From 17ed282656cb2211e8048222503937abe8f53a68 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marc-Andr=C3=A9=20Moreau?= Date: Fri, 23 Sep 2011 14:25:38 -0400 Subject: [PATCH 1/5] wfreerdp: fix compilation on windows --- client/Windows/wfreerdp.h | 2 +- include/freerdp/common/bitmap.h | 2 +- libfreerdp-core/mppc.h | 8 -------- libfreerdp-core/redirection.c | 2 +- libfreerdp-core/tcp.c | 1 + libfreerdp-core/update.c | 7 ++++--- libfreerdp-utils/sleep.c | 4 ++++ 7 files changed, 12 insertions(+), 14 deletions(-) diff --git a/client/Windows/wfreerdp.h b/client/Windows/wfreerdp.h index ff92b0164..1baec4667 100644 --- a/client/Windows/wfreerdp.h +++ b/client/Windows/wfreerdp.h @@ -31,7 +31,7 @@ #include #include -#include +#include #include #include diff --git a/include/freerdp/common/bitmap.h b/include/freerdp/common/bitmap.h index 618cb4c1c..b440eaf60 100644 --- a/include/freerdp/common/bitmap.h +++ b/include/freerdp/common/bitmap.h @@ -22,6 +22,6 @@ #include -boolean bitmap_decompress(uint8* srcData, uint8* dstData, int width, int height, int size, int srcBpp, int dstBpp); +FREERDP_API boolean bitmap_decompress(uint8* srcData, uint8* dstData, int width, int height, int size, int srcBpp, int dstBpp); #endif /* __BITMAP_H */ diff --git a/libfreerdp-core/mppc.h b/libfreerdp-core/mppc.h index ca93f1e31..25402d486 100644 --- a/libfreerdp-core/mppc.h +++ b/libfreerdp-core/mppc.h @@ -22,14 +22,6 @@ #include -#define _MPPC_DEBUG - -#ifdef MPPC_DEBUG -#define mprintf(y...) printf(y); -#else -#define mprintf(y...) -#endif - #define RDP5_HISTORY_BUF_SIZE 65536 struct rdp_mppc diff --git a/libfreerdp-core/redirection.c b/libfreerdp-core/redirection.c index af443fbbf..5e6c0e5a5 100644 --- a/libfreerdp-core/redirection.c +++ b/libfreerdp-core/redirection.c @@ -200,7 +200,7 @@ void redirection_free(rdpRedirection* redirection) { int i; - for (i = 0; i < redirection->targetNetAddressesCount; i++) + for (i = 0; i < (int) redirection->targetNetAddressesCount; i++) freerdp_string_free(&redirection->targetNetAddresses[i]); xfree(redirection->targetNetAddresses); diff --git a/libfreerdp-core/tcp.c b/libfreerdp-core/tcp.c index 2bdd616be..778af0938 100644 --- a/libfreerdp-core/tcp.c +++ b/libfreerdp-core/tcp.c @@ -33,6 +33,7 @@ #include #include #else +#define SHUT_RDWR SD_BOTH #define close(_fd) closesocket(_fd) #endif diff --git a/libfreerdp-core/update.c b/libfreerdp-core/update.c index a2bf92486..0cc4ed4f2 100644 --- a/libfreerdp-core/update.c +++ b/libfreerdp-core/update.c @@ -323,9 +323,10 @@ void update_recv(rdpUpdate* update, STREAM* s) void update_reset_state(rdpUpdate* update) { - update->state_start = &update->state_start; - update->state_end = &update->state_end; - memset(update->state_start, 0, update->state_end - update->state_start); + int length; + + length = &update->state_end - &update->state_start; + memset(update->state_start, 0, length); update->order_info.orderType = ORDER_TYPE_PATBLT; update->switch_surface.bitmapId = SCREEN_BITMAP_SURFACE; IFCALL(update->SwitchSurface, update, &(update->switch_surface)); diff --git a/libfreerdp-utils/sleep.c b/libfreerdp-utils/sleep.c index 6d64ed8ab..6cb700862 100644 --- a/libfreerdp-utils/sleep.c +++ b/libfreerdp-utils/sleep.c @@ -30,7 +30,11 @@ void freerdp_sleep(uint32 seconds) { +#ifndef _WIN32 sleep(seconds); +#else + Sleep(seconds * 1000); +#endif } void freerdp_usleep(uint32 useconds) From c2ccba532fa885deb9fdfe64a02fb0f9f21400f2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marc-Andr=C3=A9=20Moreau?= Date: Fri, 23 Sep 2011 14:38:16 -0400 Subject: [PATCH 2/5] cmake: fix build options for wfreerdp --- CMakeLists.txt | 1 + client/Windows/CMakeLists.txt | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index ceef9bd8b..d38151f74 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -76,6 +76,7 @@ if(MSVC) set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /Gd /MT") set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /O2 /Ob2") set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -D_X86_") + set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -D_UNICODE") set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DFREERDP_EXPORTS") set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -D_CRT_SECURE_NO_WARNINGS") set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWIN32_LEAN_AND_MEAN") diff --git a/client/Windows/CMakeLists.txt b/client/Windows/CMakeLists.txt index 6ccf8514b..fcf7566d5 100644 --- a/client/Windows/CMakeLists.txt +++ b/client/Windows/CMakeLists.txt @@ -17,7 +17,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -add_executable(wfreerdp +add_executable(wfreerdp WIN32 wfreerdp.c wfreerdp.h) From 3ce1b2fc45c644c6afa05b3117893975908c419b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marc-Andr=C3=A9=20Moreau?= Date: Fri, 23 Sep 2011 23:49:58 -0400 Subject: [PATCH 3/5] libfreerdp-core: fix segmentation fault in update_reset_state --- libfreerdp-core/update.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/libfreerdp-core/update.c b/libfreerdp-core/update.c index 0cc4ed4f2..033f79fc7 100644 --- a/libfreerdp-core/update.c +++ b/libfreerdp-core/update.c @@ -326,7 +326,8 @@ void update_reset_state(rdpUpdate* update) int length; length = &update->state_end - &update->state_start; - memset(update->state_start, 0, length); + + memset(&update->state_start, 0, length); update->order_info.orderType = ORDER_TYPE_PATBLT; update->switch_surface.bitmapId = SCREEN_BITMAP_SURFACE; IFCALL(update->SwitchSurface, update, &(update->switch_surface)); From b773c7e72829170c2731ffbf99f6cbe1f5c0f43c Mon Sep 17 00:00:00 2001 From: Jay Sorg Date: Fri, 23 Sep 2011 23:09:29 -0700 Subject: [PATCH 4/5] move non settings security items out of settings --- include/freerdp/settings.h | 11 --------- libfreerdp-core/connection.c | 10 ++++----- libfreerdp-core/rdp.c | 11 ++++----- libfreerdp-core/rdp.h | 9 ++++++++ libfreerdp-core/security.c | 43 ++++++++++++++++++------------------ libfreerdp-core/security.h | 2 +- 6 files changed, 43 insertions(+), 43 deletions(-) diff --git