From 458b59d85b3a27fac3377a72a708cf9120b08657 Mon Sep 17 00:00:00 2001 From: Matt Chapman Date: Sun, 14 Jul 2002 12:06:03 +0000 Subject: [PATCH] The 128-bit change broke licensing when used with 40-bit encryption (sec_sign is also used from licence.c). Fix from Lars Heete. git-svn-id: svn://svn.code.sf.net/p/rdesktop/code/trunk/rdesktop@60 423420c4-83ab-492f-b58f-81f9feb106b5 --- licence.c | 4 ++-- proto.h | 2 +- secure.c | 10 +++++----- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/licence.c b/licence.c index c312d3f..d75e89d 100644 --- a/licence.c +++ b/licence.c @@ -162,7 +162,7 @@ licence_process_demand(STREAM s) /* Generate a signature for the HWID buffer */ licence_generate_hwid(hwid); - sec_sign(signature, licence_sign_key, 16, hwid, sizeof(hwid)); + sec_sign(signature, 16, licence_sign_key, 16, hwid, sizeof(hwid)); /* Now encrypt the HWID */ RC4_set_key(&crypt_key, 16, licence_key); @@ -245,7 +245,7 @@ licence_process_authreq(STREAM s) licence_generate_hwid(hwid); memcpy(sealed_buffer, decrypt_token, LICENCE_TOKEN_SIZE); memcpy(sealed_buffer + LICENCE_TOKEN_SIZE, hwid, LICENCE_HWID_SIZE); - sec_sign(out_sig, licence_sign_key, 16, + sec_sign(out_sig, 16, licence_sign_key, 16, sealed_buffer, sizeof(sealed_buffer)); /* Deliberately break signature if licencing disabled */ diff --git a/proto.h b/proto.h index cfaffec..33681a3 100644 --- a/proto.h +++ b/proto.h @@ -49,7 +49,7 @@ void rdp_disconnect(void); void sec_hash_48(uint8 *out, uint8 *in, uint8 *salt1, uint8 *salt2, uint8 salt); void sec_hash_16(uint8 *out, uint8 *in, uint8 *salt1, uint8 *salt2); void buf_out_uint32(uint8 *buffer, uint32 value); -void sec_sign(uint8 *signature, uint8 *session_key, int length, uint8 *data, int datalen); +void sec_sign(uint8 *signature, int siglen, uint8 *session_key, int keylen, uint8 *data, int datalen); STREAM sec_init(uint32 flags, int maxlen); void sec_send(STREAM s, uint32 flags); STREAM sec_recv(void); diff --git a/secure.c b/secure.c index ac54a6a..bb9fd3d 100644 --- a/secure.c +++ b/secure.c @@ -181,7 +181,7 @@ buf_out_uint32(uint8 *buffer, uint32 value) /* Generate a signature hash, using a combination of SHA1 and MD5 */ void -sec_sign(uint8 *signature, uint8 *session_key, int length, +sec_sign(uint8 *signature, int siglen, uint8 *session_key, int keylen, uint8 *data, int datalen) { uint8 shasig[20]; @@ -193,19 +193,19 @@ sec_sign(uint8 *signature, uint8 *session_key, int length, buf_out_uint32(lenhdr, datalen); SHA1_Init(&sha); - SHA1_Update(&sha, session_key, rc4_key_len); + SHA1_Update(&sha, session_key, keylen); SHA1_Update(&sha, pad_54, 40); SHA1_Update(&sha, lenhdr, 4); SHA1_Update(&sha, data, datalen); SHA1_Final(shasig, &sha); MD5_Init(&md5); - MD5_Update(&md5, session_key, rc4_key_len); + MD5_Update(&md5, session_key, keylen); MD5_Update(&md5, pad_92, 48); MD5_Update(&md5, shasig, 20); MD5_Final(md5sig, &md5); - memcpy(signature, md5sig, length); + memcpy(signature, md5sig, siglen); } /* Update an encryption key - similar to the signing process */ @@ -358,7 +358,7 @@ sec_send(STREAM s, uint32 flags) hexdump(s->p + 8, datalen); #endif - sec_sign(s->p, sec_sign_key, 8, s->p + 8, datalen); + sec_sign(s->p, 8, sec_sign_key, rc4_key_len, s->p + 8, datalen); sec_encrypt(s->p + 8, datalen); }