FreeRDP
Macros | Functions | Variables
libfreerdp/core/security.c File Reference
#include <freerdp/config.h>
#include "security.h"
#include <freerdp/log.h>
#include <winpr/crypto.h>

Macros

#define TAG   FREERDP_TAG("core")
 

Functions

static BOOL security_salted_hash (const BYTE *salt, const BYTE *input, size_t length, const BYTE *salt1, const BYTE *salt2, BYTE *output)
 
static BOOL security_premaster_hash (const char *input, int length, const BYTE *premaster_secret, const BYTE *client_random, const BYTE *server_random, BYTE *output)
 
BOOL security_master_secret (const BYTE *premaster_secret, const BYTE *client_random, const BYTE *server_random, BYTE *output)
 
static BOOL security_master_hash (const char *input, int length, const BYTE *master_secret, const BYTE *client_random, const BYTE *server_random, BYTE *output)
 
BOOL security_session_key_blob (const BYTE *master_secret, const BYTE *client_random, const BYTE *server_random, BYTE *output)
 
void security_mac_salt_key (const BYTE *session_key_blob, const BYTE *client_random, const BYTE *server_random, BYTE *output)
 
static BOOL security_md5_16_32_32 (const BYTE *in0, const BYTE *in1, const BYTE *in2, BYTE *output)
 
static BOOL security_md5_16_32_32_Allow_FIPS (const BYTE *in0, const BYTE *in1, const BYTE *in2, BYTE *output)
 
BOOL security_licensing_encryption_key (const BYTE *session_key_blob, const BYTE *client_random, const BYTE *server_random, BYTE *output)
 
static void security_UINT32_le (BYTE *output, UINT32 value)
 
BOOL security_mac_data (const BYTE *mac_salt_key, const BYTE *data, UINT32 length, BYTE *output)
 
BOOL security_mac_signature (rdpRdp *rdp, const BYTE *data, UINT32 length, BYTE *output)
 
BOOL security_salted_mac_signature (rdpRdp *rdp, const BYTE *data, UINT32 length, BOOL encryption, BYTE *output)
 
static BOOL security_A (BYTE *master_secret, const BYTE *client_random, BYTE *server_random, BYTE *output)
 
static BOOL security_X (BYTE *master_secret, const BYTE *client_random, BYTE *server_random, BYTE *output)
 
static void fips_expand_key_bits (BYTE *in, BYTE *out)
 
BOOL security_establish_keys (const BYTE *client_random, rdpRdp *rdp)
 
static BOOL security_key_update (BYTE *key, BYTE *update_key, size_t key_len, rdpRdp *rdp)
 
BOOL security_encrypt (BYTE *data, size_t length, rdpRdp *rdp)
 
BOOL security_decrypt (BYTE *data, size_t length, rdpRdp *rdp)
 
BOOL security_hmac_signature (const BYTE *data, size_t length, BYTE *output, rdpRdp *rdp)
 
BOOL security_fips_encrypt (BYTE *data, size_t length, rdpRdp *rdp)
 
BOOL security_fips_decrypt (BYTE *data, size_t length, rdpRdp *rdp)
 
BOOL security_fips_check_signature (const BYTE *data, size_t length, const BYTE *sig, rdpRdp *rdp)
 

Variables

static const BYTE pad1 [40]
 
static const BYTE pad2 [48]
 
static const BYTE fips_reverse_table [256]
 
static const BYTE fips_oddparity_table [256]
 

Macro Definition Documentation

◆ TAG

#define TAG   FREERDP_TAG("core")

FreeRDP: A Remote Desktop Protocol Implementation RDP Security

Copyright 2011 Marc-Andre Moreau marca.nosp@m.ndre.nosp@m..more.nosp@m.au@g.nosp@m.mail..nosp@m.com Copyright 2014 Norbert Federa norbe.nosp@m.rt.f.nosp@m.edera.nosp@m.@thi.nosp@m.ncast.nosp@m..com

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at 

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Function Documentation

◆ fips_expand_key_bits()

static void fips_expand_key_bits ( BYTE in,
BYTE out 
)
static
Here is the caller graph for this function:

◆ security_A()

static BOOL security_A ( BYTE master_secret,
const BYTE client_random,
BYTE server_random,
BYTE output 
)
static
Here is the call graph for this function:
Here is the caller graph for this function:

