FreeRDP
All Data Structures Namespaces Files Functions Variables Typedefs Enumerations Enumerator Modules Pages
license.c
1/*
2 * FreeRDP: A Remote Desktop Protocol Implementation
3 * RDP Licensing
4 *
5 * Copyright 2011-2013 Marc-Andre Moreau <marcandre.moreau@gmail.com>
6 * Copyright 2014 Norbert Federa <norbert.federa@thincast.com>
7 * Copyright 2018 David Fort <contact@hardening-consulting.com>
8 * Copyright 2022,2023 Armin Novak <armin.novak@thincast.com>
9 * Copyright 2022,2023 Thincast Technologies GmbH
10 *
11 * Licensed under the Apache License, Version 2.0 (the "License");
12 * you may not use this file except in compliance with the License.
13 * You may obtain a copy of the License at
14 *
15 * http://www.apache.org/licenses/LICENSE-2.0
16 *
17 * Unless required by applicable law or agreed to in writing, software
18 * distributed under the License is distributed on an "AS IS" BASIS,
19 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
20 * See the License for the specific language governing permissions and
21 * limitations under the License.
22 */
23
24#include <freerdp/config.h>
25
26#include "settings.h"
27
28#include <freerdp/license.h>
29
30#include <winpr/crt.h>
31#include <winpr/assert.h>
32#include <winpr/crypto.h>
33#include <winpr/shell.h>
34#include <winpr/path.h>
35#include <winpr/file.h>
36
37#include <freerdp/log.h>
38
39#include <freerdp/crypto/certificate.h>
40
41#include "license.h"
42
43#include "../crypto/crypto.h"
44#include "../crypto/certificate.h"
45
46#define LICENSE_TAG FREERDP_TAG("core.license")
47
48// #define LICENSE_NULL_CLIENT_RANDOM 1
49// #define LICENSE_NULL_PREMASTER_SECRET 1
50
51// #define WITH_LICENSE_DECRYPT_CHALLENGE_RESPONSE
52
53#define PLATFORM_CHALLENGE_RESPONSE_VERSION 0x0100
54
56enum LicenseRequestType
57{
58 LICENSE_REQUEST = 0x01,
59 PLATFORM_CHALLENGE = 0x02,
60 NEW_LICENSE = 0x03,
61 UPGRADE_LICENSE = 0x04,
62 LICENSE_INFO = 0x12,
63 NEW_LICENSE_REQUEST = 0x13,
64 PLATFORM_CHALLENGE_RESPONSE = 0x15,
65 ERROR_ALERT = 0xFF
66};
67
68/*
69#define LICENSE_PKT_CS_MASK \
70 (LICENSE_INFO | NEW_LICENSE_REQUEST | PLATFORM_CHALLENGE_RESPONSE | ERROR_ALERT)
71#define LICENSE_PKT_SC_MASK \
72 (LICENSE_REQUEST | PLATFORM_CHALLENGE | NEW_LICENSE | UPGRADE_LICENSE | ERROR_ALERT)
73#define LICENSE_PKT_MASK (LICENSE_PKT_CS_MASK | LICENSE_PKT_SC_MASK)
74*/
75#define LICENSE_PREAMBLE_LENGTH 4
76
77/* Cryptographic Lengths */
78
79#define SERVER_RANDOM_LENGTH 32
80#define MASTER_SECRET_LENGTH 48
81#define PREMASTER_SECRET_LENGTH 48
82#define SESSION_KEY_BLOB_LENGTH 48
83#define MAC_SALT_KEY_LENGTH 16
84#define LICENSING_ENCRYPTION_KEY_LENGTH 16
85#define HWID_PLATFORM_ID_LENGTH 4
86// #define HWID_UNIQUE_DATA_LENGTH 16
87#define HWID_LENGTH 20
88// #define LICENSING_PADDING_SIZE 8
89
90/* Preamble Flags */
91
92// #define PREAMBLE_VERSION_2_0 0x02
93#define PREAMBLE_VERSION_3_0 0x03
94// #define LicenseProtocolVersionMask 0x0F
95#define EXTENDED_ERROR_MSG_SUPPORTED 0x80
96
98enum
99{
100 BB_ANY_BLOB = 0x0000,
101 BB_DATA_BLOB = 0x0001,
102 BB_RANDOM_BLOB = 0x0002,
103 BB_CERTIFICATE_BLOB = 0x0003,
104 BB_ERROR_BLOB = 0x0004,
105 BB_ENCRYPTED_DATA_BLOB = 0x0009,
106 BB_KEY_EXCHG_ALG_BLOB = 0x000D,
107 BB_SCOPE_BLOB = 0x000E,
108 BB_CLIENT_USER_NAME_BLOB = 0x000F,
109 BB_CLIENT_MACHINE_NAME_BLOB = 0x0010
110};
111
112/* License Key Exchange Algorithms */
113
114#define KEY_EXCHANGE_ALG_RSA 0x00000001
115
118enum
119{
120 ERR_INVALID_SERVER_CERTIFICATE = 0x00000001,
121 ERR_NO_LICENSE = 0x00000002,
122 ERR_INVALID_MAC = 0x00000003,
123 ERR_INVALID_SCOPE = 0x00000004,
124 ERR_NO_LICENSE_SERVER = 0x00000006,
125 STATUS_VALID_CLIENT = 0x00000007,
126 ERR_INVALID_CLIENT = 0x00000008,
127 ERR_INVALID_PRODUCT_ID = 0x0000000B,
128 ERR_INVALID_MESSAGE_LENGTH = 0x0000000C
129};
130
133enum
134{
135 ST_TOTAL_ABORT = 0x00000001,
136 ST_NO_TRANSITION = 0x00000002,
137 ST_RESET_PHASE_TO_START = 0x00000003,
138 ST_RESEND_LAST_MESSAGE = 0x00000004
139};
140
143enum
144{
145 WIN32_PLATFORM_CHALLENGE_TYPE = 0x0100,
146 WIN16_PLATFORM_CHALLENGE_TYPE = 0x0200,
147 WINCE_PLATFORM_CHALLENGE_TYPE = 0x0300,
148 OTHER_PLATFORM_CHALLENGE_TYPE = 0xFF00
149};
150
153enum
154{
155 LICENSE_DETAIL_SIMPLE = 0x0001,
156 LICENSE_DETAIL_MODERATE = 0x0002,
157 LICENSE_DETAIL_DETAIL = 0x0003
158};
159
160/*
161 * PlatformId:
162 *
163 * The most significant byte of the PlatformId field contains the operating system version of the
164 * client. The second most significant byte of the PlatformId field identifies the ISV that provided
165 * the client image. The remaining two bytes in the PlatformId field are used by the ISV to identify
166 * the build number of the operating system.
167 *
168 * 0x04010000:
169 *
170 * CLIENT_OS_ID_WINNT_POST_52 (0x04000000)
171 * CLIENT_IMAGE_ID_MICROSOFT (0x00010000)
172 */
173enum
174{
175 CLIENT_OS_ID_WINNT_351 = 0x01000000,
176 CLIENT_OS_ID_WINNT_40 = 0x02000000,
177 CLIENT_OS_ID_WINNT_50 = 0x03000000,
178 CLIENT_OS_ID_WINNT_POST_52 = 0x04000000,
179
180 CLIENT_IMAGE_ID_MICROSOFT = 0x00010000,
181 CLIENT_IMAGE_ID_CITRIX = 0x00020000,
182};
183
184struct rdp_license
185{
186 LICENSE_STATE state;
187 LICENSE_TYPE type;
188 rdpRdp* rdp;
189 rdpCertificate* certificate;
190 BYTE HardwareId[HWID_LENGTH];
191 BYTE ClientRandom[CLIENT_RANDOM_LENGTH];
192 BYTE ServerRandom[SERVER_RANDOM_LENGTH];
193 BYTE MasterSecret[MASTER_SECRET_LENGTH];
194 BYTE PremasterSecret[PREMASTER_SECRET_LENGTH];
195 BYTE SessionKeyBlob[SESSION_KEY_BLOB_LENGTH];
196 BYTE MacSaltKey[MAC_SALT_KEY_LENGTH];
197 BYTE LicensingEncryptionKey[LICENSING_ENCRYPTION_KEY_LENGTH];
198 LICENSE_PRODUCT_INFO* ProductInfo;
199 LICENSE_BLOB* ErrorInfo;
200 LICENSE_BLOB* LicenseInfo; /* Client -> Server */
201 LICENSE_BLOB* KeyExchangeList;
202 LICENSE_BLOB* ServerCertificate;
203 LICENSE_BLOB* ClientUserName;
204 LICENSE_BLOB* ClientMachineName;
205 LICENSE_BLOB* PlatformChallenge;
206 LICENSE_BLOB* PlatformChallengeResponse;
207 LICENSE_BLOB* EncryptedPremasterSecret;
208 LICENSE_BLOB* EncryptedPlatformChallenge;
209 LICENSE_BLOB* EncryptedPlatformChallengeResponse;
210 LICENSE_BLOB* EncryptedHardwareId;
211 LICENSE_BLOB* EncryptedLicenseInfo;
212 BYTE MACData[LICENSING_ENCRYPTION_KEY_LENGTH];
213 SCOPE_LIST* ScopeList;
214 UINT32 PacketHeaderLength;
215 UINT32 PreferredKeyExchangeAlg;
216 UINT32 PlatformId;
217 UINT16 ClientType;
218 UINT16 LicenseDetailLevel;
219 BOOL update;
220 wLog* log;
221};
222
223static BOOL license_send_error_alert(rdpLicense* license, UINT32 dwErrorCode,
224 UINT32 dwStateTransition, const LICENSE_BLOB* info);
225static BOOL license_set_state(rdpLicense* license, LICENSE_STATE state);
226static const char* license_get_state_string(LICENSE_STATE state);
227
228static const char* license_preferred_key_exchange_alg_string(UINT32 alg, char* buffer, size_t size)
229{
230 const char* name = NULL;
231
232 switch (alg)
233 {
234 case KEY_EXCHANGE_ALG_RSA:
235 name = "KEY_EXCHANGE_ALG_RSA";
236 break;
237 default:
238 name = "KEY_EXCHANGE_ALG_UNKNOWN";
239 break;
240 }
241
242 (void)_snprintf(buffer, size, "%s [0x%08" PRIx32 "]", name, alg);
243 return buffer;
244}
245
246static const char* license_request_type_string(UINT32 type)
247{
248 switch (type)
249 {
250 case LICENSE_REQUEST:
251 return "LICENSE_REQUEST";
252 case PLATFORM_CHALLENGE:
253 return "PLATFORM_CHALLENGE";
254 case NEW_LICENSE:
255 return "NEW_LICENSE";
256 case UPGRADE_LICENSE:
257 return "UPGRADE_LICENSE";
258 case LICENSE_INFO:
259 return "LICENSE_INFO";
260 case NEW_LICENSE_REQUEST:
261 return "NEW_LICENSE_REQUEST";
262 case PLATFORM_CHALLENGE_RESPONSE:
263 return "PLATFORM_CHALLENGE_RESPONSE";
264 case ERROR_ALERT:
265 return "ERROR_ALERT";
266 default:
267 return "LICENSE_REQUEST_TYPE_UNKNOWN";
268 }
269}
270
271static const char* licencse_blob_type_string(UINT16 type)
272{
273 switch (type)
274 {
275 case BB_ANY_BLOB:
276 return "BB_ANY_BLOB";
277 case BB_DATA_BLOB:
278 return "BB_DATA_BLOB";
279 case BB_RANDOM_BLOB:
280 return "BB_RANDOM_BLOB";
281 case BB_CERTIFICATE_BLOB:
282 return "BB_CERTIFICATE_BLOB";
283 case BB_ERROR_BLOB:
284 return "BB_ERROR_BLOB";
285 case BB_ENCRYPTED_DATA_BLOB:
286 return "BB_ENCRYPTED_DATA_BLOB";
287 case BB_KEY_EXCHG_ALG_BLOB:
288 return "BB_KEY_EXCHG_ALG_BLOB";
289 case BB_SCOPE_BLOB:
290 return "BB_SCOPE_BLOB";
291 case BB_CLIENT_USER_NAME_BLOB:
292 return "BB_CLIENT_USER_NAME_BLOB";
293 case BB_CLIENT_MACHINE_NAME_BLOB:
294 return "BB_CLIENT_MACHINE_NAME_BLOB";
295 default:
296 return "BB_UNKNOWN";
297 }
298}
299static wStream* license_send_stream_init(rdpLicense* license, UINT16* sec_flags);
300
301static void license_generate_randoms(rdpLicense* license);
302static BOOL license_generate_keys(rdpLicense* license);
303static BOOL license_generate_hwid(rdpLicense* license);
304static BOOL license_encrypt_premaster_secret(rdpLicense* license);
305
306static LICENSE_PRODUCT_INFO* license_new_product_info(void);
307static void license_free_product_info(LICENSE_PRODUCT_INFO* productInfo);
308static BOOL license_read_product_info(wLog* log, wStream* s, LICENSE_PRODUCT_INFO* productInfo);
309
310static LICENSE_BLOB* license_new_binary_blob(UINT16 type);
311static void license_free_binary_blob(LICENSE_BLOB* blob);
312static BOOL license_read_binary_blob_data(wLog* log, LICENSE_BLOB* blob, UINT16 type,
313 const void* data, size_t length);
314static BOOL license_read_binary_blob(wLog* log, wStream* s, LICENSE_BLOB* blob);
315static BOOL license_write_binary_blob(wStream* s, const LICENSE_BLOB* blob);
316
317static SCOPE_LIST* license_new_scope_list(void);
318static BOOL license_scope_list_resize(SCOPE_LIST* scopeList, UINT32 count);
319static void license_free_scope_list(SCOPE_LIST* scopeList);
320static BOOL license_read_scope_list(wLog* log, wStream* s, SCOPE_LIST* scopeList);
321static BOOL license_write_scope_list(wLog* log, wStream* s, const SCOPE_LIST* scopeList);
322
323static BOOL license_read_license_request_packet(rdpLicense* license, wStream* s);
324static BOOL license_write_license_request_packet(const rdpLicense* license, wStream* s);
325
326static BOOL license_read_platform_challenge_packet(rdpLicense* license, wStream* s);
327static BOOL license_send_platform_challenge_packet(rdpLicense* license);
328static BOOL license_read_new_or_upgrade_license_packet(rdpLicense* license, wStream* s);
329static BOOL license_read_error_alert_packet(rdpLicense* license, wStream* s);
330
331static BOOL license_write_new_license_request_packet(const rdpLicense* license, wStream* s);
332static BOOL license_read_new_license_request_packet(rdpLicense* license, wStream* s);
333static BOOL license_answer_license_request(rdpLicense* license);
334
335static BOOL license_send_platform_challenge_response(rdpLicense* license);
336static BOOL license_read_platform_challenge_response(rdpLicense* license);
337
338static BOOL license_read_client_platform_challenge_response(rdpLicense* license, wStream* s);
339static BOOL license_write_client_platform_challenge_response(rdpLicense* license, wStream* s);
340
341static BOOL license_write_server_upgrade_license(const rdpLicense* license, wStream* s);
342
