FreeRDP
Loading...
Searching...
No Matches
license.c
1/*
2 * FreeRDP: A Remote Desktop Protocol Implementation
3 * RDP Licensing
4 *
5 * Copyright 2011-2013 Marc-Andre Moreau <marcandre.moreau@gmail.com>
6 * Copyright 2014 Norbert Federa <norbert.federa@thincast.com>
7 * Copyright 2018 David Fort <contact@hardening-consulting.com>
8 * Copyright 2022,2023 Armin Novak <armin.novak@thincast.com>
9 * Copyright 2022,2023 Thincast Technologies GmbH
10 *
11 * Licensed under the Apache License, Version 2.0 (the "License");
12 * you may not use this file except in compliance with the License.
13 * You may obtain a copy of the License at
14 *
15 * http://www.apache.org/licenses/LICENSE-2.0
16 *
17 * Unless required by applicable law or agreed to in writing, software
18 * distributed under the License is distributed on an "AS IS" BASIS,
19 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
20 * See the License for the specific language governing permissions and
21 * limitations under the License.
22 */
23
24#include <freerdp/config.h>
25
26#include "settings.h"
27
28#include <freerdp/license.h>
29
30#include <winpr/crt.h>
31#include <winpr/assert.h>
32#include <winpr/crypto.h>
33#include <winpr/shell.h>
34#include <winpr/path.h>
35#include <winpr/file.h>
36
37#include <freerdp/log.h>
38
39#include <freerdp/crypto/certificate.h>
40
41#include "license.h"
42
43#include "../crypto/crypto.h"
44#include "../crypto/certificate.h"
45
46#define LICENSE_TAG FREERDP_TAG("core.license")
47
48// #define LICENSE_NULL_CLIENT_RANDOM 1
49// #define LICENSE_NULL_PREMASTER_SECRET 1
50
51// #define WITH_LICENSE_DECRYPT_CHALLENGE_RESPONSE
52
53#define PLATFORM_CHALLENGE_RESPONSE_VERSION 0x0100
54
56enum LicenseRequestType
57{
58 LICENSE_REQUEST = 0x01,
59 PLATFORM_CHALLENGE = 0x02,
60 NEW_LICENSE = 0x03,
61 UPGRADE_LICENSE = 0x04,
62 LICENSE_INFO = 0x12,
63 NEW_LICENSE_REQUEST = 0x13,
64 PLATFORM_CHALLENGE_RESPONSE = 0x15,
65 ERROR_ALERT = 0xFF
66};
67
68/*
69#define LICENSE_PKT_CS_MASK \
70 (LICENSE_INFO | NEW_LICENSE_REQUEST | PLATFORM_CHALLENGE_RESPONSE | ERROR_ALERT)
71#define LICENSE_PKT_SC_MASK \
72 (LICENSE_REQUEST | PLATFORM_CHALLENGE | NEW_LICENSE | UPGRADE_LICENSE | ERROR_ALERT)
73#define LICENSE_PKT_MASK (LICENSE_PKT_CS_MASK | LICENSE_PKT_SC_MASK)
74*/
75#define LICENSE_PREAMBLE_LENGTH 4
76
77/* Cryptographic Lengths */
78
79#define SERVER_RANDOM_LENGTH 32
80#define MASTER_SECRET_LENGTH 48
81#define PREMASTER_SECRET_LENGTH 48
82#define SESSION_KEY_BLOB_LENGTH 48
83#define MAC_SALT_KEY_LENGTH 16
84#define LICENSING_ENCRYPTION_KEY_LENGTH 16
85#define HWID_PLATFORM_ID_LENGTH 4
86// #define HWID_UNIQUE_DATA_LENGTH 16
87#define HWID_LENGTH 20
88// #define LICENSING_PADDING_SIZE 8
89
90/* Preamble Flags */
91
92// #define PREAMBLE_VERSION_2_0 0x02
93#define PREAMBLE_VERSION_3_0 0x03
94// #define LicenseProtocolVersionMask 0x0F
95#define EXTENDED_ERROR_MSG_SUPPORTED 0x80
96
98enum
99{
100 BB_ANY_BLOB = 0x0000,
101 BB_DATA_BLOB = 0x0001,
102 BB_RANDOM_BLOB = 0x0002,
103 BB_CERTIFICATE_BLOB = 0x0003,
104 BB_ERROR_BLOB = 0x0004,
105 BB_ENCRYPTED_DATA_BLOB = 0x0009,
106 BB_KEY_EXCHG_ALG_BLOB = 0x000D,
107 BB_SCOPE_BLOB = 0x000E,
108 BB_CLIENT_USER_NAME_BLOB = 0x000F,
109 BB_CLIENT_MACHINE_NAME_BLOB = 0x0010
