1 /* -*- c-basic-offset: 8 -*-
2 rdesktop: A Remote Desktop Protocol client.
3 RDP licensing negotiation
4 Copyright (C) Matthew Chapman 1999-2005
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 2 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program; if not, write to the Free Software
18 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
22 //#include <openssl/rc4.h>
25 ssl_rc4_info_create(void);
27 ssl_rc4_info_delete(void * rc4_info
);
29 ssl_rc4_set_key(void * rc4_info
, char * key
, int len
);
31 ssl_rc4_crypt(void * rc4_info
, char * in_data
, char * out_data
, int len
);
33 ssl_mod_exp(char* out
, int out_len
, char* in
, int in_len
,
34 char* mod
, int mod_len
, char* exp
, int exp_len
);
36 extern char g_username
[];
37 extern char g_hostname
[];
39 static uint8 g_licence_key
[16];
40 static uint8 g_licence_sign_key
[16];
42 BOOL g_licence_issued
= False
;
44 /* Generate a session key and RC4 keys, given client and server randoms */
46 licence_generate_keys(uint8
* client_random
, uint8
* server_random
, uint8
* pre_master_secret
)
48 uint8 master_secret
[48];
51 /* Generate master secret and then key material */
52 sec_hash_48(master_secret
, pre_master_secret
, client_random
, server_random
, 'A');
53 sec_hash_48(key_block
, master_secret
, server_random
, client_random
, 'A');
55 /* Store first 16 bytes of session key as MAC secret */
56 memcpy(g_licence_sign_key
, key_block
, 16);
58 /* Generate RC4 key from next 16 bytes */
59 sec_hash_16(g_licence_key
, &key_block
[16], client_random
, server_random
);
63 licence_generate_hwid(uint8
* hwid
)
65 buf_out_uint32(hwid
, 2);
66 strncpy((char *) (hwid
+ 4), g_hostname
, LICENCE_HWID_SIZE
- 4);
69 /* Present an existing licence to the server */
71 licence_present(uint8
* client_random
, uint8
* rsa_data
,
72 uint8
* licence_data
, int licence_size
, uint8
* hwid
, uint8
* signature
)
74 uint32 sec_flags
= SEC_LICENCE_NEG
;
76 16 + SEC_RANDOM_SIZE
+ SEC_MODULUS_SIZE
+ SEC_PADDING_SIZE
+
77 licence_size
+ LICENCE_HWID_SIZE
+ LICENCE_SIGNATURE_SIZE
;
80 s
= sec_init(sec_flags
, length
+ 4);
82 out_uint8(s
, LICENCE_TAG_PRESENT
);
83 out_uint8(s
, 2); /* version */
84 out_uint16_le(s
, length
);
88 out_uint16_le(s
, 0x0201);
90 out_uint8p(s
, client_random
, SEC_RANDOM_SIZE
);
92 out_uint16_le(s
, (SEC_MODULUS_SIZE
+ SEC_PADDING_SIZE
));
93 out_uint8p(s
, rsa_data
, SEC_MODULUS_SIZE
);
94 out_uint8s(s
, SEC_PADDING_SIZE
);
97 out_uint16_le(s
, licence_size
);
98 out_uint8p(s
, licence_data
, licence_size
);
101 out_uint16_le(s
, LICENCE_HWID_SIZE
);
102 out_uint8p(s
, hwid
, LICENCE_HWID_SIZE
);
104 out_uint8p(s
, signature
, LICENCE_SIGNATURE_SIZE
);
107 sec_send(s
, sec_flags
);
110 /* Send a licence request packet */
112 licence_send_request(uint8
* client_random
, uint8
* rsa_data
, char *user
, char *host