343static BOOL license_send_license_info(rdpLicense* license, const LICENSE_BLOB* calBlob,
344 const BYTE* signature, size_t signature_length);
345static BOOL license_read_license_info(rdpLicense* license, wStream* s);
346static state_run_t license_client_recv(rdpLicense* license, wStream* s);
347static state_run_t license_server_recv(rdpLicense* license, wStream* s);
348
349#define PLATFORMID (CLIENT_OS_ID_WINNT_POST_52 | CLIENT_IMAGE_ID_MICROSOFT)
350
351#ifdef WITH_DEBUG_LICENSE
352
353static const char* error_codes[] = { "ERR_UNKNOWN",
354 "ERR_INVALID_SERVER_CERTIFICATE",
355 "ERR_NO_LICENSE",
356 "ERR_INVALID_MAC",
357 "ERR_INVALID_SCOPE",
358 "ERR_UNKNOWN",
359 "ERR_NO_LICENSE_SERVER",
360 "STATUS_VALID_CLIENT",
361 "ERR_INVALID_CLIENT",
362 "ERR_UNKNOWN",
363 "ERR_UNKNOWN",
364 "ERR_INVALID_PRODUCT_ID",
365 "ERR_INVALID_MESSAGE_LENGTH" };
366
367static const char* state_transitions[] = { "ST_UNKNOWN", "ST_TOTAL_ABORT", "ST_NO_TRANSITION",
368 "ST_RESET_PHASE_TO_START", "ST_RESEND_LAST_MESSAGE" };
369
370static void license_print_product_info(wLog* log, const LICENSE_PRODUCT_INFO* productInfo)
371{
372 char* CompanyName = NULL;
373 char* ProductId = NULL;
374
375 WINPR_ASSERT(productInfo);
376 WINPR_ASSERT(productInfo->pbCompanyName);
377 WINPR_ASSERT(productInfo->pbProductId);
378
379 CompanyName = ConvertWCharNToUtf8Alloc((const WCHAR*)productInfo->pbCompanyName,
380 productInfo->cbCompanyName / sizeof(WCHAR), NULL);
381 ProductId = ConvertWCharNToUtf8Alloc((const WCHAR*)productInfo->pbProductId,
382 productInfo->cbProductId / sizeof(WCHAR), NULL);
383 WLog_Print(log, WLOG_INFO, "ProductInfo:");
384 WLog_Print(log, WLOG_INFO, "\tdwVersion: 0x%08" PRIX32 "", productInfo->dwVersion);
385 WLog_Print(log, WLOG_INFO, "\tCompanyName: %s", CompanyName);
386 WLog_Print(log, WLOG_INFO, "\tProductId: %s", ProductId);
387 free(CompanyName);
388 free(ProductId);
389}
390
391static void license_print_scope_list(wLog* log, const SCOPE_LIST* scopeList)
392{
393 WINPR_ASSERT(scopeList);
394
395 WLog_Print(log, WLOG_INFO, "ScopeList (%" PRIu32 "):", scopeList->count);
396
397 for (UINT32 index = 0; index < scopeList->count; index++)
398 {
399 const LICENSE_BLOB* scope = NULL;
400
401 WINPR_ASSERT(scopeList->array);
402 scope = scopeList->array[index];
403 WINPR_ASSERT(scope);
404
405 WLog_Print(log, WLOG_INFO, "\t%s", (const char*)scope->data);
406 }
407}
408#endif
409
410static const char licenseStore[] = "licenses";
411
412static BOOL license_ensure_state(rdpLicense* license, LICENSE_STATE state, UINT32 msg)
413{
414 const LICENSE_STATE cstate = license_get_state(license);
415
416 WINPR_ASSERT(license);
417
418 if (cstate != state)
419 {
420 const char* scstate = license_get_state_string(cstate);
421 const char* sstate = license_get_state_string(state);
422 const char* where = license_request_type_string(msg);
423
424 WLog_Print(license->log, WLOG_WARN,
425 "Received [%s], but found invalid licensing state %s, expected %s", where,
426 scstate, sstate);
427 return FALSE;
428 }
429 return TRUE;
430}
431
432state_run_t license_recv(rdpLicense* license, wStream* s)
433{
434 WINPR_ASSERT(license);
435 WINPR_ASSERT(license->rdp);
436 WINPR_ASSERT(license->rdp->settings);
437
438 if (freerdp_settings_get_bool(license->rdp->settings, FreeRDP_ServerMode))
439 return license_server_recv(license, s);
440 else
441 return license_client_recv(license, s);
442}
443
444static BOOL license_check_stream_length(wLog* log, wStream* s, SSIZE_T expect, const char* where)
445{
446 const size_t remain = Stream_GetRemainingLength(s);
447
448 WINPR_ASSERT(where);
449
450 if (expect < 0)
451 {
452 WLog_Print(log, WLOG_WARN, "invalid %s, expected value %" PRIdz " invalid", where, expect);
453 return FALSE;
454 }
455 if (remain < (size_t)expect)
456 {
457 WLog_Print(log, WLOG_WARN, "short %s, expected %" PRIdz " bytes, got %" PRIuz, where,
458 expect, remain);
459 return FALSE;
460 }
461 return TRUE;
462}
463
464static BOOL license_check_stream_capacity(wLog* log, wStream* s, size_t expect, const char* where)
465{
466 WINPR_ASSERT(where);
467
468 if (!Stream_CheckAndLogRequiredCapacityWLogEx(log, WLOG_WARN, s, expect, 1,
469 "%s(%s:%" PRIuz ") %s", __func__, __FILE__,
470 (size_t)__LINE__, where))
471 return FALSE;
472
473 return TRUE;
474}
475
476static BOOL computeCalHash(wLog* log, const char* hostname, char* hashStr, size_t len)
477{
478 WINPR_DIGEST_CTX* sha1 = NULL;
479 BOOL ret = FALSE;
480 BYTE hash[20] = { 0 };
481
482 WINPR_ASSERT(hostname);
483 WINPR_ASSERT(hashStr);
484
485 if (len < 2 * sizeof(hash) + 1)
486 return FALSE;
487
488 if (!(sha1 = winpr_Digest_New()))
489 goto out;
490 if (!winpr_Digest_Init(sha1, WINPR_MD_SHA1))
491 goto out;
492 if (!winpr_Digest_Update(sha1, (const BYTE*)hostname, strlen(hostname)))
493 goto out;
494 if (!winpr_Digest_Final(sha1, hash, sizeof(hash)))
495 goto out;
496
497 for (size_t i = 0; i < sizeof(hash); i++, hashStr += 2)
498 (void)sprintf_s(hashStr, 3, "%.2x", hash[i]);
499
500 ret = TRUE;
501out:
502 if (!ret)
503 WLog_Print(log, WLOG_ERROR, "failed to generate SHA1 of hostname '%s'", hostname);
504 winpr_Digest_Free(sha1);
505 return ret;
506}
507
508static BOOL saveCal(wLog* log, const rdpSettings* settings, const BYTE* data, size_t length,
509 const char* hostname)
510{
511 char hash[41] = { 0 };
512 FILE* fp = NULL;
513 char* licenseStorePath = NULL;
514 char filename[MAX_PATH] = { 0 };
515 char filenameNew[MAX_PATH] = { 0 };
516 char* filepath = NULL;
517 char* filepathNew = NULL;
518
519 size_t written = 0;
520 BOOL ret = FALSE;
521 const char* path = freerdp_settings_get_string(settings, FreeRDP_ConfigPath);
522
523 WINPR_ASSERT(path);
524 WINPR_ASSERT(data || (length == 0));
525 WINPR_ASSERT(hostname);
526
527 if (!winpr_PathFileExists(path))
528 {
529 if (!winpr_PathMakePath(path, 0))
530 {
531 WLog_Print(log, WLOG_ERROR, "error creating directory '%s'", path);
532 goto out;
533 }
534 WLog_Print(log, WLOG_INFO, "creating directory %s", path);
535 }
536
537 if (!(licenseStorePath = GetCombinedPath(path, licenseStore)))
538 {
539 WLog_Print(log, WLOG_ERROR, "Failed to get license store path from '%s' + '%s'", path,
540 licenseStore);
541 goto out;
542 }
543
544 if (!winpr_PathFileExists(licenseStorePath))
545 {
546 if (!winpr_PathMakePath(licenseStorePath, 0))
547 {
548 WLog_Print(log, WLOG_ERROR, "error creating directory '%s'", licenseStorePath);
549 goto out;
550 }
551 WLog_Print(log, WLOG_INFO, "creating directory %s", licenseStorePath);
552 }
553
554 if (!computeCalHash(log, hostname, hash, sizeof(hash)))
555 goto out;
556 (void)sprintf_s(filename, sizeof(filename) - 1, "%s.cal", hash);
557 (void)sprintf_s(filenameNew, sizeof(filenameNew) - 1, "%s.cal.new", hash);
558
559 if (!(filepath = GetCombinedPath(licenseStorePath, filename)))
560 {
561 WLog_Print(log, WLOG_ERROR, "Failed to get license file path from '%s' + '%s'", path,
562 filename);
563 goto out;
564 }
565
566 if (!(filepathNew = GetCombinedPath(licenseStorePath, filenameNew)))
567 {
568 WLog_Print(log, WLOG_ERROR, "Failed to get license new file path from '%s' + '%s'", path,
569 filenameNew);
570 goto out;
571 }
572
573 fp = winpr_fopen(filepathNew, "wb");
574 if (!fp)
575 {
576 WLog_Print(log, WLOG_ERROR, "Failed to open license file '%s'", filepathNew);
577 goto out;
578 }
579
580 written = fwrite(data, length, 1, fp);
581 (void)fclose(fp);
582
583 if (written != 1)
584 {
585 WLog_Print(log, WLOG_ERROR, "Failed to write to license file '%s'", filepathNew);
586 winpr_DeleteFile(filepathNew);
587 goto out;
588 }
589
590 ret = winpr_MoveFileEx(filepathNew, filepath, MOVEFILE_REPLACE_EXISTING);
591 if (!ret)
592 WLog_Print(log, WLOG_ERROR, "Failed to move license file '%s' to '%s'", filepathNew,
593 filepath);
594
595out:
596 free(filepathNew);
597 free(filepath);
598 free(licenseStorePath);
599 return ret;
600}
601
602static BYTE* loadCalFile(wLog* log, const rdpSettings* settings, const char* hostname,
603 size_t* dataLen)
604{
605 char* licenseStorePath = NULL;
606 char* calPath = NULL;
607 char calFilename[MAX_PATH] = { 0 };
608 char hash[41] = { 0 };
609 INT64 length = 0;
610 size_t status = 0;
611 FILE* fp = NULL;
612 BYTE* ret = NULL;
613
614 WINPR_ASSERT(settings);
615 WINPR_ASSERT(hostname);
616 WINPR_ASSERT(dataLen);
617
618 if (!computeCalHash(log, hostname, hash, sizeof(hash)))
619 {
620 WLog_Print(log, WLOG_ERROR, "loadCalFile: unable to compute hostname hash");
621 return NULL;
622 }
623
624 (void)sprintf_s(calFilename, sizeof(calFilename) - 1, "%s.cal", hash);
625
626 if (!(licenseStorePath = GetCombinedPath(
627 freerdp_settings_get_string(settings, FreeRDP_ConfigPath), licenseStore)))
628 return NULL;
629
630 if (!(calPath = GetCombinedPath(licenseStorePath, calFilename)))
631 goto error_path;
632
633 fp = winpr_fopen(calPath, "rb");
634 if (!fp)
635 goto error_open;
636
637 if (_fseeki64(fp, 0, SEEK_END) != 0)
638 goto error_malloc;
639 length = _ftelli64(fp);
640 if (_fseeki64(fp, 0, SEEK_SET) != 0)
641 goto error_malloc;
642 if (length < 0)
643 goto error_malloc;
644
645 ret = (BYTE*)malloc((size_t)length);
646 if (!ret)
647 goto error_malloc;
648
649 status = fread(ret, (size_t)length, 1, fp);
650 if (status == 0)
651 goto error_read;
652
653 *dataLen = (size_t)length;
654
655 (void)fclose(fp);
656 free(calPath);
657 free(licenseStorePath);
658 return ret;
659
660error_read:
661 free(ret);
662error_malloc:
663 fclose(fp);
664error_open:
665 free(calPath);
666error_path:
667 free(licenseStorePath);
668 return NULL;
669}
670
681static BOOL license_read_preamble(wLog* log, wStream* s, BYTE* bMsgType, BYTE* flags,
682 UINT16* wMsgSize)
683{
684 WINPR_ASSERT(bMsgType);
685 WINPR_ASSERT(flags);
686 WINPR_ASSERT(wMsgSize);
687
688 /* preamble (4 bytes) */
689 if (!license_check_stream_length(log, s, 4, "license preamble"))
690 return FALSE;
691
692 Stream_Read_UINT8(s, *bMsgType); /* bMsgType (1 byte) */
693 Stream_Read_UINT8(s, *flags); /* flags (1 byte) */
694 Stream_Read_UINT16(s, *wMsgSize); /* wMsgSize (2 bytes) */
695 return license_check_stream_length(log, s, *wMsgSize - 4ll, "license preamble::wMsgSize");
696}
697
708static BOOL license_write_preamble(wStream* s, BYTE bMsgType, BYTE flags, UINT16 wMsgSize)
709{
710 if (!Stream_EnsureRemainingCapacity(s, 4))
711 return FALSE;
712
713 /* preamble (4 bytes) */
714 Stream_Write_UINT8(s, bMsgType); /* bMsgType (1 byte) */
715 Stream_Write_UINT8(s, flags); /* flags (1 byte) */
716 Stream_Write_UINT16(s, wMsgSize); /* wMsgSize (2 bytes) */
717 return TRUE;
718}
719
728wStream* license_send_stream_init(rdpLicense* license, UINT16* sec_flags)
729{
730 WINPR_ASSERT(license);
731 WINPR_ASSERT(license->rdp);
732 WINPR_ASSERT(sec_flags);
733
734 const BOOL do_crypt = license->rdp->do_crypt;
735
736 *sec_flags = SEC_LICENSE_PKT;
737
738 /*
739 * Encryption of licensing packets is optional even if the rdp security
740 * layer is used. If the peer has not indicated that it is capable of
741 * processing encrypted licensing packets (rdp->do_crypt_license) we turn
742 * off encryption (via rdp->do_crypt) before initializing the rdp stream
743 * and re-enable it afterwards.