110};
111
112/* License Key Exchange Algorithms */
113
114#define KEY_EXCHANGE_ALG_RSA 0x00000001
115
118enum
119{
120 ERR_INVALID_SERVER_CERTIFICATE = 0x00000001,
121 ERR_NO_LICENSE = 0x00000002,
122 ERR_INVALID_MAC = 0x00000003,
123 ERR_INVALID_SCOPE = 0x00000004,
124 ERR_NO_LICENSE_SERVER = 0x00000006,
125 STATUS_VALID_CLIENT = 0x00000007,
126 ERR_INVALID_CLIENT = 0x00000008,
127 ERR_INVALID_PRODUCT_ID = 0x0000000B,
128 ERR_INVALID_MESSAGE_LENGTH = 0x0000000C
129};
130
133enum
134{
135 ST_TOTAL_ABORT = 0x00000001,
136 ST_NO_TRANSITION = 0x00000002,
137 ST_RESET_PHASE_TO_START = 0x00000003,
138 ST_RESEND_LAST_MESSAGE = 0x00000004
139};
140
143enum
144{
145 WIN32_PLATFORM_CHALLENGE_TYPE = 0x0100,
146 WIN16_PLATFORM_CHALLENGE_TYPE = 0x0200,
147 WINCE_PLATFORM_CHALLENGE_TYPE = 0x0300,
148 OTHER_PLATFORM_CHALLENGE_TYPE = 0xFF00
149};
150
153enum
154{
155 LICENSE_DETAIL_SIMPLE = 0x0001,
156 LICENSE_DETAIL_MODERATE = 0x0002,
157 LICENSE_DETAIL_DETAIL = 0x0003
158};
159
160/*
161 * PlatformId:
162 *
163 * The most significant byte of the PlatformId field contains the operating system version of the
164 * client. The second most significant byte of the PlatformId field identifies the ISV that provided
165 * the client image. The remaining two bytes in the PlatformId field are used by the ISV to identify
166 * the build number of the operating system.
167 *
168 * 0x04010000:
169 *
170 * CLIENT_OS_ID_WINNT_POST_52 (0x04000000)
171 * CLIENT_IMAGE_ID_MICROSOFT (0x00010000)
172 */
173enum
174{
175 CLIENT_OS_ID_WINNT_351 = 0x01000000,
176 CLIENT_OS_ID_WINNT_40 = 0x02000000,
177 CLIENT_OS_ID_WINNT_50 = 0x03000000,
178 CLIENT_OS_ID_WINNT_POST_52 = 0x04000000,
179
180 CLIENT_IMAGE_ID_MICROSOFT = 0x00010000,
181 CLIENT_IMAGE_ID_CITRIX = 0x00020000,
182};
183
184struct rdp_license
185{
186 LICENSE_STATE state;
187 LICENSE_TYPE type;
188 rdpRdp* rdp;
189 rdpCertificate* certificate;
190 BYTE HardwareId[HWID_LENGTH];
191 BYTE ClientRandom[CLIENT_RANDOM_LENGTH];
192 BYTE ServerRandom[SERVER_RANDOM_LENGTH];
193 BYTE MasterSecret[MASTER_SECRET_LENGTH];
194 BYTE PremasterSecret[PREMASTER_SECRET_LENGTH];
195 BYTE SessionKeyBlob[SESSION_KEY_BLOB_LENGTH];
196 BYTE MacSaltKey[MAC_SALT_KEY_LENGTH];
197 BYTE LicensingEncryptionKey[LICENSING_ENCRYPTION_KEY_LENGTH];
198 LICENSE_PRODUCT_INFO* ProductInfo;
199 LICENSE_BLOB* ErrorInfo;
200 LICENSE_BLOB* LicenseInfo; /* Client -> Server */
201 LICENSE_BLOB* KeyExchangeList;
202 LICENSE_BLOB* ServerCertificate;
203 LICENSE_BLOB* ClientUserName;
204 LICENSE_BLOB* ClientMachineName;
205 LICENSE_BLOB* PlatformChallenge;
206 LICENSE_BLOB* PlatformChallengeResponse;
207 LICENSE_BLOB* EncryptedPremasterSecret;
208 LICENSE_BLOB* EncryptedPlatformChallenge;
209 LICENSE_BLOB* EncryptedPlatformChallengeResponse;
210 LICENSE_BLOB* EncryptedHardwareId;
211 LICENSE_BLOB* EncryptedLicenseInfo;
212 BYTE MACData[LICENSING_ENCRYPTION_KEY_LENGTH];
213 SCOPE_LIST* ScopeList;
214 UINT32 PacketHeaderLength;
215 UINT32 PreferredKeyExchangeAlg;
216 UINT32 PlatformId;
217 UINT16 ClientType;
218 UINT16 LicenseDetailLevel;
219 BOOL update;
220 wLog* log;
221};
222
223WINPR_ATTR_NODISCARD
224static BOOL license_send_error_alert(rdpLicense* license, UINT32 dwErrorCode,
