return -1;
status = remdesk->channelEntryPoints.pVirtualChannelWrite(remdesk->OpenHandle,
- Stream_Buffer(s), (UINT32) Stream_GetPosition(s), s);
+ Stream_Buffer(s), (UINT32) Stream_Length(s), s);
if (status != CHANNEL_RC_OK)
{
return -1;
}
- Stream_Free(s, TRUE);
-
return 1;
}
return 1;
}
+int remdesk_recv_result_pdu(remdeskPlugin* remdesk, wStream* s, REMDESK_CHANNEL_HEADER* header, UINT32 *pResult)
+{
+ UINT32 result;
+
+ if (Stream_GetRemainingLength(s) < 4)
+ return -1;
+
+ Stream_Read_UINT32(s, result); /* result (4 bytes) */
+
+ *pResult = result;
+
+ printf("RemdeskRecvResult: 0x%04X\n", result);
+
+ return 1;
+}
+
+int remdesk_send_ctl_authenticate_pdu(remdeskPlugin* remdesk)
+{
+ int status;
+ wStream* s;
+ int cbExpertBlobW = 0;
+ WCHAR* expertBlobW = NULL;
+ int cbRaConnectionStringW = 0;
+ WCHAR* raConnectionStringW = NULL;
+ REMDESK_CTL_AUTHENTICATE_PDU pdu;
+
+ pdu.expertBlob = NULL;
+ pdu.raConnectionString = NULL;
+
+ status = ConvertToUnicode(CP_UTF8, 0, pdu.raConnectionString, -1, &raConnectionStringW, 0);
+
+ if (status <= 0)
+ return -1;
+
+ cbRaConnectionStringW = status * 2;
+
+ status = ConvertToUnicode(CP_UTF8, 0, pdu.expertBlob, -1, &expertBlobW, 0);
+
+ if (status <= 0)
+ return -1;
+
+ cbExpertBlobW = status * 2;
+
+ remdesk_prepare_ctl_header(&(pdu.ctlHeader), REMDESK_CTL_AUTHENTICATE,
+ cbRaConnectionStringW + cbExpertBlobW);
+
+ s = Stream_New(NULL, REMDESK_CHANNEL_CTL_SIZE + pdu.ctlHeader.DataLength);
+
+ remdesk_write_ctl_header(s, &(pdu.ctlHeader));
+
+ Stream_Write(s, (BYTE*) raConnectionStringW, cbRaConnectionStringW);
+ Stream_Write(s, (BYTE*) expertBlobW, cbExpertBlobW);
+
+ Stream_SealLength(s);
+
+ remdesk_virtual_channel_write(remdesk, s);
+
+ free(raConnectionStringW);
+ free(expertBlobW);
+
+ return 1;
+}
+
+int remdesk_send_ctl_verify_password_pdu(remdeskPlugin* remdesk)
+{
+ int status;
+ wStream* s;
+ int cbExpertBlobW = 0;
+ WCHAR* expertBlobW = NULL;
+ REMDESK_CTL_VERIFY_PASSWORD_PDU pdu;
+
+ pdu.expertBlob = NULL;
+
+ status = ConvertToUnicode(CP_UTF8, 0, pdu.expertBlob, -1, &expertBlobW, 0);
+
+ if (status <= 0)
+ return -1;
+
+ cbExpertBlobW = status * 2;
+
+ remdesk_prepare_ctl_header(&(pdu.ctlHeader), REMDESK_CTL_AUTHENTICATE, cbExpertBlobW);
+
+ s = Stream_New(NULL, REMDESK_CHANNEL_CTL_SIZE + pdu.ctlHeader.DataLength);
+
+ remdesk_write_ctl_header(s, &(pdu.ctlHeader));
+
+ Stream_Write(s, (BYTE*) expertBlobW, cbExpertBlobW);
+
+ Stream_SealLength(s);
+
+ remdesk_virtual_channel_write(remdesk, s);
+
+ free(expertBlobW);
+
+ return 1;
+}
+
+int remdesk_send_ctl_expert_on_vista_pdu(remdeskPlugin* remdesk)
+{
+ wStream* s;
+ BYTE EncryptedPassword[32];
+ REMDESK_CTL_EXPERT_ON_VISTA_PDU pdu;
+
+ ZeroMemory(EncryptedPassword, 32);
+
+ pdu.EncryptedPasswordLength = 32;
+ pdu.EncryptedPassword = (BYTE*) EncryptedPassword;
+
+ remdesk_prepare_ctl_header(&(pdu.ctlHeader), REMDESK_CTL_EXPERT_ON_VISTA,
+ pdu.EncryptedPasswordLength);
+
+ s = Stream_New(NULL, REMDESK_CHANNEL_CTL_SIZE + pdu.ctlHeader.DataLength);
+
+ remdesk_write_ctl_header(s, &(pdu.ctlHeader));
+
+ Stream_Write(s, pdu.EncryptedPassword, pdu.EncryptedPasswordLength);
+
+ Stream_SealLength(s);
+
+ remdesk_virtual_channel_write(remdesk, s);