744 */
745
746 if (do_crypt)
747 {
748 *sec_flags |= SEC_LICENSE_ENCRYPT_CS;
749 license->rdp->do_crypt = license->rdp->do_crypt_license;
750 }
751
752 wStream* s = rdp_send_stream_init(license->rdp, sec_flags);
753 if (!s)
754 return NULL;
755
756 license->rdp->do_crypt = do_crypt;
757 license->PacketHeaderLength = (UINT16)Stream_GetPosition(s);
758 if (!Stream_SafeSeek(s, LICENSE_PREAMBLE_LENGTH))
759 goto fail;
760 return s;
761
762fail:
763 Stream_Release(s);
764 return NULL;
765}
766
774static BOOL license_send(rdpLicense* license, wStream* s, BYTE type, UINT16 sec_flags)
775{
776 WINPR_ASSERT(license);
777 WINPR_ASSERT(license->rdp);
778
779 rdpRdp* rdp = license->rdp;
780 WINPR_ASSERT(rdp->settings);
781
782 DEBUG_LICENSE("Sending %s Packet", license_request_type_string(type));
783 const size_t length = Stream_GetPosition(s);
784 WINPR_ASSERT(length >= license->PacketHeaderLength);
785 WINPR_ASSERT(length <= UINT16_MAX + license->PacketHeaderLength);
786
787 const UINT16 wMsgSize = (UINT16)(length - license->PacketHeaderLength);
788 Stream_SetPosition(s, license->PacketHeaderLength);
789 BYTE flags = PREAMBLE_VERSION_3_0;
790
796 if (!rdp->settings->ServerMode)
797 flags |= EXTENDED_ERROR_MSG_SUPPORTED;
798
799 if (!license_write_preamble(s, type, flags, wMsgSize))
800 {
801 Stream_Release(s);
802 return FALSE;
803 }
804
805#ifdef WITH_DEBUG_LICENSE
806 WLog_Print(license->log, WLOG_DEBUG, "Sending %s Packet, length %" PRIu16 "",
807 license_request_type_string(type), wMsgSize);
808 winpr_HexLogDump(license->log, WLOG_DEBUG, Stream_PointerAs(s, char) - LICENSE_PREAMBLE_LENGTH,
809 wMsgSize);
810#endif
811 Stream_SetPosition(s, length);
812 const BOOL ret = rdp_send(rdp, s, MCS_GLOBAL_CHANNEL_ID, sec_flags);
813 return ret;
814}
815
816BOOL license_write_server_upgrade_license(const rdpLicense* license, wStream* s)
817{
818 WINPR_ASSERT(license);
819
820 if (!license_write_binary_blob(s, license->EncryptedLicenseInfo))
821 return FALSE;
822 if (!license_check_stream_capacity(license->log, s, sizeof(license->MACData),
823 "SERVER_UPGRADE_LICENSE::MACData"))
824 return FALSE;
825 Stream_Write(s, license->MACData, sizeof(license->MACData));
826 return TRUE;
827}
828
829static BOOL license_server_send_new_or_upgrade_license(rdpLicense* license, BOOL upgrade)
830{
831 UINT16 sec_flags = 0;
832 wStream* s = license_send_stream_init(license, &sec_flags);
833 const BYTE type = upgrade ? UPGRADE_LICENSE : NEW_LICENSE;
834
835 if (!s)
836 return FALSE;
837
838 if (!license_write_server_upgrade_license(license, s))
839 goto fail;
840
841 return license_send(license, s, type, sec_flags);
842
843fail:
844 Stream_Release(s);
845 return FALSE;
846}
847
856static state_run_t license_client_recv_int(rdpLicense* license, wStream* s)
857{
858 BYTE flags = 0;
859 BYTE bMsgType = 0;
860 UINT16 wMsgSize = 0;
861 const size_t length = Stream_GetRemainingLength(s);
862
863 WINPR_ASSERT(license);
864
865 if (!license_read_preamble(license->log, s, &bMsgType, &flags,
866 &wMsgSize)) /* preamble (4 bytes) */
867 return STATE_RUN_FAILED;
868
869 DEBUG_LICENSE("Receiving %s Packet", license_request_type_string(bMsgType));
870
871 switch (bMsgType)
872 {
873 case LICENSE_REQUEST:
874 /* Client does not require configuration, so skip this state */
875 if (license_get_state(license) == LICENSE_STATE_INITIAL)
876 license_set_state(license, LICENSE_STATE_CONFIGURED);
877
878 if (!license_ensure_state(license, LICENSE_STATE_CONFIGURED, bMsgType))
879 return STATE_RUN_FAILED;
880
881 if (!license_read_license_request_packet(license, s))
882 return STATE_RUN_FAILED;
883
884 if (!license_answer_license_request(license))
885 return STATE_RUN_FAILED;
886
887 license_set_state(license, LICENSE_STATE_NEW_REQUEST);
888 break;
889
890 case PLATFORM_CHALLENGE:
891 if (!license_ensure_state(license, LICENSE_STATE_NEW_REQUEST, bMsgType))
892 return STATE_RUN_FAILED;
893
894 if (!license_read_platform_challenge_packet(license, s))
895 return STATE_RUN_FAILED;
896
897 if (!license_send_platform_challenge_response(license))
898 return STATE_RUN_FAILED;
899 license_set_state(license, LICENSE_STATE_PLATFORM_CHALLENGE_RESPONSE);
900 break;
901
902 case NEW_LICENSE:
903 case UPGRADE_LICENSE:
904 if (!license_ensure_state(license, LICENSE_STATE_PLATFORM_CHALLENGE_RESPONSE, bMsgType))
905 return STATE_RUN_FAILED;
906 if (!license_read_new_or_upgrade_license_packet(license, s))
907 return STATE_RUN_FAILED;
908 break;
909
910 case ERROR_ALERT:
911 if (!license_read_error_alert_packet(license, s))
912 return STATE_RUN_FAILED;
913 break;
914
915 default:
916 WLog_Print(license->log, WLOG_ERROR, "invalid bMsgType:%" PRIu8 "", bMsgType);
917 return STATE_RUN_FAILED;
918 }
919
920 if (!tpkt_ensure_stream_consumed(license->log, s, length))
921 return STATE_RUN_FAILED;
922 return STATE_RUN_SUCCESS;
923}
924
925state_run_t license_client_recv(rdpLicense* license, wStream* s)
926{
927 state_run_t rc = license_client_recv_int(license, s);
928 if (state_run_failed(rc))
929 {
930 freerdp_set_last_error(license->rdp->context, ERROR_CTX_LICENSE_CLIENT_INVALID);
931 }
932 return rc;
933}
934
935state_run_t license_server_recv(rdpLicense* license, wStream* s)
936{
937 state_run_t rc = STATE_RUN_FAILED;
938 BYTE flags = 0;
939 BYTE bMsgType = 0;
940 UINT16 wMsgSize = 0;
941 const size_t length = Stream_GetRemainingLength(s);
942
943 WINPR_ASSERT(license);
944
945 if (!license_read_preamble(license->log, s, &bMsgType, &flags,
946 &wMsgSize)) /* preamble (4 bytes) */
947 goto fail;
948
949 DEBUG_LICENSE("Receiving %s Packet", license_request_type_string(bMsgType));
950
951 switch (bMsgType)
952 {
953 case NEW_LICENSE_REQUEST:
954 if (!license_ensure_state(license, LICENSE_STATE_REQUEST, bMsgType))
955 goto fail;
956 if (!license_read_new_license_request_packet(license, s))
957 goto fail;
958 // TODO: Validate if client is allowed
959 if (!license_send_error_alert(license, ERR_INVALID_MAC, ST_TOTAL_ABORT,
960 license->ErrorInfo))
961 goto fail;
962 if (!license_send_platform_challenge_packet(license))
963 goto fail;
964 license->update = FALSE;
965 if (!license_set_state(license, LICENSE_STATE_PLATFORM_CHALLENGE))
966 goto fail;
967 break;
968 case LICENSE_INFO:
969 if (!license_ensure_state(license, LICENSE_STATE_REQUEST, bMsgType))
970 goto fail;
971 if (!license_read_license_info(license, s))
972 goto fail;
973 // TODO: Validate license info
974 if (!license_send_platform_challenge_packet(license))
975 goto fail;
976 if (!license_set_state(license, LICENSE_STATE_PLATFORM_CHALLENGE))
977 goto fail;
978 license->update = TRUE;
979 break;
980
981 case PLATFORM_CHALLENGE_RESPONSE:
982 if (!license_ensure_state(license, LICENSE_STATE_PLATFORM_CHALLENGE, bMsgType))
983 goto fail;
984 if (!license_read_client_platform_challenge_response(license, s))
985 goto fail;
986
987 // TODO: validate challenge response
988 if (FALSE)
989 {
990 if (license_send_error_alert(license, ERR_INVALID_CLIENT, ST_TOTAL_ABORT,
991 license->ErrorInfo))
992 goto fail;
993 }
994 else
995 {
996 if (!license_server_send_new_or_upgrade_license(license, license->update))
997 goto fail;
998
999 license->type = LICENSE_TYPE_ISSUED;
1000 license_set_state(license, LICENSE_STATE_COMPLETED);
1001
1002 rc = STATE_RUN_CONTINUE; /* License issued, switch state */
1003 }
1004 break;
1005
1006 case ERROR_ALERT:
1007 if (!license_read_error_alert_packet(license, s))
1008 goto fail;
1009 break;
1010
1011 default:
1012 WLog_Print(license->log, WLOG_ERROR, "invalid bMsgType:%" PRIu8 "", bMsgType);
1013 goto fail;
1014 }
1015
1016 if (!tpkt_ensure_stream_consumed(license->log, s, length))
1017 goto fail;
1018
1019 if (!state_run_success(rc))
1020 rc = STATE_RUN_SUCCESS;
1021
1022fail:
1023 if (state_run_failed(rc))
1024 {
1025 if (flags & EXTENDED_ERROR_MSG_SUPPORTED)
1026 license_send_error_alert(license, ERR_INVALID_CLIENT, ST_TOTAL_ABORT, NULL);
1027 license_set_state(license, LICENSE_STATE_ABORTED);
1028 }
1029
1030 return rc;
1031}
1032
1033void license_generate_randoms(rdpLicense* license)
1034{
1035 WINPR_ASSERT(license);
1036
1037#ifdef LICENSE_NULL_CLIENT_RANDOM
1038 ZeroMemory(license->ClientRandom, sizeof(license->ClientRandom)); /* ClientRandom */
1039#else
1040 winpr_RAND(license->ClientRandom, sizeof(license->ClientRandom)); /* ClientRandom */
1041#endif
1042
1043 winpr_RAND(license->ServerRandom, sizeof(license->ServerRandom)); /* ServerRandom */
1044
1045#ifdef LICENSE_NULL_PREMASTER_SECRET
1046 ZeroMemory(license->PremasterSecret, sizeof(license->PremasterSecret)); /* PremasterSecret */
1047#else
1048 winpr_RAND(license->PremasterSecret, sizeof(license->PremasterSecret)); /* PremasterSecret */
1049#endif
1050}
1051
1057static BOOL license_generate_keys(rdpLicense* license)
1058{
1059 WINPR_ASSERT(license);
1060
1061 if (
1062 /* MasterSecret */
1063 !security_master_secret(license->PremasterSecret, sizeof(license->PremasterSecret),
1064 license->ClientRandom, sizeof(license->ClientRandom),
1065 license->ServerRandom, sizeof(license->ServerRandom),
1066 license->MasterSecret, sizeof(license->MasterSecret)) ||
1067 /* SessionKeyBlob */
1068 !security_session_key_blob(license->MasterSecret, sizeof(license->MasterSecret),
1069 license->ClientRandom, sizeof(license->ClientRandom),
1070 license->ServerRandom, sizeof(license->ServerRandom),
1071 license->SessionKeyBlob, sizeof(license->SessionKeyBlob)))
1072 {
1073 return FALSE;
1074 }
1075 security_mac_salt_key(license->SessionKeyBlob, sizeof(license->SessionKeyBlob),
1076 license->ClientRandom, sizeof(license->ClientRandom),
1077 license->ServerRandom, sizeof(license->ServerRandom), license->MacSaltKey,
1078 sizeof(license->MacSaltKey)); /* MacSaltKey */
1079 const BOOL ret = security_licensing_encryption_key(
1080 license->SessionKeyBlob, sizeof(license->SessionKeyBlob), license->ClientRandom,
1081 sizeof(license->ClientRandom), license->ServerRandom, sizeof(license->ServerRandom),
1082 license->LicensingEncryptionKey,
1083 sizeof(license->LicensingEncryptionKey)); /* LicensingEncryptionKey */
1084
1085#ifdef WITH_DEBUG_LICENSE
1086 WLog_Print(license->log, WLOG_DEBUG, "ClientRandom:");
1087 winpr_HexLogDump(license->log, WLOG_DEBUG, license->ClientRandom,
1088 sizeof(license->ClientRandom));
1089 WLog_Print(license->log, WLOG_DEBUG, "ServerRandom:");
1090 winpr_HexLogDump(license->log, WLOG_DEBUG, license->ServerRandom,
1091 sizeof(license->ServerRandom));
1092 WLog_Print(license->log, WLOG_DEBUG, "PremasterSecret:");
1093 winpr_HexLogDump(license->log, WLOG_DEBUG, license->PremasterSecret,
1094 sizeof(license->PremasterSecret));
1095 WLog_Print(license->log, WLOG_DEBUG, "MasterSecret:");
1096 winpr_HexLogDump(license->log, WLOG_DEBUG, license->MasterSecret,
1097 sizeof(license->MasterSecret));
1098 WLog_Print(license->log, WLOG_DEBUG, "SessionKeyBlob:");
1099 winpr_HexLogDump(license->log, WLOG_DEBUG, license->SessionKeyBlob,
1100 sizeof(license->SessionKeyBlob));
1101 WLog_Print(license->log, WLOG_DEBUG, "MacSaltKey:");
1102 winpr_HexLogDump(license->log, WLOG_DEBUG, license->MacSaltKey, sizeof(license->MacSaltKey));
1103 WLog_Print(license->log, WLOG_DEBUG, "LicensingEncryptionKey:");
1104 winpr_HexLogDump(license->log, WLOG_DEBUG, license->LicensingEncryptionKey,
1105 sizeof(license->LicensingEncryptionKey));
1106#endif
1107 return ret;
1108}
1109
