From 4ca6b9bf1053751194f37568dcc03bf986d77eb8 Mon Sep 17 00:00:00 2001
From: Armin Novak <armin.novak@gmail.com>
Date: Wed, 24 Feb 2016 20:39:49 +0100
Subject: [PATCH] Unified random functions and remaining MD5.

---
 libfreerdp/common/assistance.c       | 30 +++++++++++++++++++++---------
 libfreerdp/core/autodetect.c         |  6 ++++--
 libfreerdp/core/gateway/ncacn_http.c |  2 --
 libfreerdp/core/gateway/ntlm.c       |  1 -
 libfreerdp/core/gateway/rpc.c        |  1 -
 libfreerdp/core/gateway/rts.c        |  3 ++-
 libfreerdp/crypto/crypto.c           |  3 ++-
 7 files changed, 29 insertions(+), 17 deletions(-)

diff --git a/libfreerdp/common/assistance.c b/libfreerdp/common/assistance.c
index 9e4702e..c69d729 100644
--- a/libfreerdp/common/assistance.c
+++ b/libfreerdp/common/assistance.c
@@ -22,16 +22,13 @@
 #endif
 
 #include <winpr/crt.h>
+#include <winpr/crypto.h>
 #include <winpr/print.h>
 #include <winpr/windows.h>
 
 #include <openssl/ssl.h>
-#include <openssl/md5.h>
-#include <openssl/rc4.h>
-#include <openssl/sha.h>
 #include <openssl/evp.h>
 #include <openssl/aes.h>
-#include <openssl/rand.h>
 #include <openssl/engine.h>
 
 #include <freerdp/log.h>
@@ -523,7 +520,7 @@ char* freerdp_assistance_generate_pass_stub(DWORD flags)
 	 * Example: WB^6HsrIaFmEpi
 	 */
 
-	RAND_bytes((BYTE*) nums, sizeof(nums));
+	winpr_RAND((BYTE*) nums, sizeof(nums));
 
 	passStub[0] = set1[nums[0] % sizeof(set1)]; /* character 0 */
 	passStub[1] = set2[nums[1] % sizeof(set2)]; /* character 1 */
@@ -547,7 +544,7 @@ char* freerdp_assistance_generate_pass_stub(DWORD flags)
 BYTE* freerdp_assistance_encrypt_pass_stub(const char* password, const char* passStub, int* pEncryptedSize)
 {
 	int status;
-	MD5_CTX md5Ctx;
+	WINPR_MD5_CTX md5Ctx;
 	int cbPasswordW;
 	int cbPassStubW;
 	int EncryptedSize;
@@ -565,14 +562,29 @@ BYTE* freerdp_assistance_encrypt_pass_stub(const char* password, const char* pas
 
 	cbPasswordW = (status - 1) * 2;
 
-	MD5_Init(&md5Ctx);
-	MD5_Update(&md5Ctx, PasswordW, cbPasswordW);
-	MD5_Final((void*) PasswordHash, &md5Ctx);
+	if (!winpr_MD5_Init(&md5Ctx))
+    {
+        free (PasswordW);
+        return NULL;
+    }
+	if (!winpr_MD5_Update(&md5Ctx, (BYTE*)PasswordW, cbPasswordW))
+    {
+        free (PasswordW);
+        return NULL;
+    }
+	if (!winpr_MD5_Final(&md5Ctx, (BYTE*) PasswordHash))
+    {
+        free (PasswordW);
+        return NULL;
+    }
 
 	status = ConvertToUnicode(CP_UTF8, 0, passStub, -1, &PassStubW, 0);
 
 	if (status <= 0)
+    {
+        free (PasswordW);
 		return NULL;
+    }
 
 	cbPassStubW = (status - 1) * 2;
 
diff --git a/libfreerdp/core/autodetect.c b/libfreerdp/core/autodetect.c
index 1a89737..178e989 100644
--- a/libfreerdp/core/autodetect.c
+++ b/libfreerdp/core/autodetect.c
@@ -21,6 +21,8 @@
 #include "config.h"
 #endif
 
+#include <winpr/crypto.h>
+
 #include "autodetect.h"
 
