The 128-bit change broke licensing when used with 40-bit encryption
(sec_sign is also used from licence.c). Fix from Lars Heete. git-svn-id: svn://svn.code.sf.net/p/rdesktop/code/trunk/rdesktop@60 423420c4-83ab-492f-b58f-81f9feb106b5
This commit is contained in:
parent
68ee90117c
commit
458b59d85b
@ -162,7 +162,7 @@ licence_process_demand(STREAM s)
|
||||
|
||||
/* Generate a signature for the HWID buffer */
|
||||
licence_generate_hwid(hwid);
|
||||
sec_sign(signature, licence_sign_key, 16, hwid, sizeof(hwid));
|
||||
sec_sign(signature, 16, licence_sign_key, 16, hwid, sizeof(hwid));
|
||||
|
||||
/* Now encrypt the HWID */
|
||||
RC4_set_key(&crypt_key, 16, licence_key);
|
||||
@ -245,7 +245,7 @@ licence_process_authreq(STREAM s)
|
||||
licence_generate_hwid(hwid);
|
||||
memcpy(sealed_buffer, decrypt_token, LICENCE_TOKEN_SIZE);
|
||||
memcpy(sealed_buffer + LICENCE_TOKEN_SIZE, hwid, LICENCE_HWID_SIZE);
|
||||
sec_sign(out_sig, licence_sign_key, 16,
|
||||
sec_sign(out_sig, 16, licence_sign_key, 16,
|
||||
sealed_buffer, sizeof(sealed_buffer));
|
||||
|
||||
/* Deliberately break signature if licencing disabled */
|
||||
|
2
proto.h
2
proto.h
@ -49,7 +49,7 @@ void rdp_disconnect(void);
|
||||
void sec_hash_48(uint8 *out, uint8 *in, uint8 *salt1, uint8 *salt2, uint8 salt);
|
||||
void sec_hash_16(uint8 *out, uint8 *in, uint8 *salt1, uint8 *salt2);
|
||||
void buf_out_uint32(uint8 *buffer, uint32 value);
|
||||
void sec_sign(uint8 *signature, uint8 *session_key, int length, uint8 *data, int datalen);
|
||||
void sec_sign(uint8 *signature, int siglen, uint8 *session_key, int keylen, uint8 *data, int datalen);
|
||||
STREAM sec_init(uint32 flags, int maxlen);
|
||||
void sec_send(STREAM s, uint32 flags);
|
||||
STREAM sec_recv(void);
|
||||
|
10
secure.c
10
secure.c
@ -181,7 +181,7 @@ buf_out_uint32(uint8 *buffer, uint32 value)
|
||||
|
||||
/* Generate a signature hash, using a combination of SHA1 and MD5 */
|
||||
void
|
||||
sec_sign(uint8 *signature, uint8 *session_key, int length,
|
||||
sec_sign(uint8 *signature, int siglen, uint8 *session_key, int keylen,
|
||||
uint8 *data, int datalen)
|
||||
{
|
||||
uint8 shasig[20];
|
||||
@ -193,19 +193,19 @@ sec_sign(uint8 *signature, uint8 *session_key, int length,
|
||||
buf_out_uint32(lenhdr, datalen);
|
||||
|
||||
SHA1_Init(&sha);
|
||||
SHA1_Update(&sha, session_key, rc4_key_len);
|
||||
SHA1_Update(&sha, session_key, keylen);
|
||||
SHA1_Update(&sha, pad_54, 40);
|
||||
SHA1_Update(&sha, lenhdr, 4);
|
||||
SHA1_Update(&sha, data, datalen);
|
||||
SHA1_Final(shasig, &sha);
|
||||
|
||||
MD5_Init(&md5);
|
||||
MD5_Update(&md5, session_key, rc4_key_len);
|
||||
MD5_Update(&md5, session_key, keylen);
|
||||
MD5_Update(&md5, pad_92, 48);
|
||||
MD5_Update(&md5, shasig, 20);
|
||||
MD5_Final(md5sig, &md5);
|
||||
|
||||
memcpy(signature, md5sig, length);
|
||||
memcpy(signature, md5sig, siglen);
|
||||
}
|
||||
|
||||
/* Update an encryption key - similar to the signing process */
|
||||
@ -358,7 +358,7 @@ sec_send(STREAM s, uint32 flags)
|
||||
hexdump(s->p + 8, datalen);
|
||||
#endif
|
||||
|
||||
sec_sign(s->p, sec_sign_key, 8, s->p + 8, datalen);
|
||||
sec_sign(s->p, 8, sec_sign_key, rc4_key_len, s->p + 8, datalen);
|
||||
sec_encrypt(s->p + 8, datalen);
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user