1115BOOL license_generate_hwid(rdpLicense* license)
1116{
1117 const BYTE* hashTarget = NULL;
1118 size_t targetLen = 0;
1119 BYTE macAddress[6] = { 0 };
1120
1121 WINPR_ASSERT(license);
1122 WINPR_ASSERT(license->rdp);
1123 WINPR_ASSERT(license->rdp->settings);
1124
1125 ZeroMemory(license->HardwareId, sizeof(license->HardwareId));
1126
1127 if (license->rdp->settings->OldLicenseBehaviour)
1128 {
1129 hashTarget = macAddress;
1130 targetLen = sizeof(macAddress);
1131 }
1132 else
1133 {
1134 wStream buffer = { 0 };
1135 const char* hostname = license->rdp->settings->ClientHostname;
1136 wStream* s = Stream_StaticInit(&buffer, license->HardwareId, 4);
1137 Stream_Write_UINT32(s, license->PlatformId);
1138
1139 hashTarget = (const BYTE*)hostname;
1140 targetLen = hostname ? strlen(hostname) : 0;
1141 }
1142
1143 /* Allow FIPS override for use of MD5 here, really this does not have to be MD5 as we are just
1144 * taking a MD5 hash of the 6 bytes of 0's(macAddress) */
1145 /* and filling in the Data1-Data4 fields of the CLIENT_HARDWARE_ID structure(from MS-RDPELE
1146 * section 2.2.2.3.1). This is for RDP licensing packets */
1147 /* which will already be encrypted under FIPS, so the use of MD5 here is not for sensitive data
1148 * protection. */
1149 return winpr_Digest_Allow_FIPS(WINPR_MD_MD5, hashTarget, targetLen,
1150 &license->HardwareId[HWID_PLATFORM_ID_LENGTH],
1151 WINPR_MD5_DIGEST_LENGTH);
1152}
1153
1154static BOOL license_get_server_rsa_public_key(rdpLicense* license)
1155{
1156 rdpSettings* settings = NULL;
1157
1158 WINPR_ASSERT(license);
1159 WINPR_ASSERT(license->certificate);
1160 WINPR_ASSERT(license->rdp);
1161
1162 settings = license->rdp->settings;
1163 WINPR_ASSERT(settings);
1164
1165 if (license->ServerCertificate->length < 1)
1166 {
1167 if (!freerdp_certificate_read_server_cert(license->certificate, settings->ServerCertificate,
1168 settings->ServerCertificateLength))
1169 return FALSE;
1170 }
1171
1172 return TRUE;
1173}
1174
1175BOOL license_encrypt_premaster_secret(rdpLicense* license)
1176{
1177 WINPR_ASSERT(license);
1178 WINPR_ASSERT(license->certificate);
1179
1180 if (!license_get_server_rsa_public_key(license))
1181 return FALSE;
1182
1183 WINPR_ASSERT(license->EncryptedPremasterSecret);
1184
1185 const rdpCertInfo* info = freerdp_certificate_get_info(license->certificate);
1186 if (!info)
1187 {
1188 WLog_Print(license->log, WLOG_ERROR, "info=%p, license->certificate=%p", info,
1189 license->certificate);
1190 return FALSE;
1191 }
1192
1193#ifdef WITH_DEBUG_LICENSE
1194 WLog_Print(license->log, WLOG_DEBUG, "Modulus (%" PRIu32 " bits):", info->ModulusLength * 8);
1195 winpr_HexLogDump(license->log, WLOG_DEBUG, info->Modulus, info->ModulusLength);
1196 WLog_Print(license->log, WLOG_DEBUG, "Exponent:");
1197 winpr_HexLogDump(license->log, WLOG_DEBUG, info->exponent, sizeof(info->exponent));
1198#endif
1199
1200 BYTE* EncryptedPremasterSecret = (BYTE*)calloc(1, info->ModulusLength);
1201 if (!EncryptedPremasterSecret)
1202 {
1203 WLog_Print(license->log, WLOG_ERROR,
1204 "EncryptedPremasterSecret=%p, info->ModulusLength=%" PRIu32,
1205 EncryptedPremasterSecret, info->ModulusLength);
1206 return FALSE;
1207 }
1208
1209 license->EncryptedPremasterSecret->type = BB_RANDOM_BLOB;
1210 license->EncryptedPremasterSecret->length = sizeof(license->PremasterSecret);
1211#ifndef LICENSE_NULL_PREMASTER_SECRET
1212 {
1213 const SSIZE_T length =
1214 crypto_rsa_public_encrypt(license->PremasterSecret, sizeof(license->PremasterSecret),
1215 info, EncryptedPremasterSecret, info->ModulusLength);
1216 if ((length < 0) || (length > UINT16_MAX))
1217 {
1218 WLog_Print(license->log, WLOG_ERROR,
1219 "RSA public encrypt length=%" PRIdz " < 0 || > %" PRIu16, length,
1220 UINT16_MAX);
1221 return FALSE;
1222 }
1223 license->EncryptedPremasterSecret->length = (UINT16)length;
1224 }
1225#endif
1226 license->EncryptedPremasterSecret->data = EncryptedPremasterSecret;
1227 return TRUE;
1228}
1229
1230static BOOL license_rc4_with_licenseKey(const rdpLicense* license, const BYTE* input, size_t len,
1231 LICENSE_BLOB* target)
1232{
1233 WINPR_ASSERT(license);
1234 WINPR_ASSERT(input || (len == 0));
1235 WINPR_ASSERT(target);
1236 WINPR_ASSERT(len <= UINT16_MAX);
1237
1238 WINPR_RC4_CTX* rc4 = winpr_RC4_New_Allow_FIPS(license->LicensingEncryptionKey,
1239 sizeof(license->LicensingEncryptionKey));
1240 if (!rc4)
1241 {
1242 WLog_Print(license->log, WLOG_ERROR, "Failed to allocate RC4");
1243 return FALSE;
1244 }
1245
1246 BYTE* buffer = NULL;
1247 if (len > 0)
1248 buffer = realloc(target->data, len);
1249 if (!buffer)
1250 goto error_buffer;
1251
1252 target->data = buffer;
1253 target->length = (UINT16)len;
1254
1255 if (!winpr_RC4_Update(rc4, len, input, buffer))
1256 goto error_buffer;
1257
1258 winpr_RC4_Free(rc4);
1259 return TRUE;
1260
1261error_buffer:
1262 WLog_Print(license->log, WLOG_ERROR, "Failed to create/update RC4: len=%" PRIuz ", buffer=%p",
1263 len, buffer);
1264 winpr_RC4_Free(rc4);
1265 return FALSE;
1266}
1267
1278static BOOL license_encrypt_and_MAC(rdpLicense* license, const BYTE* input, size_t len,
1279 LICENSE_BLOB* target, BYTE* mac, size_t mac_length)
1280{
1281 WINPR_ASSERT(license);
1282 return license_rc4_with_licenseKey(license, input, len, target) &&
1283 security_mac_data(license->MacSaltKey, sizeof(license->MacSaltKey), input, len, mac,
1284 mac_length);
1285}
1286
1298static BOOL license_decrypt_and_check_MAC(rdpLicense* license, const BYTE* input, size_t len,
1299 LICENSE_BLOB* target, const BYTE* packetMac)
1300{
1301 BYTE macData[sizeof(license->MACData)] = { 0 };
1302
1303 WINPR_ASSERT(license);
1304 WINPR_ASSERT(target);
1305
1306 if (freerdp_settings_get_bool(license->rdp->settings, FreeRDP_TransportDumpReplay))
1307 {
1308 WLog_Print(license->log, WLOG_DEBUG, "TransportDumpReplay active, skipping...");
1309 return TRUE;
1310 }
1311
1312 if (!license_rc4_with_licenseKey(license, input, len, target))
1313 return FALSE;
1314
1315 if (!security_mac_data(license->MacSaltKey, sizeof(license->MacSaltKey), target->data, len,
1316 macData, sizeof(macData)))
1317 return FALSE;
1318
1319 if (memcmp(packetMac, macData, sizeof(macData)) != 0)
1320 {
1321 WLog_Print(license->log, WLOG_ERROR, "packetMac != expectedMac");
1322 return FALSE;
1323 }
1324 return TRUE;
1325}
1326
1334BOOL license_read_product_info(wLog* log, wStream* s, LICENSE_PRODUCT_INFO* productInfo)
1335{
1336 WINPR_ASSERT(productInfo);
1337
1338 if (!license_check_stream_length(log, s, 8, "license product info::cbCompanyName"))
1339 return FALSE;
1340
1341 Stream_Read_UINT32(s, productInfo->dwVersion); /* dwVersion (4 bytes) */
1342 Stream_Read_UINT32(s, productInfo->cbCompanyName); /* cbCompanyName (4 bytes) */
1343
1344 /* Name must be >0, but there is no upper limit defined, use UINT32_MAX */
1345 if ((productInfo->cbCompanyName < 2) || (productInfo->cbCompanyName % 2 != 0))
1346 {
1347 WLog_Print(log, WLOG_WARN, "license product info invalid cbCompanyName %" PRIu32,
1348 productInfo->cbCompanyName);
1349 return FALSE;
1350 }
1351
1352 if (!license_check_stream_length(log, s, productInfo->cbCompanyName,
1353 "license product info::CompanyName"))
1354 return FALSE;
1355
1356 productInfo->pbProductId = NULL;
1357 productInfo->pbCompanyName = (BYTE*)malloc(productInfo->cbCompanyName);
1358 if (!productInfo->pbCompanyName)
1359 goto out_fail;
1360 Stream_Read(s, productInfo->pbCompanyName, productInfo->cbCompanyName);
1361
1362 if (!license_check_stream_length(log, s, 4, "license product info::cbProductId"))
1363 goto out_fail;
1364
1365 Stream_Read_UINT32(s, productInfo->cbProductId); /* cbProductId (4 bytes) */
1366
1367 if ((productInfo->cbProductId < 2) || (productInfo->cbProductId % 2 != 0))
1368 {
1369 WLog_Print(log, WLOG_WARN, "license product info invalid cbProductId %" PRIu32,
1370 productInfo->cbProductId);
1371 goto out_fail;
1372 }
1373
1374 if (!license_check_stream_length(log, s, productInfo->cbProductId,
1375 "license product info::ProductId"))
1376 goto out_fail;
1377
1378 productInfo->pbProductId = (BYTE*)malloc(productInfo->cbProductId);
1379 if (!productInfo->pbProductId)
1380 goto out_fail;
1381 Stream_Read(s, productInfo->pbProductId, productInfo->cbProductId);
1382 return TRUE;
1383
1384out_fail:
1385 free(productInfo->pbCompanyName);
1386 free(productInfo->pbProductId);
1387 productInfo->pbCompanyName = NULL;
1388 productInfo->pbProductId = NULL;
1389 return FALSE;
1390}
1391
1392static BOOL license_write_product_info(wLog* log, wStream* s,
1393 const LICENSE_PRODUCT_INFO* productInfo)
1394{
1395 WINPR_ASSERT(productInfo);
1396
1397 if (!license_check_stream_capacity(log, s, 8, "license product info::cbCompanyName"))
1398 return FALSE;
1399
1400 Stream_Write_UINT32(s, productInfo->dwVersion); /* dwVersion (4 bytes) */
1401 Stream_Write_UINT32(s, productInfo->cbCompanyName); /* cbCompanyName (4 bytes) */
1402
1403 /* Name must be >0, but there is no upper limit defined, use UINT32_MAX */
1404 if ((productInfo->cbCompanyName < 2) || (productInfo->cbCompanyName % 2 != 0) ||
1405 !productInfo->pbCompanyName)
1406 {
1407 WLog_Print(log, WLOG_WARN, "license product info invalid cbCompanyName %" PRIu32,
1408 productInfo->cbCompanyName);
1409 return FALSE;
1410 }
1411
1412 if (!license_check_stream_capacity(log, s, productInfo->cbCompanyName,
1413 "license product info::CompanyName"))
1414 return FALSE;
1415
1416 Stream_Write(s, productInfo->pbCompanyName, productInfo->cbCompanyName);
1417
1418 if (!license_check_stream_capacity(log, s, 4, "license product info::cbProductId"))
1419 return FALSE;
1420
1421 Stream_Write_UINT32(s, productInfo->cbProductId); /* cbProductId (4 bytes) */
1422
1423 if ((productInfo->cbProductId < 2) || (productInfo->cbProductId % 2 != 0) ||
1424 !productInfo->pbProductId)
1425 {
1426 WLog_Print(log, WLOG_WARN, "license product info invalid cbProductId %" PRIu32,
1427 productInfo->cbProductId);
1428 return FALSE;
1429 }
1430
1431 if (!license_check_stream_capacity(log, s, productInfo->cbProductId,
1432 "license product info::ProductId"))
1433 return FALSE;
1434
1435 Stream_Write(s, productInfo->pbProductId, productInfo->cbProductId);
1436 return TRUE;
1437}
1438
1445LICENSE_PRODUCT_INFO* license_new_product_info(void)
1446{
1447 LICENSE_PRODUCT_INFO* productInfo =
1448 (LICENSE_PRODUCT_INFO*)calloc(1, sizeof(LICENSE_PRODUCT_INFO));
1449 if (!productInfo)
1450 return NULL;
1451 return productInfo;
1452}
1453
1460void license_free_product_info(LICENSE_PRODUCT_INFO* productInfo)
1461{
1462 if (productInfo)
1463 {
1464 free(productInfo->pbCompanyName);
1465 free(productInfo->pbProductId);
1466 free(productInfo);
1467 }
1468}
1469
1470BOOL license_read_binary_blob_data(wLog* log, LICENSE_BLOB* blob, UINT16 wBlobType,
1471 const void* data, size_t length)
1472{
1473 WINPR_ASSERT(blob);
1474 WINPR_ASSERT(length <= UINT16_MAX);
1475 WINPR_ASSERT(data || (length == 0));
1476
1477 blob->length = (UINT16)length;
1478 free(blob->data);
1479 blob->data = NULL;
1480
1481 if ((blob->type != wBlobType) && (blob->type != BB_ANY_BLOB))
1482 {
1483 WLog_Print(log, WLOG_ERROR, "license binary blob::type expected %s, got %s",
1484 licencse_blob_type_string(wBlobType), licencse_blob_type_string(blob->type));
1485 }
1486
1487 /*
1488 * Server can choose to not send data by setting length to 0.
