((void*) PasswordHash, &shaCtx);
+
+	status = freerdp_client_assistance_crypt_derive_key(PasswordHash, sizeof(PasswordHash),
+			EncryptionKey, sizeof(EncryptionKey));
+
+	if (status < 0)
+		return -1;
+
+	EVP_CIPHER_CTX_init(&aesDec);
+
+	status = EVP_DecryptInit(&aesDec, EVP_aes_128_cbc(), EncryptionKey, NULL);
+
+	if (status != 1)
+		return -1;
+
+	cbOut = file->EncryptedConnectionStringLength;
+	file->ConnectionString = (char*) calloc(1, cbOut);
+
+	if (!file->ConnectionString)
+		return -1;
+
+	status = EVP_DecryptUpdate(&aesDec, (BYTE*) file->ConnectionString, &cbOut,
+			(BYTE*) file->EncryptedConnectionString, file->EncryptedConnectionStringLength);
+	if (status != 1)
+		return -1;
+
+	status = EVP_DecryptFinal(&aesDec, (BYTE*) &file->ConnectionString[cbOut], &cbFinal);
+
+	/* FIXME: still fails */
+
+	if (status != 1)
+		return -1;
+
+	return 1;
+}
+
+BYTE* freerdp_client_assistance_parse_hex_string(const char* hexStr, int* size)
+{
+	char c;
+	int length;
+	BYTE* buffer;
+	int i, ln, hn;
+
+	length = strlen(hexStr);
+
+	if ((length % 2) != 0)
+		return NULL;
+
+	length /= 2;
+	*size = length;
+
+	buffer = (BYTE*) malloc(length);
+
+	if (!buffer)
+		return NULL;
+
+	for (i = 0; i < length; i++)
+	{
+		hn = ln = 0;
+
+		c = hexStr[(i * 2) + 0];
+
+		if ((c >= '0') && (c <= '9'))
+			hn = c - '0';
+		else if ((c >= 'a') && (c <= 'f'))
+			hn = (c - 'a') + 10;
+		else if ((c >= 'A') && (c <= 'F'))
+			hn = (c - 'A') + 10;
+
+		c = hexStr[(i * 2) + 1];
+
+		if ((c >= '0') && (c <= '9'))
+			ln = c - '0';
+		else if ((c >= 'a') && (c <= 'f'))
+			ln = (c - 'a') + 10;
+		else if ((c >= 'A') && (c <= 'F'))
+			ln = (c - 'A') + 10;
+
+		buffer[i] = (hn << 4) | ln;
+	}
+
+	return buffer;
+}
+
+int freerdp_client_assistance_parse_file_buffer(rdpAssistanceFile* file, const char* buffer, size_t size)
+{
+	char* p;
+	char* q;
+	char* r;
+	int value;
+	size_t length;
+
+	p = strstr(buffer, "UPLOADINFO");
+
+	if (!p)
+		return -1;
+
+	p = strstr(p + sizeof("UPLOADINFO") - 1, "TYPE=\"");
+
+	if (!p)
+		return -1;
+
+	p = strstr(buffer, "UPLOADDATA");
+
+	if (!p)
+		return -1;
+
+	/* Parse USERNAME */
+
+	p = strstr(buffer, "USERNAME=\"");
+
+	if (p)
+	{
+		p += sizeof("USERNAME=\"") - 1;
+		q = strchr(p, '"');
+
+		if (!q)
+			return -1;
+
+		length = q - p;
+		file->Username = (char*) malloc(length + 1);
+
+		if (!file->Username)
+			return -1;
+
+		CopyMemory(file->Username, p, length);
+		file->Username[length] = '\0';
+	}
+
+	/* Parse LHTICKET */
+
+	p = strstr(buffer, "LHTICKET=\"");
+
+	if (p)
+	{
+		p += sizeof("LHTICKET=\"") - 1;
+		q = strchr(p, '"');
+
+		if (!q)
+			return -1;
+
+		length = q - p;
+		file->LHTicket = (char*) malloc(length + 1);
+
+		if (!file->LHTicket)
+			return -1;
+
+		CopyMemory(file->LHTicket, p, length);
+		file->LHTicket[length] = '\0';
+	}
+
+	/* Parse RCTICKET */
+
+	p = strstr(buffer, "RCTICKET=\"");
+
+	if (p)
+	{
+		p += sizeof("RCTICKET=\"") - 1;
+		q = strchr(p, '"');
+
+		if (!q)
+			return -1;
+
+		length = q - p;
+		file->RCTicket = (char*) malloc(length + 1);
+
+		if (!file->RCTicket)
+			return -1;
+
+		CopyMemory(file->RCTicket, p, length);
+		file->RCTicket[length] = '\0';
+	}
+
+	/* Parse RCTICKETENCRYPTED */
+
+	p = strstr(buffer, "RCTICKETENCRYPTED=\"");
+
+	if (p)
+	{
+		p += sizeof("RCTICKETENCRYPTED=\"") - 1;
+		q = strchr(p, '"');
+
+		if (!q)
+			return -1;
+
+		length = q - p;
+