225 UINT32 dwStateTransition, const LICENSE_BLOB* info);
226
227static void license_set_state(rdpLicense* license, LICENSE_STATE state);
228
229WINPR_ATTR_NODISCARD
230static const char* license_get_state_string(LICENSE_STATE state);
231
232WINPR_ATTR_NODISCARD
233static const char* license_preferred_key_exchange_alg_string(UINT32 alg, char* buffer, size_t size)
234{
235 const char* name = nullptr;
236
237 switch (alg)
238 {
239 case KEY_EXCHANGE_ALG_RSA:
240 name = "KEY_EXCHANGE_ALG_RSA";
241 break;
242 default:
243 name = "KEY_EXCHANGE_ALG_UNKNOWN";
244 break;
245 }
246
247 (void)_snprintf(buffer, size, "%s [0x%08" PRIx32 "]", name, alg);
248 return buffer;
249}
250
251WINPR_ATTR_NODISCARD
252static const char* license_request_type_string(UINT32 type)
253{
254 switch (type)
255 {
256 case LICENSE_REQUEST:
257 return "LICENSE_REQUEST";
258 case PLATFORM_CHALLENGE:
259 return "PLATFORM_CHALLENGE";
260 case NEW_LICENSE:
261 return "NEW_LICENSE";
262 case UPGRADE_LICENSE:
263 return "UPGRADE_LICENSE";
264 case LICENSE_INFO:
265 return "LICENSE_INFO";
266 case NEW_LICENSE_REQUEST:
267 return "NEW_LICENSE_REQUEST";
268 case PLATFORM_CHALLENGE_RESPONSE:
269 return "PLATFORM_CHALLENGE_RESPONSE";
270 case ERROR_ALERT:
271 return "ERROR_ALERT";
272 default:
273 return "LICENSE_REQUEST_TYPE_UNKNOWN";
274 }
275}
276
277WINPR_ATTR_NODISCARD
278static const char* licencse_blob_type_string(UINT16 type)
279{
280 switch (type)
281 {
282 case BB_ANY_BLOB:
283 return "BB_ANY_BLOB";
284 case BB_DATA_BLOB:
285 return "BB_DATA_BLOB";
286 case BB_RANDOM_BLOB:
287 return "BB_RANDOM_BLOB";
288 case BB_CERTIFICATE_BLOB:
289 return "BB_CERTIFICATE_BLOB";
290 case BB_ERROR_BLOB:
291 return "BB_ERROR_BLOB";
292 case BB_ENCRYPTED_DATA_BLOB:
293 return "BB_ENCRYPTED_DATA_BLOB";
294 case BB_KEY_EXCHG_ALG_BLOB:
295 return "BB_KEY_EXCHG_ALG_BLOB";
296 case BB_SCOPE_BLOB:
297 return "BB_SCOPE_BLOB";
298 case BB_CLIENT_USER_NAME_BLOB:
299 return "BB_CLIENT_USER_NAME_BLOB";
300 case BB_CLIENT_MACHINE_NAME_BLOB:
301 return "BB_CLIENT_MACHINE_NAME_BLOB";
302 default:
303 return "BB_UNKNOWN";
304 }
305}
306
307WINPR_ATTR_NODISCARD
308static wStream* license_send_stream_init(rdpLicense* license, UINT16* sec_flags);
309
310WINPR_ATTR_NODISCARD
311static BOOL license_generate_randoms(rdpLicense* license);
312
313WINPR_ATTR_NODISCARD
314static BOOL license_generate_keys(rdpLicense* license);
315
316WINPR_ATTR_NODISCARD
317static BOOL license_generate_hwid(rdpLicense* license);
318
319WINPR_ATTR_NODISCARD
320static BOOL license_encrypt_premaster_secret(rdpLicense* license);
321
322static void license_free_product_info(LICENSE_PRODUCT_INFO* productInfo);
323
324WINPR_ATTR_MALLOC(license_free_product_info, 1)
325static LICENSE_PRODUCT_INFO* license_new_product_info(void);
326
327WINPR_ATTR_NODISCARD
328static BOOL license_read_product_info(wLog* log, wStream* s, LICENSE_PRODUCT_INFO* productInfo);
329
330static void license_free_binary_blob(LICENSE_BLOB* blob);
331
332WINPR_ATTR_MALLOC(license_free_binary_blob, 1)
333static LICENSE_BLOB* license_new_binary_blob(UINT16 type);
334
335WINPR_ATTR_NODISCARD
336static BOOL license_read_binary_blob_data(wLog* log, LICENSE_BLOB* blob, UINT16 type,