1489 * If so, it may not bother to set the type, so shortcut the warning
1490 */
1491 if ((blob->type != BB_ANY_BLOB) && (blob->length == 0))
1492 {
1493 WLog_Print(log, WLOG_WARN, "license binary blob::type %s, length=0, skipping.",
1494 licencse_blob_type_string(blob->type));
1495 return TRUE;
1496 }
1497
1498 blob->type = wBlobType;
1499 blob->data = NULL;
1500 if (blob->length > 0)
1501 blob->data = malloc(blob->length);
1502 if (!blob->data)
1503 {
1504 WLog_Print(log, WLOG_ERROR, "license binary blob::length=%" PRIu16 ", blob::data=%p",
1505 blob->length, blob->data);
1506 return FALSE;
1507 }
1508 memcpy(blob->data, data, blob->length); /* blobData */
1509 return TRUE;
1510}
1511
1519BOOL license_read_binary_blob(wLog* log, wStream* s, LICENSE_BLOB* blob)
1520{
1521 UINT16 wBlobType = 0;
1522 UINT16 length = 0;
1523
1524 WINPR_ASSERT(blob);
1525
1526 if (!license_check_stream_length(log, s, 4, "license binary blob::type"))
1527 return FALSE;
1528
1529 Stream_Read_UINT16(s, wBlobType); /* wBlobType (2 bytes) */
1530 Stream_Read_UINT16(s, length); /* wBlobLen (2 bytes) */
1531
1532 if (!license_check_stream_length(log, s, length, "license binary blob::length"))
1533 return FALSE;
1534
1535 if (!license_read_binary_blob_data(log, blob, wBlobType, Stream_Pointer(s), length))
1536 return FALSE;
1537
1538 return Stream_SafeSeek(s, length);
1539}
1540
1548BOOL license_write_binary_blob(wStream* s, const LICENSE_BLOB* blob)
1549{
1550 WINPR_ASSERT(blob);
1551
1552 if (!Stream_EnsureRemainingCapacity(s, blob->length + 4))
1553 return FALSE;
1554
1555 Stream_Write_UINT16(s, blob->type); /* wBlobType (2 bytes) */
1556 Stream_Write_UINT16(s, blob->length); /* wBlobLen (2 bytes) */
1557
1558 if (blob->length > 0)
1559 Stream_Write(s, blob->data, blob->length); /* blobData */
1560 return TRUE;
1561}
1562
1563static BOOL license_write_encrypted_premaster_secret_blob(wLog* log, wStream* s,
1564 const LICENSE_BLOB* blob,
1565 UINT32 ModulusLength)
1566{
1567 const UINT32 length = ModulusLength + 8;
1568
1569 WINPR_ASSERT(blob);
1570 WINPR_ASSERT(length <= UINT16_MAX);
1571
1572 if (blob->length > ModulusLength)
1573 {
1574 WLog_Print(log, WLOG_ERROR, "invalid blob");
1575 return FALSE;
1576 }
1577
1578 if (!Stream_EnsureRemainingCapacity(s, length + 4))
1579 return FALSE;
1580 Stream_Write_UINT16(s, blob->type); /* wBlobType (2 bytes) */
1581 Stream_Write_UINT16(s, (UINT16)length); /* wBlobLen (2 bytes) */
1582
1583 if (blob->length > 0)
1584 Stream_Write(s, blob->data, blob->length); /* blobData */
1585
1586 Stream_Zero(s, length - blob->length);
1587 return TRUE;
1588}
1589
1590static BOOL license_read_encrypted_premaster_secret_blob(wLog* log, wStream* s, LICENSE_BLOB* blob,
1591 UINT32* ModulusLength)
1592{
1593 if (!license_read_binary_blob(log, s, blob))
1594 return FALSE;
1595 WINPR_ASSERT(ModulusLength);
1596 *ModulusLength = blob->length;
1597 return TRUE;
1598}
1599
1606LICENSE_BLOB* license_new_binary_blob(UINT16 type)
1607{
1608 LICENSE_BLOB* blob = (LICENSE_BLOB*)calloc(1, sizeof(LICENSE_BLOB));
1609 if (blob)
1610 blob->type = type;
1611 return blob;
1612}
1613
1620void license_free_binary_blob(LICENSE_BLOB* blob)
1621{
1622 if (blob)
1623 {
1624 free(blob->data);
1625 free(blob);
1626 }
1627}
1628
1636BOOL license_read_scope_list(wLog* log, wStream* s, SCOPE_LIST* scopeList)
1637{
1638 UINT32 scopeCount = 0;
1639
1640 WINPR_ASSERT(scopeList);
1641
1642 if (!license_check_stream_length(log, s, 4, "license scope list"))
1643 return FALSE;
1644
1645 Stream_Read_UINT32(s, scopeCount); /* ScopeCount (4 bytes) */
1646
1647 if (!license_check_stream_length(log, s, 4ll * scopeCount, "license scope list::count"))
1648 return FALSE;
1649
1650 if (!license_scope_list_resize(scopeList, scopeCount))
1651 return FALSE;
1652 /* ScopeArray */
1653 for (UINT32 i = 0; i < scopeCount; i++)
1654 {
1655 if (!license_read_binary_blob(log, s, scopeList->array[i]))
1656 return FALSE;
1657 }
1658
1659 return TRUE;
1660}
1661
1662BOOL license_write_scope_list(wLog* log, wStream* s, const SCOPE_LIST* scopeList)
1663{
1664 WINPR_ASSERT(scopeList);
1665
1666 if (!license_check_stream_capacity(log, s, 4, "license scope list"))
1667 return FALSE;
1668
1669 Stream_Write_UINT32(s, scopeList->count); /* ScopeCount (4 bytes) */
1670
1671 if (!license_check_stream_capacity(log, s, scopeList->count * 4ull,
1672 "license scope list::count"))
1673 return FALSE;
1674
1675 /* ScopeArray */
1676 WINPR_ASSERT(scopeList->array || (scopeList->count == 0));
1677 for (UINT32 i = 0; i < scopeList->count; i++)
1678 {
1679 const LICENSE_BLOB* element = scopeList->array[i];
1680
1681 if (!license_write_binary_blob(s, element))
1682 return FALSE;
1683 }
1684
1685 return TRUE;
1686}
1687
1694SCOPE_LIST* license_new_scope_list(void)
1695{
1696 SCOPE_LIST* list = calloc(1, sizeof(SCOPE_LIST));
1697 return list;
1698}
1699
1700BOOL license_scope_list_resize(SCOPE_LIST* scopeList, UINT32 count)
1701{
1702 WINPR_ASSERT(scopeList);
1703 WINPR_ASSERT(scopeList->array || (scopeList->count == 0));
1704
1705 for (UINT32 x = count; x < scopeList->count; x++)
1706 {
1707 license_free_binary_blob(scopeList->array[x]);
1708 scopeList->array[x] = NULL;
1709 }
1710
1711 if (count > 0)
1712 {
1713 LICENSE_BLOB** tmp =
1714 (LICENSE_BLOB**)realloc((void*)scopeList->array, count * sizeof(LICENSE_BLOB*));
1715 if (!tmp)
1716 return FALSE;
1717 scopeList->array = tmp;
1718 }
1719 else
1720 {
1721 free((void*)scopeList->array);
1722 scopeList->array = NULL;
1723 }
1724
1725 for (UINT32 x = scopeList->count; x < count; x++)
1726 {
1727 LICENSE_BLOB* blob = license_new_binary_blob(BB_SCOPE_BLOB);
1728 if (!blob)
1729 {
1730 scopeList->count = x;
1731 return FALSE;
1732 }
1733 scopeList->array[x] = blob;
1734 }
1735
1736 scopeList->count = count;
1737 return TRUE;
1738}
1739
1746void license_free_scope_list(SCOPE_LIST* scopeList)
1747{
1748 if (!scopeList)
1749 return;
1750
1751 license_scope_list_resize(scopeList, 0);
1752 free(scopeList);
1753}
1754
1755BOOL license_send_license_info(rdpLicense* license, const LICENSE_BLOB* calBlob,
1756 const BYTE* signature, size_t signature_length)
1757{
1758 WINPR_ASSERT(calBlob);
1759 WINPR_ASSERT(signature);
1760 WINPR_ASSERT(license->certificate);
1761
1762 const rdpCertInfo* info = freerdp_certificate_get_info(license->certificate);
1763 if (!info)
1764 return FALSE;
1765
1766 UINT16 sec_flags = 0;
1767 wStream* s = license_send_stream_init(license, &sec_flags);
1768 if (!s)
1769 return FALSE;
1770
1771 if (!license_check_stream_capacity(license->log, s, 8 + sizeof(license->ClientRandom),
1772 "license info::ClientRandom"))
1773 goto error;
1774
1775 Stream_Write_UINT32(s,
1776 license->PreferredKeyExchangeAlg); /* PreferredKeyExchangeAlg (4 bytes) */
1777 Stream_Write_UINT32(s, license->PlatformId); /* PlatformId (4 bytes) */
1778
1779 /* ClientRandom (32 bytes) */
1780 Stream_Write(s, license->ClientRandom, sizeof(license->ClientRandom));
1781
1782 /* Licensing Binary Blob with EncryptedPreMasterSecret: */
1783 if (!license_write_encrypted_premaster_secret_blob(
1784 license->log, s, license->EncryptedPremasterSecret, info->ModulusLength))
1785 goto error;
1786
1787 /* Licensing Binary Blob with LicenseInfo: */
1788 if (!license_write_binary_blob(s, calBlob))
1789 goto error;
1790
1791 /* Licensing Binary Blob with EncryptedHWID */
1792 if (!license_write_binary_blob(s, license->EncryptedHardwareId))
1793 goto error;
1794
1795 /* MACData */
1796 if (!license_check_stream_capacity(license->log, s, signature_length, "license info::MACData"))
1797 goto error;
1798 Stream_Write(s, signature, signature_length);
1799
1800 return license_send(license, s, LICENSE_INFO, sec_flags);
1801
1802error:
1803 Stream_Release(s);
1804 return FALSE;
1805}
1806
1807static BOOL license_check_preferred_alg(rdpLicense* license, UINT32 PreferredKeyExchangeAlg,
1808 const char* where)
1809{
1810 WINPR_ASSERT(license);
1811 WINPR_ASSERT(where);
1812
1813 if (license->PreferredKeyExchangeAlg != PreferredKeyExchangeAlg)
1814 {
1815 char buffer1[64] = { 0 };
1816 char buffer2[64] = { 0 };
1817 WLog_Print(license->log, WLOG_WARN, "%s::PreferredKeyExchangeAlg, expected %s, got %s",
1818 where,
1819 license_preferred_key_exchange_alg_string(license->PreferredKeyExchangeAlg,
1820 buffer1, sizeof(buffer1)),
1821 license_preferred_key_exchange_alg_string(PreferredKeyExchangeAlg, buffer2,
1822 sizeof(buffer2)));
1823 return FALSE;
1824 }
1825 return TRUE;
1826}
1827
1828BOOL license_read_license_info(rdpLicense* license, wStream* s)
1829{
1830 BOOL rc = FALSE;
1831 UINT32 PreferredKeyExchangeAlg = 0;
1832
1833 WINPR_ASSERT(license);
1834 WINPR_ASSERT(license->certificate);
1835
1836 const rdpCertInfo* info = freerdp_certificate_get_info(license->certificate);
1837 if (!info)
1838 goto error;
1839
1840 /* ClientRandom (32 bytes) */
1841 if (!license_check_stream_length(license->log, s, 8 + sizeof(license->ClientRandom),
1842 "license info"))
1843 goto error;
1844
1845 Stream_Read_UINT32(s, PreferredKeyExchangeAlg); /* PreferredKeyExchangeAlg (4 bytes) */
1846 if (!license_check_preferred_alg(license, PreferredKeyExchangeAlg, "license info"))
1847 goto error;
1848 Stream_Read_UINT32(s, license->PlatformId); /* PlatformId (4 bytes) */
1849
1850 /* ClientRandom (32 bytes) */
1851 Stream_Read(s, license->ClientRandom, sizeof(license->ClientRandom));
1852
1853 /* Licensing Binary Blob with EncryptedPreMasterSecret: */
1854 UINT32 ModulusLength = 0;
1855 if (!license_read_encrypted_premaster_secret_blob(
1856 license->log, s, license->EncryptedPremasterSecret, &ModulusLength))
1857 goto error;
1858
1859 if (ModulusLength != info->ModulusLength)
1860 {
1861 WLog_Print(license->log, WLOG_WARN,
1862 "EncryptedPremasterSecret,::ModulusLength[%" PRIu32
1863 "] != rdpCertInfo::ModulusLength[%" PRIu32 "]",
1864 ModulusLength, info->ModulusLength);
1865 goto error;
1866 }
1867 /* Licensing Binary Blob with LicenseInfo: */
1868 if (!license_read_binary_blob(license->log, s, license->LicenseInfo))
1869 goto error;
1870
1871 /* Licensing Binary Blob with EncryptedHWID */
1872 if (!license_read_binary_blob(license->log, s, license->EncryptedHardwareId))
1873 goto error;
1874
1875 /* MACData */
1876 if (!license_check_stream_length(license->log, s, sizeof(license->MACData),
1877 "license info::MACData"))
1878 goto error;
1879 Stream_Read(s, license->MACData, sizeof(license->MACData));
1880
1881 rc = TRUE;
1882
1883error:
1884 return rc;
1885}
1886
1894BOOL license_read_license_request_packet(rdpLicense* license, wStream* s)
1895{
1896 WINPR_ASSERT(license);
1897
1898 /* ServerRandom (32 bytes) */
1899 if (!license_check_stream_length(license->log, s, sizeof(license->ServerRandom),
1900 "license request"))
1901 return FALSE;
1902
1903 Stream_Read(s, license->ServerRandom, sizeof(license->ServerRandom));
1904
1905 /* ProductInfo */
1906 if (!license_read_product_info(license->log, s, license->ProductInfo))
1907 return FALSE;
1908
1909 /* KeyExchangeList */
1910 if (!license_read_binary_blob(license->log, s, license->KeyExchangeList))
1911 return FALSE;
1912
1913 /* ServerCertificate */
1914 if (!license_read_binary_blob(license->log, s, license->ServerCertificate))
1915 return FALSE;
1916
1917 /* ScopeList */
1918 if (!license_read_scope_list(license->log, s, license->ScopeList))
1919 return FALSE;
1920
1921 /* Parse Server Certificate */
1922 if (!freerdp_certificate_read_server_cert(license->certificate,
1923 license->ServerCertificate->data,
1924 license->ServerCertificate->length))
1925 return FALSE;
1926
1927 if (!license_generate_keys(license) || !license_generate_hwid(license) ||
1928 !license_encrypt_premaster_secret(license))
1929 return FALSE;
1930
1931#ifdef WITH_DEBUG_LICENSE
1932 WLog_Print(license->log, WLOG_DEBUG, "ServerRandom:");
1933 winpr_HexLogDump(license->log, WLOG_DEBUG, license->ServerRandom,
1934 sizeof(license->ServerRandom));
1935 license_print_product_info(license->log, license->ProductInfo);
1936 license_print_scope_list(license->log, license->ScopeList);
1937#endif
1938 return TRUE;
1939}
1940
1941BOOL license_write_license_request_packet(const rdpLicense* license, wStream* s)
1942{
1943 WINPR_ASSERT(license);
1944
1945 /* ServerRandom (32 bytes) */
1946 if (!license_check_stream_capacity(license->log, s, sizeof(license->ServerRandom),
1947 "license request"))
1948 return FALSE;
1949 Stream_Write(s, license->ServerRandom, sizeof(license->ServerRandom));
1950
1951 /* ProductInfo */
1952 if (!license_write_product_info(license->log, s, license->ProductInfo))
1953 return FALSE;
1954
1955 /* KeyExchangeList */
1956 if (!license_write_binary_blob(s, license->KeyExchangeList))
1957 return FALSE;
1958
1959 /* ServerCertificate */
1960 if (!license_write_binary_blob(s, license->ServerCertificate))
1961 return FALSE;
1962
1963 /* ScopeList */
1964 if (!license_write_scope_list(license->log, s, license->ScopeList))
1965 return FALSE;
1966
1967 return TRUE;
1968}
1969
1970static BOOL license_send_license_request_packet(rdpLicense* license)
1971{
1972 UINT16 sec_flags = 0;
1973 wStream* s = license_send_stream_init(license, &sec_flags);
1974 if (!s)
1975 return FALSE;
1976
1977 if (!license_write_license_request_packet(license, s))
1978 goto fail;
1979
1980 return license_send(license, s, LICENSE_REQUEST, sec_flags);
1981
1982fail:
1983 Stream_Release(s);
1984 return FALSE;
1985}
1986
1987/*
1988 * Read a PLATFORM_CHALLENGE packet.