+		if ((length == 1) && (p[0] == '1'))
+			file->RCTicketEncrypted = TRUE;
+	}
+
+	/* Parse PassStub */
+
+	p = strstr(buffer, "PassStub=\"");
+
+	if (p)
+	{
+		p += sizeof("PassStub=\"") - 1;
+		q = strchr(p, '"');
+
+		if (!q)
+			return -1;
+
+		length = q - p;
+		file->PassStub = (char*) malloc(length + 1);
+
+		if (!file->PassStub)
+			return -1;
+
+		CopyMemory(file->PassStub, p, length);
+		file->PassStub[length] = '\0';
+	}
+
+	/* Parse DtStart */
+
+	p = strstr(buffer, "DtStart=\"");
+
+	if (p)
+	{
+		p += sizeof("DtStart=\"") - 1;
+		q = strchr(p, '"');
+
+		if (!q)
+			return -1;
+
+		length = q - p;
+
+		r = (char*) malloc(length + 1);
+
+		if (!r)
+			return -1;
+
+		CopyMemory(r, p, length);
+		r[length] = '\0';
+
+		value = atoi(r);
+		free(r);
+
+		if (value < 0)
+			return -1;
+
+		file->DtStart = (UINT32) value;
+	}
+
+	/* Parse DtLength */
+
+	p = strstr(buffer, "DtLength=\"");
+
+	if (p)
+	{
+		p += sizeof("DtLength=\"") - 1;
+		q = strchr(p, '"');
+
+		if (!q)
+			return -1;
+
+		length = q - p;
+
+		r = (char*) malloc(length + 1);
+
+		if (!r)
+			return -1;
+
+		CopyMemory(r, p, length);
+		r[length] = '\0';
+
+		value = atoi(r);
+		free(r);
+
+		if (value < 0)
+			return -1;
+
+		file->DtLength = (UINT32) value;
+	}
+
+	/* Parse L (LowSpeed) */
+
+	p = strstr(buffer, " L=\"");
+
+	if (p)
+	{
+		p += sizeof(" L=\"") - 1;
+		q = strchr(p, '"');
+
+		if (!q)
+			return -1;
+
+		length = q - p;
+
+		if ((length == 1) && (p[0] == '1'))
+			file->LowSpeed = TRUE;
+	}
+
+	file->EncryptedConnectionString = freerdp_client_assistance_parse_hex_string(file->LHTicket,
+			&file->EncryptedConnectionStringLength);
+
+	return 1;
+}
+
+rdpAssistanceFile* freerdp_client_assistance_file_new()
+{
+	rdpAssistanceFile* file;
+
+	file = (rdpAssistanceFile*) calloc(1, sizeof(rdpAssistanceFile));
+
+	if (file)
+	{
+
+	}
+
+	return file;
+}
+
+void freerdp_client_assistance_file_free(rdpAssistanceFile* file)
+{
+	if (!file)
+		return;
+
+	free(file->Username);
+	free(file->LHTicket);
+	free(file->RCTicket);
+	free(file->PassStub);
+	free(file->ConnectionString);
+	free(file->EncryptedConnectionString);
+
+	free(file);
+}
--- a/client/common/test/CMakeLists.txt
+++ b/client/common/test/CMakeLists.txt
@ -6,7 +6,8 @@ set(${MODULE_PREFIX}_DRIVER ${MODULE_NAME}.c)

 set(${MODULE_PREFIX}_TESTS
 	TestClientRdpFile.c
-	TestClientChannels.c)
+	TestClientChannels.c
+	TestClientAssistance.c)

 create_test_sourcelist(${MODULE_PREFIX}_SRCS
 	${${MODULE_PREFIX}_DRIVER}
--- a/client/common/test/TestClientAssistance.c
+++ b/client/common/test/TestClientAssistance.c
@ -0,0 +1,77 @@
+
+#include <winpr/crt.h>
+#include <winpr/print.h>
+
+#include <freerdp/client/assistance.h>
+
+const char* TEST_MSRC_INCIDENT_PASSWORD = "48BJQ853X3B4";
+
+static const char* TEST_MSRC_INCIDENT_FILE =
+"<?xml version=\"1.0\"?>"
+"<UPLOADINFO TYPE=\"Escalated\">"
+"<UPLOADDATA USERNAME=\"awake\" "
+"LHTICKET=\""
+"20FCC407AA53E95F8505AB56D485D26835064B03AF86CDA326248FD304626AD4"
+"DBDBDFFE0C473228EFFF7A1E6CEB445BBEC429294BB6616BBB600854438DDFB5"
+"82FC377CF65A2060EB3221647643C9B29BF5EC320856180B34D1BE9827A528C7"
+"E8F0DCD53C8D38F974160FEE317458FAC9DBDBA7B972D21DF3BC5B1AF0E01878"
+"65F07A3B915618C03E6EAF843FC1185770A1208C29C836DBCA5A040CB276D3C4"
+"1DDE2FA8CA9627E5E74FA750A92C0E01AD6C3D1000A5B1479DEB899BF5BCD402"
+"CE3BB3BF104CE0286C3F985AA711943C88C5EEEEE86F35B63F68883A90ADBCFD"