337 const void* data, size_t length);
338
339WINPR_ATTR_NODISCARD
340static BOOL license_read_binary_blob(wLog* log, wStream* s, LICENSE_BLOB* blob);
341
342WINPR_ATTR_NODISCARD
343static BOOL license_write_binary_blob(wStream* s, const LICENSE_BLOB* blob);
344
345static void license_free_scope_list(SCOPE_LIST* scopeList);
346
347WINPR_ATTR_MALLOC(license_free_scope_list, 1)
348static SCOPE_LIST* license_new_scope_list(void);
349
350WINPR_ATTR_NODISCARD
351static BOOL license_scope_list_resize(SCOPE_LIST* scopeList, UINT32 count);
352
353WINPR_ATTR_NODISCARD
354static BOOL license_read_scope_list(wLog* log, wStream* s, SCOPE_LIST* scopeList);
355
356WINPR_ATTR_NODISCARD
357static BOOL license_write_scope_list(wLog* log, wStream* s, const SCOPE_LIST* scopeList);
358
359WINPR_ATTR_NODISCARD
360static BOOL license_read_license_request_packet(rdpLicense* license, wStream* s);
361
362WINPR_ATTR_NODISCARD
363static BOOL license_write_license_request_packet(const rdpLicense* license, wStream* s);
364
365WINPR_ATTR_NODISCARD
366static BOOL license_read_platform_challenge_packet(rdpLicense* license, wStream* s);
367
368WINPR_ATTR_NODISCARD
369static BOOL license_send_platform_challenge_packet(rdpLicense* license);
370
371WINPR_ATTR_NODISCARD
372static BOOL license_read_new_or_upgrade_license_packet(rdpLicense* license, wStream* s);
373
374WINPR_ATTR_NODISCARD
375static BOOL license_read_error_alert_packet(rdpLicense* license, wStream* s);
376
377WINPR_ATTR_NODISCARD
378static BOOL license_write_new_license_request_packet(const rdpLicense* license, wStream* s);
379
380WINPR_ATTR_NODISCARD
381static BOOL license_read_new_license_request_packet(rdpLicense* license, wStream* s);
382
383WINPR_ATTR_NODISCARD
384static BOOL license_answer_license_request(rdpLicense* license);
385
386WINPR_ATTR_NODISCARD
387static BOOL license_send_platform_challenge_response(rdpLicense* license);
388
389WINPR_ATTR_NODISCARD
390static BOOL license_read_platform_challenge_response(rdpLicense* license);
391
392WINPR_ATTR_NODISCARD
393static BOOL license_read_client_platform_challenge_response(rdpLicense* license, wStream* s);
394
395WINPR_ATTR_NODISCARD
396static BOOL license_write_client_platform_challenge_response(rdpLicense* license, wStream* s);
397
398WINPR_ATTR_NODISCARD
399static BOOL license_write_server_upgrade_license(const rdpLicense* license, wStream* s);
400
401WINPR_ATTR_NODISCARD
402static BOOL license_send_license_info(rdpLicense* license, const LICENSE_BLOB* calBlob,
403 const BYTE* signature, size_t signature_length);
404
405WINPR_ATTR_NODISCARD
406static BOOL license_read_license_info(rdpLicense* license, wStream* s);
407
408WINPR_ATTR_NODISCARD
409static state_run_t license_client_recv(rdpLicense* license, wStream* s);
410
411WINPR_ATTR_NODISCARD
412static state_run_t license_server_recv(rdpLicense* license, wStream* s);
413
414#define PLATFORMID (CLIENT_OS_ID_WINNT_POST_52 | CLIENT_IMAGE_ID_MICROSOFT)
415
416#ifdef WITH_DEBUG_LICENSE
417
418static const char* error_codes[] = { "ERR_UNKNOWN",
419 "ERR_INVALID_SERVER_CERTIFICATE",
420 "ERR_NO_LICENSE",
421 "ERR_INVALID_MAC",
422 "ERR_INVALID_SCOPE",
423 "ERR_UNKNOWN",
424 "ERR_NO_LICENSE_SERVER",
425 "STATUS_VALID_CLIENT",
426 "ERR_INVALID_CLIENT",