a/include/freerdp/settings.h b/include/freerdp/settings.h index 5eda6a60f..807670616 100644 --- a/include/freerdp/settings.h +++ b/include/freerdp/settings.h @@ -207,17 +207,6 @@ struct rdp_settings rdpBlob server_certificate; struct rdp_certificate* server_cert; - uint8 sign_key[16]; - uint8 decrypt_key[16]; - uint8 encrypt_key[16]; - uint8 decrypt_update_key[16]; - uint8 encrypt_update_key[16]; - int rc4_key_len; - - uint8 fips_sign_key[20]; - uint8 fips_encrypt_key[24]; - uint8 fips_decrypt_key[24]; - boolean console_audio; boolean console_session; uint32 redirected_session_id; diff --git a/libfreerdp-core/connection.c b/libfreerdp-core/connection.c index 4b3a44bb5..b0426956a 100644 --- a/libfreerdp-core/connection.c +++ b/libfreerdp-core/connection.c @@ -193,7 +193,7 @@ static boolean rdp_establish_keys(rdpRdp* rdp) } /* now calculate encrypt / decrypt and upate keys */ - if (!security_establish_keys(client_random, rdp->settings)) + if (!security_establish_keys(client_random, rdp)) { return False; } @@ -203,15 +203,15 @@ static boolean rdp_establish_keys(rdpRdp* rdp) if (rdp->settings->encryption_method == ENCRYPTION_METHOD_FIPS) { uint8 fips_ivec[8] = { 0x12, 0x34, 0x56, 0x78, 0x90, 0xAB, 0xCD, 0xEF }; - rdp->fips_encrypt = crypto_des3_encrypt_init(rdp->settings->fips_encrypt_key, fips_ivec); - rdp->fips_decrypt = crypto_des3_decrypt_init(rdp->settings->fips_decrypt_key, fips_ivec); + rdp->fips_encrypt = crypto_des3_encrypt_init(rdp->fips_encrypt_key, fips_ivec); + rdp->fips_decrypt = crypto_des3_decrypt_init(rdp->fips_decrypt_key, fips_ivec); rdp->fips_hmac = crypto_hmac_new(); return True; } - rdp->rc4_decrypt_key = crypto_rc4_init(rdp->settings->decrypt_key, rdp->settings->rc4_key_len); - rdp->rc4_encrypt_key = crypto_rc4_init(rdp->settings->encrypt_key, rdp->settings->rc4_key_len); + rdp->rc4_decrypt_key = crypto_rc4_init(rdp->decrypt_key, rdp->rc4_key_len); + rdp->rc4_encrypt_key = crypto_rc4_init(rdp->encrypt_key, rdp->rc4_key_len); return True; } diff --git a/libfreerdp-core/rdp.c b/libfreerdp-core/rdp.c index 0898d281b..004a94f09 100644 --- a/libfreerdp-core/rdp.c +++ b/libfreerdp-core/rdp.c @@ -1,4 +1,3 @@ - /** * FreeRDP: A Remote Desktop Protocol Client * RDP Core @@ -312,8 +311,8 @@ static uint32 rdp_security_stream_out(rdpRdp* rdp, STREAM* s, int length) data = s->p + 8; length = length - (data - s->data); - mk = rdp->settings->sign_key; - ml = rdp->settings->rc4_key_len; + mk = rdp->sign_key; + ml = rdp->rc4_key_len; security_mac_signature(mk, ml, data, length, s->p); stream_seek(s, 8); security_encrypt(s->p, length, rdp); @@ -328,11 +327,13 @@ static uint32 rdp_get_sec_bytes(rdpRdp* rdp) { uint32 sec_bytes; - if (rdp->sec_flags & SEC_ENCRYPT) { + if (rdp->sec_flags & SEC_ENCRYPT) + { sec_bytes = 12; if (rdp->settings->encryption_method == ENCRYPTION_METHOD_FIPS) sec_bytes += 4; - } else if (rdp->sec_flags != 0) + } + else if (rdp->sec_flags != 0) sec_bytes = 4; else sec_bytes = 0; diff --git a/libfreerdp-core/rdp.h b/libfreerdp-core/rdp.h index 