+"CBBAE3EAB993EFD9148E1A21D092CE9498695943946236D65D20B4A38D724C61"
+"72319E38E19C04E98EBC03F56A4A190E971F8EAEBFE6B415A3A2D8F35F7BF785"
+"26B9BFAAB48D11BDD6C905EFE503D2265678E1EAD2F2F124E570667F04103180"
+"2F63587276C14E6A5AB436CE234F722CE7C9B5D244508F14C012E84A49FE6992"
+"3F30320ABB3641F1EFA66205F3EA709E7E1C3E6874BB9642486FB96D2730CDF4"
+"514AA738167F00FC13B2978AED1D6678413FDF62008B03DD729E36173BE02742"
+"B69CAD44938512D0F56335394759338AF6ADBCF39CE829116D97435085D05BB5"
+"9320A134698050DCDBE01305A6B4712FD6BD48958BD2DC497498FF35CAECC9A8"
+"2C97FD1A5B5EC4BAF5FFB75A1471B765C465B35A7C950019066BB219B391C6E9"
+"8AE8FD2038E774F36F226D9FB9A38BCC313785612165D1EF69D19E2B9CF6E0F7"
+"FE1ECCF00AB81F9E8B626363CA82FAC719A3B7D243325C9D6042B2488EC95B80"
+"A31273FF9B72FBBB86F946E6D3DF8816BE4533F0B547C8BC028309EA9784C1E6\" "
+"RCTICKET=\"65538,1,192.168.1.200:49230;169.254.6.170:49231,*,"
+"+ULZ6ifjoCa6cGPMLQiGHRPwkg6VyJqGwxMnO6GcelwUh9a6/FBq3It5ADSndmLL,"
+"*,*,BNRjdu97DyczQSRuMRrDWoue+HA=\" "
+"PassStub=\"WB^6HsrIaFmEpi\" "
+"RCTICKETENCRYPTED=\"1\" "
+"DtStart=\"1403972263\" "
+"DtLength=\"14400\" "
+"L=\"0\"/>"
+"</UPLOADINFO>";
+
+int TestClientAssistance(int argc, char* argv[])
+{
+	int status;
+	rdpAssistanceFile* file;
+
+	file = freerdp_client_assistance_file_new();
+
+	status = freerdp_client_assistance_parse_file_buffer(file, TEST_MSRC_INCIDENT_FILE, sizeof(TEST_MSRC_INCIDENT_FILE));
+
+	printf("freerdp_client_assistance_parse_file_buffer: %d\n", status);
+
+	if (status < 0)
+		return -1;
+
+	printf("Username: %s\n", file->Username);
+	printf("LHTicket: %s\n", file->LHTicket);
+	printf("RCTicket: %s\n", file->RCTicket);
+	printf("RCTicketEncrypted: %d\n", file->RCTicketEncrypted);
+	printf("PassStub: %s\n", file->PassStub);
+	printf("DtStart: %d\n", file->DtStart);
+	printf("DtLength: %d\n", file->DtLength);
+	printf("LowSpeed: %d\n", file->LowSpeed);
+
+	status = freerdp_client_assistance_decrypt(file, TEST_MSRC_INCIDENT_PASSWORD);
+
+	printf("freerdp_client_assistance_decrypt: %d\n", status);
+
+	if (status < 0)
+		return -1;
+
+	freerdp_client_assistance_file_free(file);
+
+	return 0;
+}
+
--- a/include/freerdp/client/assistance.h
+++ b/include/freerdp/client/assistance.h
@ -0,0 +1,59 @@
+/**
+ * FreeRDP: A Remote Desktop Protocol Implementation
+ * Remote Assistance
+ *
+ * Copyright 2014 Marc-Andre Moreau <marcandre.moreau@gmail.com>
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef FREERDP_CLIENT_ASSISTANCE_H
+#define FREERDP_CLIENT_ASSISTANCE_H
+
+#include <freerdp/api.h>
+#include <freerdp/freerdp.h>
+
+struct rdp_assistance_file
+{
+	char* Type;
+	char* Username;
+	char* LHTicket;
+	char* RCTicket;
+	char* PassStub;
+	UINT32 DtStart;
+	UINT32 DtLength;
+	BOOL LowSpeed;
+	BOOL RCTicketEncrypted;
+
+	char* ConnectionString;
+	BYTE* EncryptedConnectionString;
+	int EncryptedConnectionStringLength;
+};
+typedef struct rdp_assistance_file rdpAssistanceFile;
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+FREERDP_API int freerdp_client_assistance_parse_file_buffer(rdpAssistanceFile* file, const char* buffer, size_t size);
+FREERDP_API int freerdp_client_assistance_decrypt(rdpAssistanceFile* file, const char* password);
+
+FREERDP_API rdpAssistanceFile* freerdp_client_assistance_file_new();
+FREERDP_API void freerdp_client_assistance_file_free(rdpAssistanceFile* file);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* FREERDP_CLIENT_ASSISTANCE_H */
+