◆ security_decrypt()

BOOL security_decrypt ( BYTE data,
size_t  length,
rdpRdp *  rdp 
)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ security_encrypt()

BOOL security_encrypt ( BYTE data,
size_t  length,
rdpRdp *  rdp 
)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ security_establish_keys()

BOOL security_establish_keys ( const BYTE client_random,
rdpRdp *  rdp 
)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ security_fips_check_signature()

BOOL security_fips_check_signature ( const BYTE data,
size_t  length,
const BYTE sig,
rdpRdp *  rdp 
)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ security_fips_decrypt()

BOOL security_fips_decrypt ( BYTE data,
size_t  length,
rdpRdp *  rdp 
)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ security_fips_encrypt()

BOOL security_fips_encrypt ( BYTE data,
size_t  length,
rdpRdp *  rdp 
)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ security_hmac_signature()

BOOL security_hmac_signature ( const BYTE data,
size_t  length,
BYTE output,
rdpRdp *  rdp 
)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ security_key_update()

static BOOL security_key_update ( BYTE key,
BYTE update_key,
size_t  key_len,
rdpRdp *  rdp 
)
static
Here is the call graph for this function:
Here is the caller graph for this function:

◆ security_licensing_encryption_key()

BOOL security_licensing_encryption_key ( const BYTE session_key_blob,
const BYTE client_random,
const BYTE server_random,
BYTE output 
)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ security_mac_data()

BOOL security_mac_data ( const BYTE mac_salt_key,
const BYTE data,
UINT32  length,
BYTE output 
)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ security_mac_salt_key()

void security_mac_salt_key ( const BYTE session_key_blob,
const BYTE client_random,
const BYTE server_random,
BYTE output 
)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ security_mac_signature()

BOOL security_mac_signature ( rdpRdp *  rdp,
const BYTE data,
UINT32  length,
BYTE output 
)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ security_master_hash()

static BOOL security_master_hash ( const char *  input,
int  length,
const BYTE master_secret,
const BYTE client_random,
const BYTE server_random,
BYTE output 
)
static
Here is the call graph for this function:
Here is the caller graph for this function:

◆ security_master_secret()

BOOL security_master_secret ( const BYTE premaster_secret,
const BYTE client_random,
const BYTE server_random,
BYTE output 
)

FreeRDP: A Remote Desktop Protocol Implementation RDP Security

Copyright 2011 Marc-Andre Moreau marca.nosp@m.ndre.nosp@m..more.nosp@m.au@g.nosp@m.mail..nosp@m.com

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at 

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Here is the call graph for this function:
Here is the caller graph for this function:

◆ security_md5_16_32_32()

static BOOL security_md5_16_32_32 ( const BYTE in0,
const BYTE in1,
const BYTE in2,
BYTE output 
)
static
Here is the call graph for this function:
Here is the caller graph for this function:

◆ security_md5_16_32_32_Allow_FIPS()

static BOOL security_md5_16_32_32_Allow_FIPS ( const BYTE in0,
const BYTE in1,
const BYTE in2,
BYTE output 
)
static
Here is the call graph for this function:
Here is the caller graph for this function:

◆ security_premaster_hash()

static BOOL security_premaster_hash ( const char *  input,
int  length,
const BYTE premaster_secret,
const BYTE client_random,
const BYTE server_random,
BYTE output 
)
static
Here is the call graph for this function:
Here is the caller graph for this function:

◆ security_salted_hash()

static BOOL security_salted_hash ( const BYTE salt,
const BYTE input,
size_t  length,
const BYTE salt1,
const BYTE salt2,
BYTE output 
)
static
Here is the call graph for this function:
Here is the caller graph for this function:

◆ security_salted_mac_signature()

BOOL security_salted_mac_signature ( rdpRdp *  rdp,
const BYTE data,
UINT32  length,
BOOL  encryption,
BYTE output 
)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ security_session_key_blob()

BOOL security_session_key_blob ( const BYTE master_secret,
const BYTE client_random,
const BYTE server_random,
BYTE output 
)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ security_UINT32_le()

static void security_UINT32_le ( BYTE output,
UINT32  value 
)
static
Here is the call graph for this function:
Here is the caller graph for this function:

◆ security_X()

static BOOL security_X ( BYTE master_secret,
const BYTE client_random,
BYTE server_random,
BYTE output 
)
static
Here is the call graph for this function:
Here is the caller graph for this function:

Variable Documentation

◆ fips_oddparity_table

const BYTE fips_oddparity_table[256]
static
Initial value:
= {
0x01, 0x01, 0x02, 0x02, 0x04, 0x04, 0x07, 0x07, 0x08, 0x08, 0x0b, 0x0b, 0x0d, 0x0d, 0x0e, 0x0e,
0x10, 0x10, 0x13, 0x13, 0x15, 0x15, 0x16, 0x16, 0x19, 0x19, 0x1a, 0x1a, 0x1c, 0x1c, 0x1f, 0x1f,
0x20, 0x20, 0x23, 0x23, 0x25, 0x25, 0x26, 0x26, 0x29, 0x29, 0x2a, 0x2a, 0x2c, 0x2c, 0x2f, 0x2f,
0x31, 0x31, 0x32, 0x32, 0x34, 0x34, 0x37, 0x37, 0x38, 0x38, 0x3b, 0x3b, 0x3d, 0x3d, 0x3e, 0x3e,
0x40, 0x40, 0x43, 0x43, 0x45, 0x45, 0x46, 0x46, 0x49, 0x49, 0x4a, 0x4a, 0x4c, 0x4c, 0x4f, 0x4f,
0x51, 0x51, 0x52, 0x52, 0x54, 0x54, 0x57, 0x57, 0x58, 0x58, 0x5b, 0x5b, 0x5d, 0x5d, 0x5e, 0x5e,
0x61, 0x61, 0x62, 0x62, 0x64, 0x64, 0x67, 0x67, 0x68, 0x68, 0x6b, 0x6b, 0x6d, 0x6d, 0x6e, 0x6e,
0x70, 0x70, 0x73, 0x73, 0x75, 0x75, 0x76, 0x76, 0x79, 0x79, 0x7a, 0x7a, 0x7c, 0x7c, 0x7f, 0x7f,
0x80, 0x80, 0x83, 0x83, 0x85, 0x85, 0x86, 0x86, 0x89, 0x89, 0x8a, 0x8a, 0x8c, 0x8c, 0x8f, 0x8f,
0x91, 0x91, 0x92, 0x92, 0x94, 0x94, 0x97, 0x97, 0x98, 0x98, 0x9b, 0x9b, 0x9d, 0x9d, 0x9e, 0x9e,
0xa1, 0xa1, 0xa2, 0xa2, 0xa4, 0xa4, 0xa7, 0xa7, 0xa8, 0xa8, 0xab, 0xab, 0xad, 0xad, 0xae, 0xae,
0xb0, 0xb0, 0xb3, 0xb3, 0xb5, 0xb5, 0xb6, 0xb6, 0xb9, 0xb9, 0xba, 0xba, 0xbc, 0xbc, 0xbf, 0xbf,
0xc1, 0xc1, 0xc2, 0xc2, 0xc4, 0xc4, 0xc7, 0xc7, 0xc8, 0xc8, 0xcb, 0xcb, 0xcd, 0xcd, 0xce, 0xce,
0xd0, 0xd0, 0xd3, 0xd3, 0xd5, 0xd5, 0xd6, 0xd6, 0xd9, 0xd9, 0xda, 0xda, 0xdc, 0xdc, 0xdf, 0xdf,
0xe0, 0xe0, 0xe3, 0xe3, 0xe5, 0xe5, 0xe6, 0xe6, 0xe9, 0xe9, 0xea, 0xea, 0xec, 0xec, 0xef, 0xef,
0xf1, 0xf1, 0xf2, 0xf2, 0xf4, 0xf4, 0xf7, 0xf7, 0xf8, 0xf8, 0xfb, 0xfb, 0xfd, 0xfd, 0xfe, 0xfe
}