8064b632f..018ba8d25 100644 --- a/libfreerdp-core/rdp.h +++ b/libfreerdp-core/rdp.h @@ -137,6 +137,15 @@ struct rdp_rdp struct crypto_hmac_struct* fips_hmac; uint32 sec_flags; boolean do_crypt; + uint8 sign_key[16]; + uint8 decrypt_key[16]; + uint8 encrypt_key[16]; + uint8 decrypt_update_key[16]; + uint8 encrypt_update_key[16]; + int rc4_key_len; + uint8 fips_sign_key[20]; + uint8 fips_encrypt_key[24]; + uint8 fips_decrypt_key[24]; }; void rdp_read_security_header(STREAM* s, uint16* flags); diff --git a/libfreerdp-core/security.c b/libfreerdp-core/security.c index 7bbdc71a6..615559fa6 100644 --- a/libfreerdp-core/security.c +++ b/libfreerdp-core/security.c @@ -298,15 +298,16 @@ fips_expand_key_bits(uint8 *in, uint8 *out) out[i] = fips_oddparity_table[fips_reverse_table[out[i]]]; } - -boolean security_establish_keys(uint8* client_random, rdpSettings* settings) +boolean security_establish_keys(uint8* client_random, rdpRdp* rdp) { uint8 pre_master_secret[48]; uint8 master_secret[48]; uint8 session_key_blob[48]; uint8* server_random; uint8 salt40[] = { 0xD1, 0x26, 0x9E }; + rdpSettings* settings; + settings = rdp->settings; server_random = settings->server_random.data; if (settings->encryption_method == ENCRYPTION_METHOD_FIPS) @@ -322,7 +323,7 @@ boolean security_establish_keys(uint8* client_random, rdpSettings* settings) crypto_sha1_final(sha1, client_encrypt_key_t); client_encrypt_key_t[20] = client_encrypt_key_t[0]; - fips_expand_key_bits(client_encrypt_key_t, settings->fips_encrypt_key); + fips_expand_key_bits(client_encrypt_key_t, rdp->fips_encrypt_key); sha1 = crypto_sha1_init(); crypto_sha1_update(sha1, client_random, 16); @@ -330,12 +331,12 @@ boolean security_establish_keys(uint8* client_random, rdpSettings* settings) crypto_sha1_final(sha1, client_decrypt_key_t); client_decrypt_key_t[20] = client_decrypt_key_t[0]; - fips_expand_key_bits(client_decrypt_key_t, settings->fips_decrypt_key); + fips_expand_key_bits(client_decrypt_key_t, rdp->fips_decrypt_key); sha1 = crypto_sha1_init(); crypto_sha1_update(sha1, client_decrypt_key_t, 20); crypto_sha1_update(sha1, client_encrypt_key_t, 20); - crypto_sha1_final(sha1, settings->fips_sign_key); + crypto_sha1_final(sha1, rdp->fips_sign_key); } memcpy(pre_master_secret, client_random, 24); @@ -344,25 +345,25 @@ boolean security_establish_keys(uint8* client_random, rdpSettings* settings) security_A(pre_master_secret, client_random, server_random, master_secret); security_X(master_secret, client_random, server_random, session_key_blob); - memcpy(settings->sign_key, session_key_blob, 16); + memcpy(rdp->sign_key, session_key_blob, 16); - security_md5_16_32_32(&session_key_blob[16], client_random, server_random, settings->decrypt_key); - security_md5_16_32_32(&session_key_blob[32], client_random, server_random, settings->encrypt_key); + security_md5_16_32_32(&session_key_blob[16], client_random, server_random, rdp->decrypt_key); + security_md5_16_32_32(&session_key_blob[32], client_random, server_random, rdp->encrypt_key); if (settings->encryption_method == 1) /* 40 and 56 bit */ { - memcpy(settings->sign_key, salt40, 3); /* TODO 56 bit */ - memcpy(settings->decrypt_key, salt40, 3); /* TODO 56 bit */ - memcpy(settings->encrypt_key, salt40, 3); /* TODO 56 bit */ - settings->rc4_key_len = 8; + memcpy(rdp->sign_key, salt40, 3); /* TODO 56 bit */ + memcpy(rdp->decrypt_key, salt40, 3); /* TODO 56 bit */ + memcpy(rdp->encrypt_key, salt40, 3); /* TODO 56 bit */ + rdp->rc4_key_len = 8; } else if (settings->encryption_method == 2) /* 128 bit */ { - settings->rc4_key_len = 16; + rdp->rc4_key_len = 16; } - memcpy(settings->decrypt_update_key, settings->decrypt_key, 16); - memcpy(settings->encrypt_update_key, settings->encrypt_key, 16); + memcpy(rdp->decrypt_update_key, rdp->decrypt_key, 16); + memcpy(rdp->encrypt_update_key, rdp->encrypt_key, 16); return True; } @@ -401,9 +402,9 @@ boolean security_encrypt(uint8* data, int length, rdpRdp* rdp) { if (rdp->encrypt_use_count >= 4096) { - security_key_update(rdp->settings->encrypt_key, rdp->settings->encrypt_update_key, rdp->settings->rc4_key_len); + security_key_update(rdp->encrypt_key, rdp->encrypt_update_key, rdp->rc4_key_len); crypto_rc4_free(rdp->rc4_encrypt_key); - rdp->rc4_encrypt_key = crypto_rc4_init(rdp->settings->encrypt_key, rdp->settings->rc4_key_len); + rdp->rc4_encrypt_key = crypto_rc4_init(rdp->encrypt_key, rdp->rc4_key_len); rdp->encrypt_use_count = 0; } crypto_rc4(rdp->rc4_encrypt_key, length, data, data); @@ -415,9 +416,9 @@ boolean security_decrypt(uint8* data, int length, rdpRdp* rdp) { if (rdp->decrypt_use_count >= 4096) { - security_key_update(rdp->settings->decrypt_key, rdp->settings->decrypt_update_key, rdp->settings->rc4_key_len); + security_key_update(rdp->decrypt_key, rdp->decrypt_update_key, rdp->rc4_key_len); crypto_rc4_free(rdp->rc4_decrypt_key); - rdp->rc4_decrypt_key = crypto_rc4_init(rdp->settings->decrypt_key, rdp->settings->rc4_key_len); + rdp->rc4_decrypt_key = crypto_rc4_init(rdp->decrypt_key, rdp->rc4_key_len); rdp->decrypt_use_count = 0; } crypto_rc4(rdp->rc4_decrypt_key, length, data, data); @@ -432,7 +433,7 @@ void security_hmac_signature(uint8* data, int length, uint8* output, rdpRdp* rdp security_uint32_le(use_count_le, rdp->encrypt_use_count); - crypto_hmac_sha1_init(rdp->fips_hmac, rdp->settings->fips_sign_key, 20); + crypto_hmac_sha1_init(rdp->fips_hmac, rdp->fips_sign_key, 20); crypto_hmac_update(rdp->fips_hmac, data, length); crypto_hmac_update(rdp->fips_hmac, use_count_le, 4); crypto_hmac_final(rdp->fips_hmac, buf, 20); @@ -460,7 +461,7 @@ boolean security_fips_check_signature(uint8* data, int length, uint8* sig, rdpRd security_uint32_le(use_count_le, rdp->decrypt_use_count); - crypto_hmac_sha1_init(rdp->fips_hmac, rdp->settings->fips_sign_key, 20); + crypto_hmac_sha1_init(rdp->fips_hmac, rdp->fips_sign_key, 20); crypto_hmac_update(rdp->fips_hmac, data, length); crypto_hmac_update(rdp->fips_hmac, use_count_le, 4); crypto_hmac_final(rdp->fips_hmac, buf, 20); diff --git a/libfreerdp-core/security.h