1989 * msdn{cc241921}
1990 * @param license license module
1991 * @param s stream
1992 */
1993
1994BOOL license_read_platform_challenge_packet(rdpLicense* license, wStream* s)
1995{
1996 BYTE macData[LICENSING_ENCRYPTION_KEY_LENGTH] = { 0 };
1997
1998 WINPR_ASSERT(license);
1999
2000 DEBUG_LICENSE("Receiving Platform Challenge Packet");
2001
2002 if (!license_check_stream_length(license->log, s, 4, "license platform challenge"))
2003 return FALSE;
2004
2005 /* [MS-RDPELE] 2.2.2.4 Server Platform Challenge (SERVER_PLATFORM_CHALLENGE)
2006 * reserved field */
2007 Stream_Seek_UINT32(s); /* ConnectFlags, Reserved (4 bytes) */
2008
2009 /* EncryptedPlatformChallenge */
2010 license->EncryptedPlatformChallenge->type = BB_ANY_BLOB;
2011 if (!license_read_binary_blob(license->log, s, license->EncryptedPlatformChallenge))
2012 return FALSE;
2013 license->EncryptedPlatformChallenge->type = BB_ENCRYPTED_DATA_BLOB;
2014
2015 /* MACData (16 bytes) */
2016 if (!license_check_stream_length(license->log, s, sizeof(macData),
2017 "license platform challenge::MAC"))
2018 return FALSE;
2019
2020 Stream_Read(s, macData, sizeof(macData));
2021 if (!license_decrypt_and_check_MAC(license, license->EncryptedPlatformChallenge->data,
2022 license->EncryptedPlatformChallenge->length,
2023 license->PlatformChallenge, macData))
2024 return FALSE;
2025
2026#ifdef WITH_DEBUG_LICENSE
2027 WLog_Print(license->log, WLOG_DEBUG, "EncryptedPlatformChallenge:");
2028 winpr_HexLogDump(license->log, WLOG_DEBUG, license->EncryptedPlatformChallenge->data,
2029 license->EncryptedPlatformChallenge->length);
2030 WLog_Print(license->log, WLOG_DEBUG, "PlatformChallenge:");
2031 winpr_HexLogDump(license->log, WLOG_DEBUG, license->PlatformChallenge->data,
2032 license->PlatformChallenge->length);
2033 WLog_Print(license->log, WLOG_DEBUG, "MacData:");
2034 winpr_HexLogDump(license->log, WLOG_DEBUG, macData, sizeof(macData));
2035#endif
2036 return TRUE;
2037}
2038
2039BOOL license_send_error_alert(rdpLicense* license, UINT32 dwErrorCode, UINT32 dwStateTransition,
2040 const LICENSE_BLOB* info)
2041{
2042 UINT16 sec_flags = 0;
2043 wStream* s = license_send_stream_init(license, &sec_flags);
2044
2045 if (!s)
2046 goto fail;
2047
2048 if (!license_check_stream_capacity(license->log, s, 8, "license error alert"))
2049 goto fail;
2050 Stream_Write_UINT32(s, dwErrorCode);
2051 Stream_Write_UINT32(s, dwStateTransition);
2052
2053 if (info)
2054 {
2055 if (!license_write_binary_blob(s, info))
2056 goto fail;
2057 }
2058
2059 return license_send(license, s, ERROR_ALERT, sec_flags);
2060fail:
2061 Stream_Release(s);
2062 return FALSE;
2063}
2064
2065BOOL license_send_platform_challenge_packet(rdpLicense* license)
2066{
2067 UINT16 sec_flags = 0;
2068 wStream* s = license_send_stream_init(license, &sec_flags);
2069
2070 if (!s)
2071 goto fail;
2072
2073 DEBUG_LICENSE("Receiving Platform Challenge Packet");
2074
2075 if (!license_check_stream_capacity(license->log, s, 4, "license platform challenge"))
2076 goto fail;
2077
2078 Stream_Zero(s, 4); /* ConnectFlags, Reserved (4 bytes) */
2079
2080 /* EncryptedPlatformChallenge */
2081 if (!license_write_binary_blob(s, license->EncryptedPlatformChallenge))
2082 goto fail;
2083
2084 /* MACData (16 bytes) */
2085 if (!license_check_stream_length(license->log, s, sizeof(license->MACData),
2086 "license platform challenge::MAC"))
2087 goto fail;
2088
2089 Stream_Write(s, license->MACData, sizeof(license->MACData));
2090
2091 return license_send(license, s, PLATFORM_CHALLENGE, sec_flags);
2092fail:
2093 Stream_Release(s);
2094 return FALSE;
2095}
2096
2097static BOOL license_read_encrypted_blob(const rdpLicense* license, wStream* s, LICENSE_BLOB* target)
2098{
2099 UINT16 wBlobType = 0;
2100 UINT16 wBlobLen = 0;
2101
2102 WINPR_ASSERT(license);
2103 WINPR_ASSERT(target);
2104
2105 if (!license_check_stream_length(license->log, s, 4, "license encrypted blob"))
2106 return FALSE;
2107
2108 Stream_Read_UINT16(s, wBlobType);
2109 if (wBlobType != BB_ENCRYPTED_DATA_BLOB)
2110 {
2111 WLog_Print(
2112 license->log, WLOG_WARN,
2113 "expecting BB_ENCRYPTED_DATA_BLOB blob, probably a windows 2003 server, continuing...");
2114 }
2115
2116 Stream_Read_UINT16(s, wBlobLen);
2117
2118 BYTE* encryptedData = Stream_Pointer(s);
2119 if (!Stream_SafeSeek(s, wBlobLen))
2120 {
2121 WLog_Print(license->log, WLOG_WARN,
2122 "short license encrypted blob::length, expected %" PRIu16 " bytes, got %" PRIuz,
2123 wBlobLen, Stream_GetRemainingLength(s));
2124 return FALSE;
2125 }
2126
2127 return license_rc4_with_licenseKey(license, encryptedData, wBlobLen, target);
2128}
2129
2137BOOL license_read_new_or_upgrade_license_packet(rdpLicense* license, wStream* s)
2138{
2139 UINT32 os_major = 0;
2140 UINT32 os_minor = 0;
2141 UINT32 cbScope = 0;
2142 UINT32 cbCompanyName = 0;
2143 UINT32 cbProductId = 0;
2144 UINT32 cbLicenseInfo = 0;
2145 wStream sbuffer = { 0 };
2146 wStream* licenseStream = NULL;
2147 BOOL ret = FALSE;
2148 BYTE computedMac[16] = { 0 };
2149 const BYTE* readMac = NULL;
2150
2151 WINPR_ASSERT(license);
2152
2153 DEBUG_LICENSE("Receiving Server New/Upgrade License Packet");
2154
2155 LICENSE_BLOB* calBlob = license_new_binary_blob(BB_DATA_BLOB);
2156 if (!calBlob)
2157 return FALSE;
2158
2159 /* EncryptedLicenseInfo */
2160 if (!license_read_encrypted_blob(license, s, calBlob))
2161 goto fail;
2162
2163 /* compute MAC and check it */
2164 readMac = Stream_Pointer(s);
2165 if (!Stream_SafeSeek(s, sizeof(computedMac)))
2166 {
2167 WLog_Print(license->log, WLOG_WARN,
2168 "short license new/upgrade, expected 16 bytes, got %" PRIuz,
2169 Stream_GetRemainingLength(s));
2170 goto fail;
2171 }
2172
2173 if (!security_mac_data(license->MacSaltKey, sizeof(license->MacSaltKey), calBlob->data,
2174 calBlob->length, computedMac, sizeof(computedMac)))
2175 goto fail;
2176
2177 if (memcmp(computedMac, readMac, sizeof(computedMac)) != 0)
2178 {
2179 WLog_Print(license->log, WLOG_ERROR, "new or upgrade license MAC mismatch");
2180 goto fail;
2181 }
2182
2183 licenseStream = Stream_StaticConstInit(&sbuffer, calBlob->data, calBlob->length);
2184 if (!licenseStream)
2185 {
2186 WLog_Print(license->log, WLOG_ERROR,
2187 "license::blob::data=%p, license::blob::length=%" PRIu16, calBlob->data,
2188 calBlob->length);
2189 goto fail;
2190 }
2191
2192 if (!license_check_stream_length(license->log, licenseStream, 8,
2193 "license new/upgrade::blob::version"))
2194 goto fail;
2195
2196 Stream_Read_UINT16(licenseStream, os_minor);
2197 Stream_Read_UINT16(licenseStream, os_major);
2198
2199 WLog_Print(license->log, WLOG_DEBUG, "Version: %" PRIu16 ".%" PRIu16, os_major, os_minor);
2200
2201 /* Scope */
2202 Stream_Read_UINT32(licenseStream, cbScope);
2203 if (!license_check_stream_length(license->log, licenseStream, cbScope,
2204 "license new/upgrade::blob::scope"))
2205 goto fail;
2206
2207#ifdef WITH_DEBUG_LICENSE
2208 WLog_Print(license->log, WLOG_DEBUG, "Scope:");
2209 winpr_HexLogDump(license->log, WLOG_DEBUG, Stream_Pointer(licenseStream), cbScope);
2210#endif
2211 Stream_Seek(licenseStream, cbScope);
2212
2213 /* CompanyName */
2214 if (!license_check_stream_length(license->log, licenseStream, 4,
2215 "license new/upgrade::blob::cbCompanyName"))
2216 goto fail;
2217
2218 Stream_Read_UINT32(licenseStream, cbCompanyName);
2219 if (!license_check_stream_length(license->log, licenseStream, cbCompanyName,
2220 "license new/upgrade::blob::CompanyName"))
2221 goto fail;
2222
2223#ifdef WITH_DEBUG_LICENSE
2224 WLog_Print(license->log, WLOG_DEBUG, "Company name:");
2225 winpr_HexLogDump(license->log, WLOG_DEBUG, Stream_Pointer(licenseStream), cbCompanyName);
2226#endif
2227 Stream_Seek(licenseStream, cbCompanyName);
2228
2229 /* productId */
2230 if (!license_check_stream_length(license->log, licenseStream, 4,
2231 "license new/upgrade::blob::cbProductId"))
2232 goto fail;
2233
2234 Stream_Read_UINT32(licenseStream, cbProductId);
2235
2236 if (!license_check_stream_length(license->log, licenseStream, cbProductId,
2237 "license new/upgrade::blob::ProductId"))
2238 goto fail;
2239
2240#ifdef WITH_DEBUG_LICENSE
2241 WLog_Print(license->log, WLOG_DEBUG, "Product id:");
2242 winpr_HexLogDump(license->log, WLOG_DEBUG, Stream_Pointer(licenseStream), cbProductId);
2243#endif
2244 Stream_Seek(licenseStream, cbProductId);
2245
2246 /* licenseInfo */
2247 if (!license_check_stream_length(license->log, licenseStream, 4,
2248 "license new/upgrade::blob::cbLicenseInfo"))
2249 goto fail;
2250
2251 Stream_Read_UINT32(licenseStream, cbLicenseInfo);
2252 if (!license_check_stream_length(license->log, licenseStream, cbLicenseInfo,
2253 "license new/upgrade::blob::LicenseInfo"))
2254 goto fail;
2255
2256 license->type = LICENSE_TYPE_ISSUED;
2257 ret = license_set_state(license, LICENSE_STATE_COMPLETED);
2258
2259 if (!license->rdp->settings->OldLicenseBehaviour)
2260 ret = saveCal(license->log, license->rdp->settings, Stream_Pointer(licenseStream),
2261 cbLicenseInfo, license->rdp->settings->ClientHostname);
2262
2263fail:
2264 license_free_binary_blob(calBlob);
2265 return ret;
2266}
2267
2275BOOL license_read_error_alert_packet(rdpLicense* license, wStream* s)
2276{
2277 UINT32 dwErrorCode = 0;
2278 UINT32 dwStateTransition = 0;
2279
2280 WINPR_ASSERT(license);
2281 WINPR_ASSERT(license->rdp);
2282
2283 if (!license_check_stream_length(license->log, s, 8ul, "error alert"))
2284 return FALSE;
2285
2286 Stream_Read_UINT32(s, dwErrorCode); /* dwErrorCode (4 bytes) */
2287 Stream_Read_UINT32(s, dwStateTransition); /* dwStateTransition (4 bytes) */
2288
2289 if (!license_read_binary_blob(license->log, s, license->ErrorInfo)) /* bbErrorInfo */
2290 return FALSE;
2291
2292#ifdef WITH_DEBUG_LICENSE
2293 WLog_Print(license->log, WLOG_DEBUG, "dwErrorCode: %s, dwStateTransition: %s",
2294 error_codes[dwErrorCode], state_transitions[dwStateTransition]);
2295#endif
2296
2297 if (dwErrorCode == STATUS_VALID_CLIENT)
2298 {
2299 license->type = LICENSE_TYPE_NONE;
2300 return license_set_state(license, LICENSE_STATE_COMPLETED);
2301 }
2302
2303 switch (dwStateTransition)
2304 {
2305 case ST_TOTAL_ABORT:
2306 license_set_state(license, LICENSE_STATE_ABORTED);
2307 break;
2308 case ST_NO_TRANSITION:
2309 license_set_state(license, LICENSE_STATE_COMPLETED);
2310 break;
2311 case ST_RESET_PHASE_TO_START:
2312 license_set_state(license, LICENSE_STATE_CONFIGURED);
2313 break;
2314 case ST_RESEND_LAST_MESSAGE:
2315 break;
2316 default:
2317 break;
2318 }
2319
2320 return TRUE;
2321}
2322
2330BOOL license_write_new_license_request_packet(const rdpLicense* license, wStream* s)
2331{
2332 WINPR_ASSERT(license);
2333
2334 const rdpCertInfo* info = freerdp_certificate_get_info(license->certificate);
2335 if (!info)
2336 return FALSE;
2337
2338 if (!license_check_stream_capacity(license->log, s, 8 + sizeof(license->ClientRandom),
2339 "License Request"))
2340 return FALSE;
2341
2342 Stream_Write_UINT32(s,
2343 license->PreferredKeyExchangeAlg); /* PreferredKeyExchangeAlg (4 bytes) */
2344 Stream_Write_UINT32(s, license->PlatformId); /* PlatformId (4 bytes) */
2345 Stream_Write(s, license->ClientRandom,
2346 sizeof(license->ClientRandom)); /* ClientRandom (32 bytes) */
2347
2348 if (/* EncryptedPremasterSecret */
2349 !license_write_encrypted_premaster_secret_blob(
2350 license->log, s, license->EncryptedPremasterSecret, info->ModulusLength) ||
2351 /* ClientUserName */
2352 !license_write_binary_blob(s, license->ClientUserName) ||