◆ fips_reverse_table

const BYTE fips_reverse_table[256]
static
Initial value:
= {
0x00, 0x80, 0x40, 0xc0, 0x20, 0xa0, 0x60, 0xe0, 0x10, 0x90, 0x50, 0xd0, 0x30, 0xb0, 0x70, 0xf0,
0x08, 0x88, 0x48, 0xc8, 0x28, 0xa8, 0x68, 0xe8, 0x18, 0x98, 0x58, 0xd8, 0x38, 0xb8, 0x78, 0xf8,
0x04, 0x84, 0x44, 0xc4, 0x24, 0xa4, 0x64, 0xe4, 0x14, 0x94, 0x54, 0xd4, 0x34, 0xb4, 0x74, 0xf4,
0x0c, 0x8c, 0x4c, 0xcc, 0x2c, 0xac, 0x6c, 0xec, 0x1c, 0x9c, 0x5c, 0xdc, 0x3c, 0xbc, 0x7c, 0xfc,
0x02, 0x82, 0x42, 0xc2, 0x22, 0xa2, 0x62, 0xe2, 0x12, 0x92, 0x52, 0xd2, 0x32, 0xb2, 0x72, 0xf2,
0x0a, 0x8a, 0x4a, 0xca, 0x2a, 0xaa, 0x6a, 0xea, 0x1a, 0x9a, 0x5a, 0xda, 0x3a, 0xba, 0x7a, 0xfa,
0x06, 0x86, 0x46, 0xc6, 0x26, 0xa6, 0x66, 0xe6, 0x16, 0x96, 0x56, 0xd6, 0x36, 0xb6, 0x76, 0xf6,
0x0e, 0x8e, 0x4e, 0xce, 0x2e, 0xae, 0x6e, 0xee, 0x1e, 0x9e, 0x5e, 0xde, 0x3e, 0xbe, 0x7e, 0xfe,
0x01, 0x81, 0x41, 0xc1, 0x21, 0xa1, 0x61, 0xe1, 0x11, 0x91, 0x51, 0xd1, 0x31, 0xb1, 0x71, 0xf1,
0x09, 0x89, 0x49, 0xc9, 0x29, 0xa9, 0x69, 0xe9, 0x19, 0x99, 0x59, 0xd9, 0x39, 0xb9, 0x79, 0xf9,
0x05, 0x85, 0x45, 0xc5, 0x25, 0xa5, 0x65, 0xe5, 0x15, 0x95, 0x55, 0xd5, 0x35, 0xb5, 0x75, 0xf5,
0x0d, 0x8d, 0x4d, 0xcd, 0x2d, 0xad, 0x6d, 0xed, 0x1d, 0x9d, 0x5d, 0xdd, 0x3d, 0xbd, 0x7d, 0xfd,
0x03, 0x83, 0x43, 0xc3, 0x23, 0xa3, 0x63, 0xe3, 0x13, 0x93, 0x53, 0xd3, 0x33, 0xb3, 0x73, 0xf3,
0x0b, 0x8b, 0x4b, 0xcb, 0x2b, 0xab, 0x6b, 0xeb, 0x1b, 0x9b, 0x5b, 0xdb, 0x3b, 0xbb, 0x7b, 0xfb,
0x07, 0x87, 0x47, 0xc7, 0x27, 0xa7, 0x67, 0xe7, 0x17, 0x97, 0x57, 0xd7, 0x37, 0xb7, 0x77, 0xf7,
0x0f, 0x8f, 0x4f, 0xcf, 0x2f, 0xaf, 0x6f, 0xef, 0x1f, 0x9f, 0x5f, 0xdf, 0x3f, 0xbf, 0x7f, 0xff
}

◆ pad1

const BYTE pad1[40]
static
Initial value:
= { "\x36\x36\x36\x36\x36\x36\x36\x36"
"\x36\x36\x36\x36\x36\x36\x36\x36"
"\x36\x36\x36\x36\x36\x36\x36\x36"
"\x36\x36\x36\x36\x36\x36\x36\x36"
"\x36\x36\x36\x36\x36\x36\x36\x36" }

◆ pad2

const BYTE pad2[48]
static
Initial value:
= { "\x5C\x5C\x5C\x5C\x5C\x5C\x5C\x5C"
"\x5C\x5C\x5C\x5C\x5C\x5C\x5C\x5C"
"\x5C\x5C\x5C\x5C\x5C\x5C\x5C\x5C"
"\x5C\x5C\x5C\x5C\x5C\x5C\x5C\x5C"
"\x5C\x5C\x5C\x5C\x5C\x5C\x5C\x5C"
"\x5C\x5C\x5C\x5C\x5C\x5C\x5C\x5C" }