)
114 uint32 sec_flags
= SEC_LICENCE_NEG
;
115 uint16 userlen
= strlen(user
) + 1;
116 uint16 hostlen
= strlen(host
) + 1;
117 uint16 length
= 128 + userlen
+ hostlen
;
120 s
= sec_init(sec_flags
, length
+ 2);
122 out_uint8(s
, LICENCE_TAG_REQUEST
);
123 out_uint8(s
, 2); /* version */
124 out_uint16_le(s
, length
);
128 out_uint16_le(s
, 0xff01);
130 out_uint8p(s
, client_random
, SEC_RANDOM_SIZE
);
132 out_uint16_le(s
, (SEC_MODULUS_SIZE
+ SEC_PADDING_SIZE
));
133 out_uint8p(s
, rsa_data
, SEC_MODULUS_SIZE
);
134 out_uint8s(s
, SEC_PADDING_SIZE
);
136 out_uint16_le(s
, LICENCE_TAG_USER
);
137 out_uint16_le(s
, userlen
);
138 out_uint8p(s
, user
, userlen
);
140 out_uint16_le(s
, LICENCE_TAG_HOST
);
141 out_uint16_le(s
, hostlen
);
142 out_uint8p(s
, host
, hostlen
);
145 sec_send(s
, sec_flags
);
148 /* Process a licence demand packet */
150 licence_process_demand(STREAM s
)
152 uint8 null_data
[SEC_MODULUS_SIZE
];
153 uint8
*server_random
;
154 uint8 signature
[LICENCE_SIGNATURE_SIZE
];
155 uint8 hwid
[LICENCE_HWID_SIZE
];
160 /* Retrieve the server random from the incoming packet */
161 in_uint8p(s
, server_random
, SEC_RANDOM_SIZE
);
163 /* We currently use null client keys. This is a bit naughty but, hey,
164 the security of licence negotiation isn't exactly paramount. */
165 memset(null_data
, 0, sizeof(null_data
));
166 licence_generate_keys(null_data
, server_random
, null_data
);
168 licence_size
= load_licence(&licence_data
);
169 if (licence_size
> 0)
171 /* Generate a signature for the HWID buffer */
172 licence_generate_hwid(hwid
);
173 sec_sign(signature
, 16, g_licence_sign_key
, 16, hwid
, sizeof(hwid
));
175 /* Now encrypt the HWID */
176 crypt_key
= ssl_rc4_info_create();
177 ssl_rc4_set_key(crypt_key
, (char *)g_licence_key
, 16);
178 ssl_rc4_crypt(crypt_key
, (char *)hwid
, (char *)hwid
, sizeof(hwid
));
179 ssl_rc4_info_delete(crypt_key
);
181 licence_present(null_data
, null_data
, licence_data
, licence_size
, hwid
, signature
);
186 licence_send_request(null_data
, null_data
, g_username
, g_hostname
);
189 /* Send an authentication response packet */
191 licence_send_authresp(uint8
* token
, uint8
* crypt_hwid
, uint8
* signature
)
193 uint32 sec_flags
= SEC_LICENCE_NEG
;
197 s
= sec_init(sec_flags
, length
+ 2);
199 out_uint8(s
, LICENCE_TAG_AUTHRESP
);
200 out_uint8(s
, 2); /* version */
201 out_uint16_le(s
, length
);
204 out_uint16_le(s
, LICENCE_TOKEN_SIZE
);
205 out_uint8p(s
, token
, LICENCE_TOKEN_SIZE
);
208 out_uint16_le(s
, LICENCE_HWID_SIZE
);
209 out_uint8p(s
, crypt_hwid
, LICENCE_HWID_SIZE
);
211 out_uint8p(s
, signature
, LICENCE_SIGNATURE_SIZE
);
214 sec_send(s
, sec_flags
);
217 /* Parse an authentication request packet */
219 licence_parse_authreq(STREAM s
, uint8
** token
, uint8
** signature
)
223 in_uint8s(s
, 6); /* unknown: f8 3d 15 00 04 f6 */