 #define RDP_RTT_REQUEST_TYPE_CONTINUOUS  0x0001
@@ -173,7 +175,7 @@ BOOL autodetect_send_bandwidth_measure_payload(rdpContext* context, UINT16 paylo
 		return FALSE;
 	}
 
-	RAND_bytes(buffer, payloadLength);
+	winpr_RAND(buffer, payloadLength);
 	Stream_Write(s, buffer, payloadLength);
 
 	bResult = rdp_send_message_channel_pdu(context->rdp, s, SEC_AUTODETECT_REQ);
@@ -225,7 +227,7 @@ static BOOL autodetect_send_bandwidth_measure_stop(rdpContext* context, UINT16 p
 				return FALSE;
 			}
 
-			RAND_bytes(buffer, payloadLength);
+			winpr_RAND(buffer, payloadLength);
 			Stream_Write(s, buffer, payloadLength);
 		}
 	}
diff --git a/libfreerdp/core/gateway/ncacn_http.c b/libfreerdp/core/gateway/ncacn_http.c
index 175aab3..f6f6801 100644
--- a/libfreerdp/core/gateway/ncacn_http.c
+++ b/libfreerdp/core/gateway/ncacn_http.c
@@ -29,8 +29,6 @@
 #include <winpr/dsparse.h>
 #include <winpr/winhttp.h>
 
-#include <openssl/rand.h>
-
 #define TAG FREERDP_TAG("core.gateway.ntlm")
 
 wStream* rpc_ntlm_http_request(rdpRpc* rpc, HttpContext* http, const char* method, int contentLength, SecBuffer* ntlmToken)
diff --git a/libfreerdp/core/gateway/ntlm.c b/libfreerdp/core/gateway/ntlm.c
index c9795b6..ce6925b 100644
--- a/libfreerdp/core/gateway/ntlm.c
+++ b/libfreerdp/core/gateway/ntlm.c
@@ -28,7 +28,6 @@
 #include <winpr/dsparse.h>
 
 #include <freerdp/log.h>
-#include <openssl/rand.h>
 
 #include "http.h"
 
diff --git a/libfreerdp/core/gateway/rpc.c b/libfreerdp/core/gateway/rpc.c
index 16f4af1..d7309b9 100644
--- a/libfreerdp/core/gateway/rpc.c
+++ b/libfreerdp/core/gateway/rpc.c
@@ -30,7 +30,6 @@
 
 #include <freerdp/log.h>
 
-#include <openssl/rand.h>
 #include <openssl/bio.h>
 
 #ifdef HAVE_VALGRIND_MEMCHECK_H
diff --git a/libfreerdp/core/gateway/rts.c b/libfreerdp/core/gateway/rts.c
index 31edc86..df939b9 100644
--- a/libfreerdp/core/gateway/rts.c
+++ b/libfreerdp/core/gateway/rts.c
@@ -22,6 +22,7 @@
 #endif
 
 #include <winpr/crt.h>
+#include <winpr/crypto.h>
 #include <winpr/winhttp.h>
 
 #include <freerdp/log.h>
@@ -422,7 +423,7 @@ int rts_ping_traffic_sent_notify_command_write(BYTE* buffer, UINT32 PingTrafficS
 
 void rts_generate_cookie(BYTE* cookie)
 {
-	RAND_pseudo_bytes(cookie, 16);
+	winpr_RAND(cookie, 16);
 }
 
 /* CONN/A Sequence */
diff --git a/libfreerdp/crypto/crypto.c b/libfreerdp/crypto/crypto.c
index de885bd..654efeb 100644
--- a/libfreerdp/crypto/crypto.c
+++ b/libfreerdp/crypto/crypto.c
@@ -22,6 +22,7 @@
 #endif
 
 #include <winpr/crt.h>
+#include <winpr/crypto.h>
 
 #include <freerdp/log.h>
 #include <freerdp/crypto/crypto.h>
@@ -290,7 +291,7 @@ void crypto_reverse(BYTE* data, int length)
 
 void crypto_nonce(BYTE* nonce, int size)
 {
-	RAND_bytes((void*) nonce, size);
+	winpr_RAND((void*) nonce, size);
 }
 
 char* crypto_cert_fingerprint(X509* xcert)
-- 
2.7.4