mirrors/FreeRDP
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
18,347 Commits 6 Branches 74 Tags 84 MiB
d7ebec5a65
Commit Graph

54 Commits

Author SHA1 Message Date
David Fort
361da15eed [crypto] extend base64 to output crLf when encoding 
Some windows APIs do put \r\n every 64 characters of the output of a
base64 encoded blob. The extended version of crypto_base64_encode allows
to do the same.
 2023-09-04 10:24:56 +02:00
akallabeth
a5b42f0f84 [includes] untangled circular includes 2023-03-15 08:22:23 +01:00
fifthdegree
8d6c92c037 Implement base64url encoding/decoding 
Tweak the base64 functions to allow for encoding and decoding base64url
as well
 2023-03-10 16:38:07 +01:00
Armin Novak
a7dac52a42 [license] updated copyright headers 2023-02-12 20:17:11 +01:00
akallabeth
1d3c6518fa [crypto] added PEM file read/write helpers 2023-02-12 20:17:11 +01:00
akallabeth
9b51df8b10 [core,crypto] refactor certificate management 
* Properly split certificate_store, certificate_data, certificate and
  private key functions to files
* Prefix all functions with freerdp_ to have a unique name
* Update certificate store to use one file per host instead of
  known_hosts2
* Merge CryptoCert and rdpCertificate
 2023-02-12 20:17:11 +01:00
akallabeth
7c1007b1b6 [core,crypto] removed rsa functions from public API 
should only be used internally
 2023-02-03 11:09:59 +01:00
akallabeth
a3152871ab [core,crypto] refactor rsa functions 
* public encrypt/decrypt take rdpCertInfo data as argument
* private encrypt/decrypt take rdpRsaKey as argument
* Add missing length arguments
 2023-02-03 11:09:59 +01:00
akallabeth
2c2e9602b3 [core] refactor certificate handling 
* Remove duplications in rdpRsaKey, reuse rdpCertificate for public
  components
* Move all private key and certificate code to certificate.c,
  remove the tssk_* variables from gcc
* Handle update of client and server random keys in wrapping functions
* Simplify gcc_write_server_security_data, use certificate.c functions
  to write the certificate data
* Refactor security_establish_keys, use the random values stored in
  settings directly
 2023-02-03 11:09:59 +01:00
Armin Novak
7b95014157 [winpr,crypto] Split crypto header renamed 
* Renamed custom winpr crypto function header
* Added compatiblity header
 2022-11-23 09:39:56 +01:00
akarl10
3a10bcd36a [ntlm]: use rfc5929 binding hash algorithm 
rfc5929 mandates some specific hashes for the binding algorithm
 2022-11-21 13:27:08 +01:00
fifthdegree
cbd310df52 Check smartcard certificates for correct EKU 
To be used for login, smartcard certificates must have the Microsoft
Smart Card Logon EKU
 2022-10-24 22:22:00 +02:00
Armin Novak
08035be41b Added missing WINPR_API 2022-04-25 16:06:34 +02:00
David Fort
cb351a099d Enable smartcard NLA logon 2022-02-24 08:52:25 +01:00
Armin Novak
10e40147fb Fixed various const warnings 2022-02-01 10:25:37 +00:00
Armin Novak
13f54fc0dd Improved fingerprint hash comparison 
* Allow new hash format 11bbccdd along already supported 11:22:aa:BB
 2021-08-26 09:38:12 +02:00
akallabeth
d4ebf8546f Cleaned up crypto API 2021-05-11 08:00:18 +02:00
akallabeth
b494a193db Refactored certificate API: 
* Proper encapsulation
* known_hosts2 backend extended (storing PEM)
* New backend storing each host certificate in a file
 2021-05-11 08:00:18 +02:00
Armin Novak
9c999b7135 Added raw function wrapping X509_digest 2020-03-06 11:37:35 +01:00
Armin Novak
2be6e4117f Let ssl backend handle hash checks. 2020-03-06 11:37:35 +01:00
Armin Novak
72ca88f49c Reformatted to new style 2019-11-07 10:53:54 +01:00
Armin Novak
dd3276d664 Prefer VerifyX509Certificate and fixed const arguments 
If VerifyX509Certificate is set use it also when doing internal
certificate management. Added flags to ensure it is possible to
find out which type of connection is being made.