b/libfreerdp-core/security.h index 02e27b3b0..6d4b0f5d4 100644 --- a/libfreerdp-core/security.h +++ b/libfreerdp-core/security.h @@ -33,7 +33,7 @@ void security_licensing_encryption_key(uint8* session_key_blob, uint8* client_ra void security_mac_data(uint8* mac_salt_key, uint8* data, uint32 length, uint8* output); void security_mac_signature(uint8* mac_key, int mac_key_length, uint8* data, uint32 length, uint8* output); -boolean security_establish_keys(uint8* client_random, rdpSettings* settings); +boolean security_establish_keys(uint8* client_random, rdpRdp* rdp); boolean security_encrypt(uint8* data, int length, rdpRdp* rdp); boolean security_decrypt(uint8* data, int length, rdpRdp* rdp); From 123398c419ecdf0088d75c9ed7e7a6e672e01cb2 Mon Sep 17 00:00:00 2001 From: Jay Sorg Date: Fri, 23 Sep 2011 23:38:11 -0700 Subject: [PATCH 5/5] coding style --- libfreerdp-core/security.c | 155 ++++++++++++++++++------------------- 1 file changed, 77 insertions(+), 78 deletions(-) diff --git a/libfreerdp-core/security.c b/libfreerdp-core/security.c index 615559fa6..369ee677e 100644 --- a/libfreerdp-core/security.c +++ b/libfreerdp-core/security.c @@ -41,78 +41,79 @@ static uint8 pad2[48] = }; static uint8 -fips_reverse_table[256] = { - 0x00, 0x80, 0x40, 0xc0, 0x20, 0xa0, 0x60, 0xe0, - 0x10, 0x90, 0x50, 0xd0, 0x30, 0xb0, 0x70, 0xf0, - 0x08, 0x88, 0x48, 0xc8, 0x28, 0xa8, 0x68, 0xe8, - 0x18, 0x98, 0x58, 0xd8, 0x38, 0xb8, 0x78, 0xf8, - 0x04, 0x84, 0x44, 0xc4, 0x24, 0xa4, 0x64, 0xe4, - 0x14, 0x94, 0x54, 0xd4, 0x34, 0xb4, 0x74, 0xf4, - 0x0c, 0x8c, 0x4c, 0xcc, 0x2c, 0xac, 0x6c, 0xec, - 0x1c, 0x9c, 0x5c, 0xdc, 0x3c, 0xbc, 0x7c, 0xfc, - 0x02, 0x82, 0x42, 0xc2, 0x22, 0xa2, 0x62, 0xe2, - 0x12, 0x92, 0x52, 0xd2, 0x32, 0xb2, 0x72, 0xf2, - 0x0a, 0x8a, 0x4a, 0xca, 0x2a, 0xaa, 0x6a, 0xea, - 0x1a, 0x9a, 0x5a, 0xda, 0x3a, 0xba, 0x7a, 0xfa, - 0x06, 0x86, 0x46, 0xc6, 0x26, 0xa6, 0x66, 0xe6, - 0x16, 0x96, 0x56, 0xd6, 0x36, 0xb6, 0x76, 0xf6, - 0x0e, 0x8e, 0x4e, 0xce, 0x2e, 0xae, 0x6e, 0xee, - 0x1e, 0x9e, 0x5e, 0xde, 0x3e, 0xbe, 0x7e, 0xfe, - 0x01, 0x81, 0x41, 0xc1, 0x21, 0xa1, 0x61, 0xe1, - 0x11, 0x91, 0x51, 0xd1, 0x31, 0xb1, 0x71, 0xf1, - 0x09, 0x89, 0x49, 0xc9, 0x29, 0xa9, 0x69, 0xe9, - 0x19, 0x99, 0x59, 0xd9, 0x39, 0xb9, 0x79, 0xf9, - 0x05, 0x85, 0x45, 0xc5, 0x25, 0xa5, 0x65, 0xe5, - 0x15, 0x95, 0x55, 0xd5, 0x35, 0xb5, 0x75, 0xf5, - 0x0d, 0x8d, 0x4d, 0xcd, 0x2d, 0xad, 0x6d, 0xed, - 0x1d, 0x9d, 0x5d, 0xdd, 0x3d, 0xbd, 0x7d, 0xfd, - 0x03, 0x83, 0x43, 0xc3, 0x23, 0xa3, 0x63, 0xe3, - 0x13, 0x93, 0x53, 0xd3, 0x33, 0xb3, 0x73, 0xf3, - 0x0b, 0x8b, 0x4b, 0xcb, 0x2b, 0xab, 0x6b, 0xeb, - 0x1b, 0x9b, 0x5b, 0xdb, 0x3b, 0xbb, 0x7b, 0xfb, - 0x07, 0x87, 0x47, 0xc7, 0x27, 0xa7, 0x67, 0xe7, - 0x17, 0x97, 0x57, 0xd7, 0x37, 0xb7, 0x77, 0xf7, - 0x0f, 0x8f, 0x4f, 0xcf, 0x2f, 0xaf, 0x6f, 0xef, - 0x1f, 0x9f, 0x5f, 0xdf, 0x3f, 0xbf, 0x7f, 0xff, +fips_reverse_table[256] = +{ + 0x00, 0x80, 0x40, 0xc0, 0x20, 0xa0, 0x60, 0xe0, + 0x10, 0x90, 0x50, 0xd0, 0x30, 0xb0, 0x70, 0xf0, + 0x08, 0x88, 0x48, 0xc8, 0x28, 0xa8, 0x68, 0xe8, + 0x18, 0x98, 