2353 /* ClientMachineName */
2354 !license_write_binary_blob(s, license->ClientMachineName))
2355 {
2356 return FALSE;
2357 }
2358
2359#ifdef WITH_DEBUG_LICENSE
2360 WLog_Print(license->log, WLOG_DEBUG, "PreferredKeyExchangeAlg: 0x%08" PRIX32 "",
2361 license->PreferredKeyExchangeAlg);
2362 WLog_Print(license->log, WLOG_DEBUG, "ClientRandom:");
2363 winpr_HexLogDump(license->log, WLOG_DEBUG, license->ClientRandom,
2364 sizeof(license->ClientRandom));
2365 WLog_Print(license->log, WLOG_DEBUG, "EncryptedPremasterSecret");
2366 winpr_HexLogDump(license->log, WLOG_DEBUG, license->EncryptedPremasterSecret->data,
2367 license->EncryptedPremasterSecret->length);
2368 WLog_Print(license->log, WLOG_DEBUG, "ClientUserName (%" PRIu16 "): %s",
2369 license->ClientUserName->length, (char*)license->ClientUserName->data);
2370 WLog_Print(license->log, WLOG_DEBUG, "ClientMachineName (%" PRIu16 "): %s",
2371 license->ClientMachineName->length, (char*)license->ClientMachineName->data);
2372#endif
2373 return TRUE;
2374}
2375
2376BOOL license_read_new_license_request_packet(rdpLicense* license, wStream* s)
2377{
2378 UINT32 PreferredKeyExchangeAlg = 0;
2379
2380 WINPR_ASSERT(license);
2381
2382 if (!license_check_stream_length(license->log, s, 8ull + sizeof(license->ClientRandom),
2383 "new license request"))
2384 return FALSE;
2385
2386 Stream_Read_UINT32(s, PreferredKeyExchangeAlg); /* PreferredKeyExchangeAlg (4 bytes) */
2387 if (!license_check_preferred_alg(license, PreferredKeyExchangeAlg, "new license request"))
2388 return FALSE;
2389
2390 Stream_Read_UINT32(s, license->PlatformId); /* PlatformId (4 bytes) */
2391 Stream_Read(s, license->ClientRandom,
2392 sizeof(license->ClientRandom)); /* ClientRandom (32 bytes) */
2393
2394 /* EncryptedPremasterSecret */
2395 UINT32 ModulusLength = 0;
2396 if (!license_read_encrypted_premaster_secret_blob(
2397 license->log, s, license->EncryptedPremasterSecret, &ModulusLength))
2398 return FALSE;
2399
2400 const rdpCertInfo* info = freerdp_certificate_get_info(license->certificate);
2401 if (!info)
2402 WLog_Print(license->log, WLOG_WARN,
2403 "Missing license certificate, skipping ModulusLength checks");
2404 else if (ModulusLength != info->ModulusLength)
2405 {
2406 WLog_Print(license->log, WLOG_WARN,
2407 "EncryptedPremasterSecret expected to be %" PRIu32 " bytes, but read %" PRIu32
2408 " bytes",
2409 info->ModulusLength, ModulusLength);
2410 return FALSE;
2411 }
2412
2413 /* ClientUserName */
2414 if (!license_read_binary_blob(license->log, s, license->ClientUserName))
2415 return FALSE;
2416 /* ClientMachineName */
2417 if (!license_read_binary_blob(license->log, s, license->ClientMachineName))
2418 return FALSE;
2419
2420 return TRUE;
2421}
2422
2429BOOL license_answer_license_request(rdpLicense* license)
2430{
2431 UINT16 sec_flags = 0;
2432 wStream* s = NULL;
2433 BYTE* license_data = NULL;
2434 size_t license_size = 0;
2435 BOOL status = 0;
2436 char* username = NULL;
2437
2438 WINPR_ASSERT(license);
2439 WINPR_ASSERT(license->rdp);
2440 WINPR_ASSERT(license->rdp->settings);
2441
2442 if (!license->rdp->settings->OldLicenseBehaviour)
2443 license_data = loadCalFile(license->log, license->rdp->settings,
2444 license->rdp->settings->ClientHostname, &license_size);
2445
2446 if (license_data)
2447 {
2448 LICENSE_BLOB* calBlob = NULL;
2449 BYTE signature[LICENSING_ENCRYPTION_KEY_LENGTH] = { 0 };
2450
2451 DEBUG_LICENSE("Sending Saved License Packet");
2452
2453 WINPR_ASSERT(license->EncryptedHardwareId);
2454 license->EncryptedHardwareId->type = BB_ENCRYPTED_DATA_BLOB;
2455 if (!license_encrypt_and_MAC(license, license->HardwareId, sizeof(license->HardwareId),
2456 license->EncryptedHardwareId, signature, sizeof(signature)))
2457 {
2458 free(license_data);
2459 return FALSE;
2460 }
2461
2462 calBlob = license_new_binary_blob(BB_DATA_BLOB);
2463 if (!calBlob)
2464 {
2465 free(license_data);
2466 return FALSE;
2467 }
2468 calBlob->data = license_data;
2469 WINPR_ASSERT(license_size <= UINT16_MAX);
2470 calBlob->length = (UINT16)license_size;
2471
2472 status = license_send_license_info(license, calBlob, signature, sizeof(signature));
2473 license_free_binary_blob(calBlob);
2474
2475 return status;
2476 }
2477
2478 DEBUG_LICENSE("Sending New License Packet");
2479
2480 s = license_send_stream_init(license, &sec_flags);
2481 if (!s)
2482 return FALSE;
2483 if (license->rdp->settings->Username != NULL)
2484 username = license->rdp->settings->Username;
2485 else
2486 username = "username";
2487
2488 {
2489 WINPR_ASSERT(license->ClientUserName);
2490 const size_t len = strlen(username) + 1;
2491 WINPR_ASSERT(len <= UINT16_MAX);
2492
2493 license->ClientUserName->data = (BYTE*)username;
2494 license->ClientUserName->length = (UINT16)len;
2495 }
2496
2497 {
2498 WINPR_ASSERT(license->ClientMachineName);
2499 const size_t len = strlen(license->rdp->settings->ClientHostname) + 1;
2500 WINPR_ASSERT(len <= UINT16_MAX);
2501
2502 license->ClientMachineName->data = (BYTE*)license->rdp->settings->ClientHostname;
2503 license->ClientMachineName->length = (UINT16)len;
2504 }
2505 status = license_write_new_license_request_packet(license, s);
2506
2507 WINPR_ASSERT(license->ClientUserName);
2508 license->ClientUserName->data = NULL;
2509 license->ClientUserName->length = 0;
2510
2511 WINPR_ASSERT(license->ClientMachineName);
2512 license->ClientMachineName->data = NULL;
2513 license->ClientMachineName->length = 0;
2514
2515 if (!status)
2516 {
2517 Stream_Release(s);
2518 return FALSE;
2519 }
2520
2521 return license_send(license, s, NEW_LICENSE_REQUEST, sec_flags);
2522}
2523
2530BOOL license_send_platform_challenge_response(rdpLicense* license)
2531{
2532 wStream* challengeRespData = NULL;
2533 BYTE* buffer = NULL;
2534 BOOL status = 0;
2535
2536 WINPR_ASSERT(license);
2537 WINPR_ASSERT(license->PlatformChallenge);
2538 WINPR_ASSERT(license->MacSaltKey);
2539 WINPR_ASSERT(license->EncryptedPlatformChallenge);
2540 WINPR_ASSERT(license->EncryptedHardwareId);
2541
2542 DEBUG_LICENSE("Sending Platform Challenge Response Packet");
2543
2544 license->EncryptedPlatformChallenge->type = BB_DATA_BLOB;
2545
2546 /* prepare the PLATFORM_CHALLENGE_RESPONSE_DATA */
2547 challengeRespData = Stream_New(NULL, 8 + license->PlatformChallenge->length);
2548 if (!challengeRespData)
2549 return FALSE;
2550 Stream_Write_UINT16(challengeRespData, PLATFORM_CHALLENGE_RESPONSE_VERSION); /* wVersion */
2551 Stream_Write_UINT16(challengeRespData, license->ClientType); /* wClientType */
2552 Stream_Write_UINT16(challengeRespData, license->LicenseDetailLevel); /* wLicenseDetailLevel */
2553 Stream_Write_UINT16(challengeRespData, license->PlatformChallenge->length); /* cbChallenge */
2554 Stream_Write(challengeRespData, license->PlatformChallenge->data,
2555 license->PlatformChallenge->length); /* pbChallenge */
2556 Stream_SealLength(challengeRespData);
2557
2558 /* compute MAC of PLATFORM_CHALLENGE_RESPONSE_DATA + HWID */
2559 const size_t length = Stream_Length(challengeRespData) + sizeof(license->HardwareId);
2560 buffer = (BYTE*)malloc(length);
2561 if (!buffer)
2562 {
2563 Stream_Free(challengeRespData, TRUE);
2564 return FALSE;
2565 }
2566
2567 CopyMemory(buffer, Stream_Buffer(challengeRespData), Stream_Length(challengeRespData));
2568 CopyMemory(&buffer[Stream_Length(challengeRespData)], license->HardwareId,
2569 sizeof(license->HardwareId));
2570 status = security_mac_data(license->MacSaltKey, sizeof(license->MacSaltKey), buffer, length,
2571 license->MACData, sizeof(license->MACData));
2572 free(buffer);
2573
2574 if (!status)
2575 {
2576 Stream_Free(challengeRespData, TRUE);
2577 return FALSE;
2578 }
2579
2580 license->EncryptedHardwareId->type = BB_ENCRYPTED_DATA_BLOB;
2581 if (!license_rc4_with_licenseKey(license, license->HardwareId, sizeof(license->HardwareId),
2582 license->EncryptedHardwareId))
2583 {
2584 Stream_Free(challengeRespData, TRUE);
2585 return FALSE;
2586 }
2587
2588 status = license_rc4_with_licenseKey(license, Stream_Buffer(challengeRespData),
2589 Stream_Length(challengeRespData),
2590 license->EncryptedPlatformChallengeResponse);
2591 Stream_Free(challengeRespData, TRUE);
2592 if (!status)
2593 return FALSE;
2594
2595#ifdef WITH_DEBUG_LICENSE
2596 WLog_Print(license->log, WLOG_DEBUG, "LicensingEncryptionKey:");
2597 winpr_HexLogDump(license->log, WLOG_DEBUG, license->LicensingEncryptionKey, 16);
2598 WLog_Print(license->log, WLOG_DEBUG, "HardwareId:");
2599 winpr_HexLogDump(license->log, WLOG_DEBUG, license->HardwareId, sizeof(license->HardwareId));
2600 WLog_Print(license->log, WLOG_DEBUG, "EncryptedHardwareId:");
2601 winpr_HexLogDump(license->log, WLOG_DEBUG, license->EncryptedHardwareId->data,
2602 license->EncryptedHardwareId->length);
2603#endif
2604 UINT16 sec_flags = 0;
2605 wStream* s = license_send_stream_init(license, &sec_flags);
2606 if (!s)
2607 return FALSE;
2608
2609 if (license_write_client_platform_challenge_response(license, s))
2610 return license_send(license, s, PLATFORM_CHALLENGE_RESPONSE, sec_flags);
2611
2612 Stream_Release(s);
2613 return FALSE;
2614}
2615
2616BOOL license_read_platform_challenge_response(WINPR_ATTR_UNUSED rdpLicense* license)
2617{
2618 WINPR_ASSERT(license);
2619 WINPR_ASSERT(license->PlatformChallenge);
2620 WINPR_ASSERT(license->MacSaltKey);
2621 WINPR_ASSERT(license->EncryptedPlatformChallenge);
2622 WINPR_ASSERT(license->EncryptedHardwareId);
2623
2624 DEBUG_LICENSE("Receiving Platform Challenge Response Packet");
2625
2626#if defined(WITH_LICENSE_DECRYPT_CHALLENGE_RESPONSE)
2627 BOOL rc = FALSE;
2628 LICENSE_BLOB* dblob = license_new_binary_blob(BB_ANY_BLOB);
2629 if (!dblob)
2630 return FALSE;
2631
2632 wStream sbuffer = { 0 };
2633 UINT16 wVersion = 0;
2634 UINT16 cbChallenge = 0;
2635 const BYTE* pbChallenge = NULL;
2636 LICENSE_BLOB* blob = license->EncryptedPlatformChallengeResponse;
2637
2638 if (!license_rc4_with_licenseKey(license, blob->data, blob->length, dblob))
2639 goto fail;
2640
2641 wStream* s = Stream_StaticConstInit(&sbuffer, dblob->data, dblob->length);
2642 if (!license_check_stream_length(s, 8, "PLATFORM_CHALLENGE_RESPONSE_DATA"))
2643 goto fail;
2644
2645 Stream_Read_UINT16(s, wVersion);
2646 if (wVersion != PLATFORM_CHALLENGE_RESPONSE_VERSION)
2647 {
2648 WLog_Print(license->log, WLOG_WARN,
2649 "Invalid PLATFORM_CHALLENGE_RESPONSE_DATA::wVersion 0x%04" PRIx16
2650 ", expected 0x04" PRIx16,
2651 wVersion, PLATFORM_CHALLENGE_RESPONSE_VERSION);
2652 goto fail;
2653 }
2654 Stream_Read_UINT16(s, license->ClientType);
2655 Stream_Read_UINT16(s, license->LicenseDetailLevel);
2656 Stream_Read_UINT16(s, cbChallenge);
2657
2658 if (!license_check_stream_length(s, cbChallenge,
2659 "PLATFORM_CHALLENGE_RESPONSE_DATA::pbChallenge"))
2660 goto fail;
2661
2662 pbChallenge = Stream_Pointer(s);
2663 if (!license_read_binary_blob_data(license->PlatformChallengeResponse, BB_DATA_BLOB,
2664 pbChallenge, cbChallenge))
2665 goto fail;
2666 if (!Stream_SafeSeek(s, cbChallenge))
2667 goto fail;
2668
2669 rc = TRUE;
2670fail:
2671 license_free_binary_blob(dblob);
2672 return rc;
2673#else
2674 return TRUE;
2675#endif
2676}
2677
2678BOOL license_write_client_platform_challenge_response(rdpLicense* license, wStream* s)
2679{
2680 WINPR_ASSERT(license);
2681
2682 if (!license_write_binary_blob(s, license->EncryptedPlatformChallengeResponse))
2683 return FALSE;
2684 if (!license_write_binary_blob(s, license->EncryptedHardwareId))