+
+ return 1;
+}
+
int remdesk_recv_ctl_pdu(remdeskPlugin* remdesk, wStream* s, REMDESK_CHANNEL_HEADER* header)
{
int status = 1;
- UINT32 msgType;
+ UINT32 msgType = 0;
+ UINT32 result = 0;
if (Stream_GetRemainingLength(s) < 4)
return -1;
break;
case REMDESK_CTL_RESULT:
+ status = remdesk_recv_result_pdu(remdesk, s, header, &result);
break;
case REMDESK_CTL_AUTHENTICATE:
case REMDESK_CTL_VERSIONINFO:
status = remdesk_recv_ctl_version_info_pdu(remdesk, s, header);
+
+ if (status >= 0)
+ status = remdesk_send_ctl_version_info_pdu(remdesk);
+
break;
case REMDESK_CTL_ISCONNECTED:
if (!buffer)
return -1;
- SHA_Init(&hashCtx);
- SHA_Update(&hashCtx, pad1, 64);
- SHA_Final((void*) buffer, &hashCtx);
+ SHA1_Init(&hashCtx);
+ SHA1_Update(&hashCtx, pad1, 64);
+ SHA1_Final((void*) buffer, &hashCtx);
- SHA_Init(&hashCtx);
- SHA_Update(&hashCtx, pad2, 64);
- SHA_Final((void*) &buffer[hashLength], &hashCtx);
+ SHA1_Init(&hashCtx);
+ SHA1_Update(&hashCtx, pad2, 64);
+ SHA1_Final((void*) &buffer[hashLength], &hashCtx);
CopyMemory(key, buffer, keyLength);
printf("EncryptedPassStub (%d):\n", file->EncryptedPassStubLength);
winpr_HexDump(file->EncryptedPassStub, file->EncryptedPassStubLength);
+ free(PlainBlob);
+ free(PasswordW);
+ free(PassStubW);
+
return 1;
}
BYTE *pbIn, *pbOut;
int cbOut, cbIn, cbFinal;
BYTE DerivedKey[AES_BLOCK_SIZE];
+ BYTE InitializationVector[AES_BLOCK_SIZE];
BYTE PasswordHash[SHA_DIGEST_LENGTH];
status = ConvertToUnicode(CP_UTF8, 0, password, -1, &PasswordW, 0);
cbPasswordW = (status - 1) * 2;
- SHA_Init(&shaCtx);
- SHA_Update(&shaCtx, PasswordW, cbPasswordW);
- SHA_Final((void*) PasswordHash, &shaCtx);
+ SHA1_Init(&shaCtx);
+ SHA1_Update(&shaCtx, PasswordW, cbPasswordW);
+ SHA1_Final((void*) PasswordHash, &shaCtx);
status = freerdp_client_assistance_crypt_derive_key_sha1(PasswordHash, sizeof(PasswordHash),
DerivedKey, sizeof(DerivedKey));
if (status < 0)
return -1;
+ ZeroMemory(InitializationVector, sizeof(InitializationVector));
+
EVP_CIPHER_CTX_init(&aesDec);
+ status = EVP_DecryptInit_ex(&aesDec, EVP_aes_128_cbc(), NULL, NULL, NULL);
+
+ if (status != 1)
+ return -1;
+
+ EVP_CIPHER_CTX_set_key_length(&aesDec, (128 / 8));
EVP_CIPHER_CTX_set_padding(&aesDec, 0);
- status = EVP_DecryptInit_ex(&aesDec, EVP_aes_128_cbc(), NULL, DerivedKey, NULL);
+ status = EVP_DecryptInit_ex(&aesDec, EVP_aes_128_cbc(), NULL, DerivedKey, InitializationVector);
if (status != 1)
return -1;
cbOut = cbFinal = 0;
cbIn = file->EncryptedLHTicketLength;
- file->ConnectionString2 = (char*) calloc(1, cbOut + AES_BLOCK_SIZE);
+ file->ConnectionString2 = (char*) calloc(1, cbIn + AES_BLOCK_SIZE);
if (!file->ConnectionString2)
return -1;
status = EVP_DecryptFinal_ex(&aesDec, pbOut + cbOut, &cbFinal);
- /* FIXME: still fails */
-
if (status != 1)
{
fprintf(stderr, "EVP_DecryptFinal_ex failure\n");
EVP_CIPHER_CTX_cleanup(&aesDec);
+ free(PasswordW);
+
return 1;
}
free(file->LHTicket);
free(file->RCTicket);
free(file->PassStub);
+ free(file->ConnectionString1);
free(file->ConnectionString2);
free(file->EncryptedLHTicket);
+ free(file->RASessionId);
+ free(file->RASpecificParams);
+ free(file->MachineAddress);
+ free(file->EncryptedPassStub);
free(file);
}