0x58, 0xd8, 0x38, 0xb8, 0x78, 0xf8, + 0x04, 0x84, 0x44, 0xc4, 0x24, 0xa4, 0x64, 0xe4, + 0x14, 0x94, 0x54, 0xd4, 0x34, 0xb4, 0x74, 0xf4, + 0x0c, 0x8c, 0x4c, 0xcc, 0x2c, 0xac, 0x6c, 0xec, + 0x1c, 0x9c, 0x5c, 0xdc, 0x3c, 0xbc, 0x7c, 0xfc, + 0x02, 0x82, 0x42, 0xc2, 0x22, 0xa2, 0x62, 0xe2, + 0x12, 0x92, 0x52, 0xd2, 0x32, 0xb2, 0x72, 0xf2, + 0x0a, 0x8a, 0x4a, 0xca, 0x2a, 0xaa, 0x6a, 0xea, + 0x1a, 0x9a, 0x5a, 0xda, 0x3a, 0xba, 0x7a, 0xfa, + 0x06, 0x86, 0x46, 0xc6, 0x26, 0xa6, 0x66, 0xe6, + 0x16, 0x96, 0x56, 0xd6, 0x36, 0xb6, 0x76, 0xf6, + 0x0e, 0x8e, 0x4e, 0xce, 0x2e, 0xae, 0x6e, 0xee, + 0x1e, 0x9e, 0x5e, 0xde, 0x3e, 0xbe, 0x7e, 0xfe, + 0x01, 0x81, 0x41, 0xc1, 0x21, 0xa1, 0x61, 0xe1, + 0x11, 0x91, 0x51, 0xd1, 0x31, 0xb1, 0x71, 0xf1, + 0x09, 0x89, 0x49, 0xc9, 0x29, 0xa9, 0x69, 0xe9, + 0x19, 0x99, 0x59, 0xd9, 0x39, 0xb9, 0x79, 0xf9, + 0x05, 0x85, 0x45, 0xc5, 0x25, 0xa5, 0x65, 0xe5, + 0x15, 0x95, 0x55, 0xd5, 0x35, 0xb5, 0x75, 0xf5, + 0x0d, 0x8d, 0x4d, 0xcd, 0x2d, 0xad, 0x6d, 0xed, + 0x1d, 0x9d, 0x5d, 0xdd, 0x3d, 0xbd, 0x7d, 0xfd, + 0x03, 0x83, 0x43, 0xc3, 0x23, 0xa3, 0x63, 0xe3, + 0x13, 0x93, 0x53, 0xd3, 0x33, 0xb3, 0x73, 0xf3, + 0x0b, 0x8b, 0x4b, 0xcb, 0x2b, 0xab, 0x6b, 0xeb, + 0x1b, 0x9b, 0x5b, 0xdb, 0x3b, 0xbb, 0x7b, 0xfb, + 0x07, 0x87, 0x47, 0xc7, 0x27, 0xa7, 0x67, 0xe7, + 0x17, 0x97, 0x57, 0xd7, 0x37, 0xb7, 0x77, 0xf7, + 0x0f, 0x8f, 0x4f, 0xcf, 0x2f, 0xaf, 0x6f, 0xef, + 0x1f, 0x9f, 0x5f, 0xdf, 0x3f, 0xbf, 0x7f, 0xff }; static uint8 -fips_oddparity_table[256] = { - 0x01, 0x01, 0x02, 0x02, 0x04, 0x04, 0x07, 0x07, - 0x08, 0x08, 0x0b, 0x0b, 0x0d, 0x0d, 0x0e, 0x0e, - 0x10, 0x10, 0x13, 0x13, 0x15, 0x15, 0x16, 0x16, - 0x19, 0x19, 0x1a, 0x1a, 0x1c, 0x1c, 0x1f, 0x1f, - 0x20, 0x20, 0x23, 0x23, 0x25, 0x25, 0x26, 0x26, - 0x29, 0x29, 0x2a, 0x2a, 0x2c, 0x2c, 0x2f, 0x2f, - 0x31, 0x31, 0x32, 0x32, 0x34, 0x34, 0x37, 0x37, - 0x38, 0x38, 0x3b, 0x3b, 0x3d, 0x3d, 0x3e, 0x3e, - 0x40, 0x40, 0x43, 0x43, 0x45, 0x45, 0x46, 0x46, - 0x49, 0x49, 0x4a, 0x4a, 0x4c, 0x4c, 0x4f, 0x4f, - 0x51, 0x51, 0x52, 0x52, 0x54, 0x54, 0x57, 0x57, - 0x58, 0x58, 0x5b, 0x5b, 0x5d, 0x5d, 0x5e, 0x5e, - 0x61, 0x61, 0x62, 0x62, 0x64, 0x64, 0x67, 0x67, - 0x68, 0x68, 0x6b, 0x6b, 0x6d, 0x6d, 0x6e, 0x6e, - 0x70, 0x70, 0x73, 0x73, 0x75, 0x75, 0x76, 0x76, - 0x79, 0x79, 0x7a, 0x7a, 0x7c, 0x7c, 0x7f, 0x7f, - 0x80, 0x80, 0x83, 0x83, 0x85, 0x85, 0x86, 0x86, - 0x89, 0x89, 0x8a, 0x8a, 0x8c, 0x8c, 0x8f, 0x8f, - 0x91, 0x91, 0x92, 0x92, 0x94, 0x94, 0x97, 0x97, - 0x98, 0x98, 0x9b, 0x9b, 0x9d, 0x9d, 0x9e, 0x9e, - 0xa1, 0xa1, 0xa2, 0xa2, 0xa4, 0xa4, 0xa7, 0xa7, - 0xa8, 0xa8, 0xab, 0xab, 0xad, 0xad, 0xae, 0xae, - 0xb0, 0xb0, 0xb3, 0xb3, 0xb5, 0xb5, 0xb6, 0xb6, - 0xb9, 0xb9, 0xba, 0xba, 0xbc, 0xbc, 0xbf, 0xbf, - 0xc1, 0xc1, 0xc2, 0xc2, 0xc4, 0xc4, 0xc7, 0xc7, - 0xc8, 0xc8, 0xcb, 0xcb, 0xcd, 0xcd, 0xce, 0xce, - 0xd0, 0xd0, 0xd3, 0xd3, 0xd5, 0xd5, 0xd6, 0xd6, - 0xd9, 0xd9, 0xda, 0xda, 0xdc, 0xdc, 0xdf, 0xdf, - 0xe0, 0xe0, 0xe3, 0xe3, 0xe5, 0xe5, 0xe6, 0xe6, - 0xe9, 0xe9, 0xea, 0xea, 0xec, 0xec, 0xef, 0xef, - 0xf1, 0xf1, 0xf2, 0xf2, 0xf4, 0xf4, 