2685 return FALSE;
2686 if (!license_check_stream_capacity(license->log, s, sizeof(license->MACData),
2687 "CLIENT_PLATFORM_CHALLENGE_RESPONSE::MACData"))
2688 return FALSE;
2689 Stream_Write(s, license->MACData, sizeof(license->MACData));
2690 return TRUE;
2691}
2692
2693BOOL license_read_client_platform_challenge_response(rdpLicense* license, wStream* s)
2694{
2695 WINPR_ASSERT(license);
2696
2697 if (!license_read_binary_blob(license->log, s, license->EncryptedPlatformChallengeResponse))
2698 return FALSE;
2699 if (!license_read_binary_blob(license->log, s, license->EncryptedHardwareId))
2700 return FALSE;
2701 if (!license_check_stream_length(license->log, s, sizeof(license->MACData),
2702 "CLIENT_PLATFORM_CHALLENGE_RESPONSE::MACData"))
2703 return FALSE;
2704 Stream_Read(s, license->MACData, sizeof(license->MACData));
2705 return license_read_platform_challenge_response(license);
2706}
2707
2717BOOL license_send_valid_client_error_packet(rdpRdp* rdp)
2718{
2719 WINPR_ASSERT(rdp);
2720 rdpLicense* license = rdp->license;
2721 WINPR_ASSERT(license);
2722
2723 license->state = LICENSE_STATE_COMPLETED;
2724 license->type = LICENSE_TYPE_NONE;
2725 return license_send_error_alert(license, STATUS_VALID_CLIENT, ST_NO_TRANSITION,
2726 license->ErrorInfo);
2727}
2728
2735rdpLicense* license_new(rdpRdp* rdp)
2736{
2737 WINPR_ASSERT(rdp);
2738
2739 rdpLicense* license = (rdpLicense*)calloc(1, sizeof(rdpLicense));
2740 if (!license)
2741 return NULL;
2742 license->log = WLog_Get(LICENSE_TAG);
2743 WINPR_ASSERT(license->log);
2744
2745 license->PlatformId = PLATFORMID;
2746 license->ClientType = OTHER_PLATFORM_CHALLENGE_TYPE;
2747 license->LicenseDetailLevel = LICENSE_DETAIL_DETAIL;
2748 license->PreferredKeyExchangeAlg = KEY_EXCHANGE_ALG_RSA;
2749 license->rdp = rdp;
2750
2751 license_set_state(license, LICENSE_STATE_INITIAL);
2752 if (!(license->certificate = freerdp_certificate_new()))
2753 goto out_error;
2754 if (!(license->ProductInfo = license_new_product_info()))
2755 goto out_error;
2756 if (!(license->ErrorInfo = license_new_binary_blob(BB_ERROR_BLOB)))
2757 goto out_error;
2758 if (!(license->LicenseInfo = license_new_binary_blob(BB_DATA_BLOB)))
2759 goto out_error;
2760 if (!(license->KeyExchangeList = license_new_binary_blob(BB_KEY_EXCHG_ALG_BLOB)))
2761 goto out_error;
2762 if (!(license->ServerCertificate = license_new_binary_blob(BB_CERTIFICATE_BLOB)))
2763 goto out_error;
2764 if (!(license->ClientUserName = license_new_binary_blob(BB_CLIENT_USER_NAME_BLOB)))
2765 goto out_error;
2766 if (!(license->ClientMachineName = license_new_binary_blob(BB_CLIENT_MACHINE_NAME_BLOB)))
2767 goto out_error;
2768 if (!(license->PlatformChallenge = license_new_binary_blob(BB_ANY_BLOB)))
2769 goto out_error;
2770 if (!(license->PlatformChallengeResponse = license_new_binary_blob(BB_ANY_BLOB)))
2771 goto out_error;
2772 if (!(license->EncryptedPlatformChallenge = license_new_binary_blob(BB_ANY_BLOB)))
2773 goto out_error;
2774 if (!(license->EncryptedPlatformChallengeResponse =
2775 license_new_binary_blob(BB_ENCRYPTED_DATA_BLOB)))
2776 goto out_error;
2777 if (!(license->EncryptedPremasterSecret = license_new_binary_blob(BB_ANY_BLOB)))
2778 goto out_error;
2779 if (!(license->EncryptedHardwareId = license_new_binary_blob(BB_ENCRYPTED_DATA_BLOB)))
2780 goto out_error;
2781 if (!(license->EncryptedLicenseInfo = license_new_binary_blob(BB_ENCRYPTED_DATA_BLOB)))
2782 goto out_error;
2783 if (!(license->ScopeList = license_new_scope_list()))
2784 goto out_error;
2785
2786 license_generate_randoms(license);
2787
2788 return license;
2789
2790out_error:
2791 WINPR_PRAGMA_DIAG_PUSH
2792 WINPR_PRAGMA_DIAG_IGNORED_MISMATCHED_DEALLOC
2793 license_free(license);
2794 WINPR_PRAGMA_DIAG_POP
2795 return NULL;
2796}
2797
2803void license_free(rdpLicense* license)
2804{
2805 if (license)
2806 {
2807 freerdp_certificate_free(license->certificate);
2808 license_free_product_info(license->ProductInfo);
2809 license_free_binary_blob(license->ErrorInfo);
2810 license_free_binary_blob(license->LicenseInfo);
2811 license_free_binary_blob(license->KeyExchangeList);
2812 license_free_binary_blob(license->ServerCertificate);
2813 license_free_binary_blob(license->ClientUserName);
2814 license_free_binary_blob(license->ClientMachineName);
2815 license_free_binary_blob(license->PlatformChallenge);
2816 license_free_binary_blob(license->PlatformChallengeResponse);
2817 license_free_binary_blob(license->EncryptedPlatformChallenge);
2818 license_free_binary_blob(license->EncryptedPlatformChallengeResponse);
2819 license_free_binary_blob(license->EncryptedPremasterSecret);
2820 license_free_binary_blob(license->EncryptedHardwareId);
2821 license_free_binary_blob(license->EncryptedLicenseInfo);
2822 license_free_scope_list(license->ScopeList);
2823 free(license);
2824 }
2825}
2826
2827LICENSE_STATE license_get_state(const rdpLicense* license)
2828{
2829 WINPR_ASSERT(license);
2830 return license->state;
2831}
2832
2833LICENSE_TYPE license_get_type(const rdpLicense* license)
2834{
2835 WINPR_ASSERT(license);
2836 return license->type;
2837}
2838
2839BOOL license_set_state(rdpLicense* license, LICENSE_STATE state)
2840{
2841 WINPR_ASSERT(license);
2842 license->state = state;
2843 switch (state)
2844 {
2845 case LICENSE_STATE_COMPLETED:
2846 break;
2847 case LICENSE_STATE_ABORTED:
2848 default:
2849 license->type = LICENSE_TYPE_INVALID;
2850 break;
2851 }
2852
2853 return TRUE;
2854}
2855
2856const char* license_get_state_string(LICENSE_STATE state)
2857{
2858 switch (state)
2859 {
2860 case LICENSE_STATE_INITIAL:
2861 return "LICENSE_STATE_INITIAL";
2862 case LICENSE_STATE_CONFIGURED:
2863 return "LICENSE_STATE_CONFIGURED";
2864 case LICENSE_STATE_REQUEST:
2865 return "LICENSE_STATE_REQUEST";
2866 case LICENSE_STATE_NEW_REQUEST:
2867 return "LICENSE_STATE_NEW_REQUEST";
2868 case LICENSE_STATE_PLATFORM_CHALLENGE:
2869 return "LICENSE_STATE_PLATFORM_CHALLENGE";
2870 case LICENSE_STATE_PLATFORM_CHALLENGE_RESPONSE:
2871 return "LICENSE_STATE_PLATFORM_CHALLENGE_RESPONSE";
2872 case LICENSE_STATE_COMPLETED:
2873 return "LICENSE_STATE_COMPLETED";
2874 case LICENSE_STATE_ABORTED:
2875 return "LICENSE_STATE_ABORTED";
2876 default:
2877 return "LICENSE_STATE_UNKNOWN";
2878 }
2879}
2880
2881BOOL license_server_send_request(rdpLicense* license)
2882{
2883 if (!license_ensure_state(license, LICENSE_STATE_CONFIGURED, LICENSE_REQUEST))
2884 return FALSE;
2885 if (!license_send_license_request_packet(license))
2886 return FALSE;
2887 return license_set_state(license, LICENSE_STATE_REQUEST);
2888}
2889
2890static BOOL license_set_string(wLog* log, const char* what, const char* value, BYTE** bdst,
2891 UINT32* dstLen)
2892{
2893 WINPR_ASSERT(what);
2894 WINPR_ASSERT(value);
2895 WINPR_ASSERT(bdst);
2896 WINPR_ASSERT(dstLen);
2897
2898 union
2899 {
2900 WCHAR** w;
2901 BYTE** b;
2902 } cnv;
2903 cnv.b = bdst;
2904
2905 size_t len = 0;
2906 *cnv.w = ConvertUtf8ToWCharAlloc(value, &len);
2907 if (!*cnv.w || (len > UINT32_MAX / sizeof(WCHAR)))
2908 {
2909 WLog_Print(log, WLOG_ERROR, "license->ProductInfo: %s == %p || %" PRIu32 " > UINT32_MAX",
2910 what, *cnv.w, len);
2911 return FALSE;
2912 }
2913 *dstLen = (UINT32)(len * sizeof(WCHAR));
2914 return TRUE;
2915}
2916
2917BOOL license_server_configure(rdpLicense* license)
2918{
2919 wStream* s = NULL;
2920 UINT32 algs[] = { KEY_EXCHANGE_ALG_RSA };
2921
2922 WINPR_ASSERT(license);
2923 WINPR_ASSERT(license->rdp);
2924
2925 const rdpSettings* settings = license->rdp->settings;
2926
2927 const char* CompanyName =
2928 freerdp_settings_get_string(settings, FreeRDP_ServerLicenseCompanyName);
2929
2930 const char* ProductName =
2931 freerdp_settings_get_string(settings, FreeRDP_ServerLicenseProductName);
2932 const UINT32 ProductVersion =
2933 freerdp_settings_get_uint32(settings, FreeRDP_ServerLicenseProductVersion);
2934 const UINT32 issuerCount =
2935 freerdp_settings_get_uint32(settings, FreeRDP_ServerLicenseProductIssuersCount);
2936
2937 const void* ptr = freerdp_settings_get_pointer(settings, FreeRDP_ServerLicenseProductIssuers);
2938 const char** issuers = WINPR_REINTERPRET_CAST(ptr, const void*, const char**);
2939
2940 WINPR_ASSERT(CompanyName);
2941 WINPR_ASSERT(ProductName);
2942 WINPR_ASSERT(ProductVersion > 0);
2943 WINPR_ASSERT(issuers || (issuerCount == 0));
2944
2945 if (!license_ensure_state(license, LICENSE_STATE_INITIAL, LICENSE_REQUEST))
2946 return FALSE;
2947
2948 license->ProductInfo->dwVersion = ProductVersion;
2949 if (!license_set_string(license->log, "pbCompanyName", CompanyName,
2950 &license->ProductInfo->pbCompanyName,
2951 &license->ProductInfo->cbCompanyName))
2952 return FALSE;
2953
2954 if (!license_set_string(license->log, "pbProductId", ProductName,
2955 &license->ProductInfo->pbProductId, &license->ProductInfo->cbProductId))
2956 return FALSE;
2957
2958 if (!license_read_binary_blob_data(license->log, license->KeyExchangeList,
2959 BB_KEY_EXCHG_ALG_BLOB, algs, sizeof(algs)))
2960 return FALSE;
2961
2962 if (!freerdp_certificate_read_server_cert(license->certificate, settings->ServerCertificate,
2963 settings->ServerCertificateLength))
2964 return FALSE;
2965
2966 s = Stream_New(NULL, 1024);
2967 if (!s)
2968 return FALSE;
2969 else
2970 {
2971 BOOL r = FALSE;
2972 SSIZE_T res =
2973 freerdp_certificate_write_server_cert(license->certificate, CERT_CHAIN_VERSION_2, s);
2974 if (res >= 0)
2975 r = license_read_binary_blob_data(license->log, license->ServerCertificate,
2976 BB_CERTIFICATE_BLOB, Stream_Buffer(s),
2977 Stream_GetPosition(s));
2978
2979 Stream_Free(s, TRUE);
2980 if (!r)
2981 return FALSE;
2982 }
2983
2984 if (!license_scope_list_resize(license->ScopeList, issuerCount))
2985 return FALSE;
2986 for (size_t x = 0; x < issuerCount; x++)
2987 {
2988 LICENSE_BLOB* blob = license->ScopeList->array[x];
2989 const char* name = issuers[x];
2990 const size_t length = strnlen(name, UINT16_MAX) + 1;
2991 if ((length == 0) || (length > UINT16_MAX))
2992 {
2993 WLog_Print(license->log, WLOG_WARN,
2994 "%s: Invalid issuer at position %" PRIuz ": length 0 < %" PRIuz
2995 " <= %" PRIu16 " ['%s']",
2996 x, length, UINT16_MAX, name);
2997 return FALSE;
2998 }
2999 if (!license_read_binary_blob_data(license->log, blob, BB_SCOPE_BLOB, name, length))
3000 return FALSE;
3001 }
3002
3003 return license_set_state(license, LICENSE_STATE_CONFIGURED);
3004}
3005
3006rdpLicense* license_get(rdpContext* context)
3007{
3008 WINPR_ASSERT(context);
3009 WINPR_ASSERT(context->rdp);
3010 return context->rdp->license;
3011}
freerdp_settings_get_uint32
FREERDP_API UINT32 freerdp_settings_get_uint32(const rdpSettings *settings, FreeRDP_Settings_Keys_UInt32 id)
Returns a UINT32 settings value.
freerdp_settings_get_bool
FREERDP_API BOOL freerdp_settings_get_bool(const rdpSettings *settings, FreeRDP_Settings_Keys_Bool id)
Returns a boolean settings value.
freerdp_settings_get_pointer
FREERDP_API const void * freerdp_settings_get_pointer(const rdpSettings *settings, FreeRDP_Settings_Keys_Pointer id)
Returns a immutable pointer settings value.
Definition common/settings.c:1403
freerdp_settings_get_string
FREERDP_API const char * freerdp_settings_get_string(const rdpSettings *settings, FreeRDP_Settings_Keys_String id)
Returns a immutable string settings value.
LICENSE_BLOB
Definition libfreerdp/core/license.h:47
LICENSE_PRODUCT_INFO
Definition libfreerdp/core/license.h:38
SCOPE_LIST
Definition libfreerdp/core/license.h:54