225 in_uint16_le(s
, tokenlen
);
226 if (tokenlen
!= LICENCE_TOKEN_SIZE
)
228 error("token len %d\n", tokenlen
);
232 in_uint8p(s
, *token
, tokenlen
);
233 in_uint8p(s
, *signature
, LICENCE_SIGNATURE_SIZE
);
235 return s_check_end(s
);
238 /* Process an authentication request packet */
240 licence_process_authreq(STREAM s
)
242 uint8
*in_token
= NULL
, *in_sig
;
243 uint8 out_token
[LICENCE_TOKEN_SIZE
], decrypt_token
[LICENCE_TOKEN_SIZE
];
244 uint8 hwid
[LICENCE_HWID_SIZE
], crypt_hwid
[LICENCE_HWID_SIZE
];
245 uint8 sealed_buffer
[LICENCE_TOKEN_SIZE
+ LICENCE_HWID_SIZE
];
246 uint8 out_sig
[LICENCE_SIGNATURE_SIZE
];
249 /* Parse incoming packet and save the encrypted token */
250 licence_parse_authreq(s
, &in_token
, &in_sig
);
251 memcpy(out_token
, in_token
, LICENCE_TOKEN_SIZE
);
253 /* Decrypt the token. It should read TEST in Unicode. */
254 crypt_key
= ssl_rc4_info_create();
255 ssl_rc4_set_key(crypt_key
, (char *)g_licence_key
, 16);
256 ssl_rc4_crypt(crypt_key
, (char *)in_token
, (char *)decrypt_token
, LICENCE_TOKEN_SIZE
);
257 ssl_rc4_info_delete(crypt_key
);
259 /* Generate a signature for a buffer of token and HWID */
260 licence_generate_hwid(hwid
);
261 memcpy(sealed_buffer
, decrypt_token
, LICENCE_TOKEN_SIZE
);
262 memcpy(sealed_buffer
+ LICENCE_TOKEN_SIZE
, hwid
, LICENCE_HWID_SIZE
);
263 sec_sign(out_sig
, 16, g_licence_sign_key
, 16, sealed_buffer
, sizeof(sealed_buffer
));
265 /* Now encrypt the HWID */
266 crypt_key
= ssl_rc4_info_create();
267 ssl_rc4_set_key(crypt_key
, (char *)g_licence_key
, 16);
268 ssl_rc4_crypt(crypt_key
, (char *)hwid
, (char *)crypt_hwid
, LICENCE_HWID_SIZE
);
269 ssl_rc4_info_delete(crypt_key
);
271 licence_send_authresp(out_token
, crypt_hwid
, out_sig
);
274 /* Process an licence issue packet */
276 licence_process_issue(STREAM s
)
283 in_uint8s(s
, 2); /* 3d 45 - unknown */
284 in_uint16_le(s
, length
);
285 if (!s_check_rem(s
, length
))
288 crypt_key
= ssl_rc4_info_create();
289 ssl_rc4_set_key(crypt_key
, (char *)g_licence_key
, 16);
290 ssl_rc4_crypt(crypt_key
, (char *)s
->p
, (char *)s
->p
, length
);
291 ssl_rc4_info_delete(crypt_key
);
297 g_licence_issued
= True
;
299 in_uint8s(s
, 2); /* pad */
301 /* advance to fourth string */
303 for (i
= 0; i
< 4; i
++)
305 in_uint8s(s
, length
);
306 in_uint32_le(s
, length
);
307 if (!s_check_rem(s
, length
))
311 g_licence_issued
= True
;
312 save_licence(s
->p
, length
);
315 /* Process a licence packet */
317 licence_process(STREAM s
)
322 in_uint8s(s
, 3); /* version, length */
326 case LICENCE_TAG_DEMAND
:
327 licence_process_demand(s
);
330 case LICENCE_TAG_AUTHREQ
:
331 licence_process_authreq(s
);
334 case LICENCE_TAG_ISSUE
:
335 licence_process_issue(s
);
338 case LICENCE_TAG_REISSUE
:
339 case LICENCE_TAG_RESULT
:
343 unimpl("licence tag 0x%x\n", tag
);