 2018-12-04 09:35:24 +01:00
Pascal J. Bourguignon
63d00f6f81 Corrected the compatibility function names: crypto_cert_subject_alt_name and crypto_cert_subject_alt_name_free. 2018-08-27 13:51:30 +02:00
Pascal J. Bourguignon
79d2294a23 Put back deprecated function names crypto_cert_get_alt_names and crypto_cert_alt_names_free for FREERDP_API compatibility. 2018-08-24 15:20:03 +02:00
Pascal J. Bourguignon
469f9bf488 Smartcard Logon: restructured x509 certificate info extraction; added extracting the UPN. 2018-08-24 14:03:04 +02:00
Norbert Federa
7befab856c Support for OpenSSL 1.1.0 2016-11-24 17:50:09 +01:00
Armin Novak
238ff3b315 Unified encryption functions. 2016-02-27 23:28:49 +01:00
Armin Novak
5805ba8e52 Removed crypto_nonce. 2016-02-27 22:40:43 +01:00
Armin Novak
f997421098 Unified hmac functions. 2016-02-24 21:50:08 +01:00
Armin Novak
ada2b16c50 Unified RC4 functions. 2016-02-24 17:04:03 +01:00
Armin Novak
06da644007 Unified md5 functions. 2016-02-24 16:46:25 +01:00
Armin Novak
0e4ea3943a Unified sha1 functions. 2016-02-24 16:36:15 +01:00
Armin Novak
6da4a5aaf0 Using '<host> <port> <fp>' format for known hosts. 2015-06-09 15:33:13 +02:00
David FORT
0eb399a717 Treat return values for security.c 
This patch make functions in security.c return values when they should instead of
beeing void. And it also fix the callers of these functions.
 2015-04-01 11:11:37 +02:00
Jason Plum
6ce5991e74 libfreerdp: crypto: add certificate chain validation! 2015-03-13 13:50:54 -04:00
Armin Novak
e6fa0911a3 Fixed missing extern C 2014-12-01 13:12:51 +01:00
Hardening
9f1d0201ec Changes for base64 
This patch changes the prototype for decode_base64 so that the encode / decode
method are consistant (encode(BYTE *) => char* and decode(char*) => BYTE*).
It also does some improvements with unrolling loops so that end conditions are
tested only at the end.
The patch also adds some unitary tests.
Before the patch base64_decode() made valgrind complain about uninitialized
bits, after valgrind is happy and very quiet.
 2014-05-11 22:49:10 +02:00
Hardening
50f1f0df6f Add some const modifiers 
This allows these functions to be used with const buffers.
 2014-05-09 22:36:50 +02:00
Daryl Poe
076b8a84c2 commandline session reconnect 2013-10-22 09:14:29 -06:00
Armin Novak
ddab90ece4 Fixed alt_names free, now using cleanup function to wrap details. 2013-09-05 12:14:35 +02:00
Daryl Poe
f71f179c28 fix per-device CAL licensing 
(cherry picked from commit d6d0d81d08)
 2013-08-26 09:37:48 +02:00
Marc-André Moreau
0de89ab4c9 libfreerdp-core: enable non-null licensing client random 2013-02-05 09:46:25 -05:00
Marc-André Moreau
8a32de3801 libfreerdp: purged source tree from deprecated memory utils 2012-11-21 21:22:06 -05:00
Marc-André Moreau
9d064171a7 freerdp: get rid of old types 2012-10-09 03:26:39 -04:00
Marc-André Moreau
1bf8a45519 freerdp: change uint8, sint8, uint16, sint16 to BYTE, INT8, UINT16, INT16 2012-10-09 03:01:37 -04:00
Marc-André Moreau
1ed644786c freerdp: change boolean type to BOOL type 2012-10-09 02:38:39 -04:00
Marc-André Moreau
6dcc8e73ee libfreerdp-utils: get rid of rdpBlob 2012-09-24 04:40:32 -04:00
Marc-André Moreau
e1e3f12114 winpr: move wtypes.h and windows.h 2012-05-04 19:36:35 -04:00
Marc-André Moreau
97391dc782 libfreerdp-core: cleanup RTS header encoding 2012-04-19 15:43:20 -04:00
Marc-André Moreau
fa7900d293 libfreerdp-core: start using HTTP utils for NTLM HTTP authentication 2012-04-16 16:21:46 -04:00