0xf7, 0xf7, - 0xf8, 0xf8, 0xfb, 0xfb, 0xfd, 0xfd, 0xfe, 0xfe, +fips_oddparity_table[256] = +{ + 0x01, 0x01, 0x02, 0x02, 0x04, 0x04, 0x07, 0x07, + 0x08, 0x08, 0x0b, 0x0b, 0x0d, 0x0d, 0x0e, 0x0e, + 0x10, 0x10, 0x13, 0x13, 0x15, 0x15, 0x16, 0x16, + 0x19, 0x19, 0x1a, 0x1a, 0x1c, 0x1c, 0x1f, 0x1f, + 0x20, 0x20, 0x23, 0x23, 0x25, 0x25, 0x26, 0x26, + 0x29, 0x29, 0x2a, 0x2a, 0x2c, 0x2c, 0x2f, 0x2f, + 0x31, 0x31, 0x32, 0x32, 0x34, 0x34, 0x37, 0x37, + 0x38, 0x38, 0x3b, 0x3b, 0x3d, 0x3d, 0x3e, 0x3e, + 0x40, 0x40, 0x43, 0x43, 0x45, 0x45, 0x46, 0x46, + 0x49, 0x49, 0x4a, 0x4a, 0x4c, 0x4c, 0x4f, 0x4f, + 0x51, 0x51, 0x52, 0x52, 0x54, 0x54, 0x57, 0x57, + 0x58, 0x58, 0x5b, 0x5b, 0x5d, 0x5d, 0x5e, 0x5e, + 0x61, 0x61, 0x62, 0x62, 0x64, 0x64, 0x67, 0x67, + 0x68, 0x68, 0x6b, 0x6b, 0x6d, 0x6d, 0x6e, 0x6e, + 0x70, 0x70, 0x73, 0x73, 0x75, 0x75, 0x76, 0x76, + 0x79, 0x79, 0x7a, 0x7a, 0x7c, 0x7c, 0x7f, 0x7f, + 0x80, 0x80, 0x83, 0x83, 0x85, 0x85, 0x86, 0x86, + 0x89, 0x89, 0x8a, 0x8a, 0x8c, 0x8c, 0x8f, 0x8f, + 0x91, 0x91, 0x92, 0x92, 0x94, 0x94, 0x97, 0x97, + 0x98, 0x98, 0x9b, 0x9b, 0x9d, 0x9d, 0x9e, 0x9e, + 0xa1, 0xa1, 0xa2, 0xa2, 0xa4, 0xa4, 0xa7, 0xa7, + 0xa8, 0xa8, 0xab, 0xab, 0xad, 0xad, 0xae, 0xae, + 0xb0, 0xb0, 0xb3, 0xb3, 0xb5, 0xb5, 0xb6, 0xb6, + 0xb9, 0xb9, 0xba, 0xba, 0xbc, 0xbc, 0xbf, 0xbf, + 0xc1, 0xc1, 0xc2, 0xc2, 0xc4, 0xc4, 0xc7, 0xc7, + 0xc8, 0xc8, 0xcb, 0xcb, 0xcd, 0xcd, 0xce, 0xce, + 0xd0, 0xd0, 0xd3, 0xd3, 0xd5, 0xd5, 0xd6, 0xd6, + 0xd9, 0xd9, 0xda, 0xda, 0xdc, 0xdc, 0xdf, 0xdf, + 0xe0, 0xe0, 0xe3, 0xe3, 0xe5, 0xe5, 0xe6, 0xe6, + 0xe9, 0xe9, 0xea, 0xea, 0xec, 0xec, 0xef, 0xef, + 0xf1, 0xf1, 0xf2, 0xf2, 0xf4, 0xf4, 0xf7, 0xf7, + 0xf8, 0xf8, 0xfb, 0xfb, 0xfd, 0xfd, 0xfe, 0xfe }; - static void security_salted_hash(uint8* salt, uint8* input, int length, uint8* salt1, uint8* salt2, uint8* output) { CryptoMd5 md5; @@ -264,36 +265,35 @@ static void security_X(uint8* master_secret, uint8* client_random, uint8* server security_premaster_hash("ZZZ", 3, master_secret, client_random, server_random, &output[32]); } -static void -fips_expand_key_bits(uint8 *in, uint8 *out) +static void fips_expand_key_bits(uint8* in, uint8* out) { uint8 buf[21], c; int i, b, p, r; - // reverse every byte in the key + /* reverse every byte in the key */ for (i = 0; i < 21; i++) buf[i] = fips_reverse_table[in[i]]; - // insert a zero-bit after every 7th bit + /* insert a zero-bit after every 7th bit */ for (i = 0, b = 0; i < 24; i++, b += 7) { - p = b/8; - r = b%8; + p = b / 8; + r = b % 8; if (r == 0) { out[i] = buf[p] & 0xfe; } else { - // c is accumulator + /* c is accumulator */ c = buf[p] << r; - c |= buf[p+1] >> (8-r); + c |= buf[p + 1] >> (8 - r); out[i] = c & 0xfe; } } - // reverse every byte - // alter lsb so the byte has odd parity + /* reverse every byte */ + /* alter lsb so the byte has odd parity */ for (i = 0; i < 24; i++) out[i] = fips_oddparity_table[fips_reverse_table[out[i]]]; } @@ -473,4 +473,3 @@ boolean security_fips_check_signature(uint8* data, int length, uint8* sig, rdpRd return True; } -