427 "ERR_UNKNOWN",
428 "ERR_UNKNOWN",
429 "ERR_INVALID_PRODUCT_ID",
430 "ERR_INVALID_MESSAGE_LENGTH" };
431
432static const char* state_transitions[] = { "ST_UNKNOWN", "ST_TOTAL_ABORT", "ST_NO_TRANSITION",
433 "ST_RESET_PHASE_TO_START", "ST_RESEND_LAST_MESSAGE" };
434
435static void license_print_product_info(wLog* log, const LICENSE_PRODUCT_INFO* productInfo)
436{
437 char* CompanyName = nullptr;
438 char* ProductId = nullptr;
439
440 WINPR_ASSERT(productInfo);
441 WINPR_ASSERT(productInfo->pbCompanyName);
442 WINPR_ASSERT(productInfo->pbProductId);
443
444 CompanyName = ConvertWCharNToUtf8Alloc((const WCHAR*)productInfo->pbCompanyName,
445 productInfo->cbCompanyName / sizeof(WCHAR), nullptr);
446 ProductId = ConvertWCharNToUtf8Alloc((const WCHAR*)productInfo->pbProductId,
447 productInfo->cbProductId / sizeof(WCHAR), nullptr);
448 WLog_Print(log, WLOG_INFO, "ProductInfo:");
449 WLog_Print(log, WLOG_INFO, "\tdwVersion: 0x%08" PRIX32 "", productInfo->dwVersion);
450 WLog_Print(log, WLOG_INFO, "\tCompanyName: %s", CompanyName);
451 WLog_Print(log, WLOG_INFO, "\tProductId: %s", ProductId);
452 free(CompanyName);
453 free(ProductId);
454}
455
456static void license_print_scope_list(wLog* log, const SCOPE_LIST* scopeList)
457{
458 WINPR_ASSERT(scopeList);
459
460 WLog_Print(log, WLOG_INFO, "ScopeList (%" PRIu32 "):", scopeList->count);
461
462 for (UINT32 index = 0; index < scopeList->count; index++)
463 {
464 const LICENSE_BLOB* scope = nullptr;
465
466 WINPR_ASSERT(scopeList->array);
467 scope = scopeList->array[index];
468 WINPR_ASSERT(scope);
469
470 WLog_Print(log, WLOG_INFO, "\t%s", (const char*)scope->data);
471 }
472}
473#endif
474
475static const char licenseStore[] = "licenses";
476
477WINPR_ATTR_NODISCARD
478static BOOL license_ensure_state(rdpLicense* license, LICENSE_STATE state, UINT32 msg)
479{
480 const LICENSE_STATE cstate = license_get_state(license);
481
482 WINPR_ASSERT(license);
483
484 if (cstate != state)
485 {
486 const char* scstate = license_get_state_string(cstate);
487 const char* sstate = license_get_state_string(state);
488 const char* where = license_request_type_string(msg);
489
490 WLog_Print(license->log, WLOG_WARN,
491 "Received [%s], but found invalid licensing state %s, expected %s", where,
492 scstate, sstate);
493 return FALSE;
494 }
495 return TRUE;
496}
497
498state_run_t license_recv(rdpLicense* license, wStream* s)
499{
500 WINPR_ASSERT(license);
501 WINPR_ASSERT(license->rdp);
502 WINPR_ASSERT(license->rdp->settings);
503
504 if (freerdp_settings_get_bool(license->rdp->settings, FreeRDP_ServerMode))
505 return license_server_recv(license, s);
506 else
507 return license_client_recv(license, s);
508}
509
510WINPR_ATTR_NODISCARD
511static BOOL license_check_stream_length(wLog* log, wStream* s, SSIZE_T expect, const char* where)
512{
513 const size_t remain = Stream_GetRemainingLength(s);
514
515 WINPR_ASSERT(where);
516
517 if (expect < 0)
518 {
519 WLog_Print(log, WLOG_WARN, "invalid %s, expected value %" PRIdz " invalid", where, expect);
520 return FALSE;
521 }
522 if (remain < (size_t)expect)
523 {
524 WLog_Print(log, WLOG_WARN, "short %s, expected %" PRIdz " bytes, got %" PRIuz, where,
525 expect, remain);
526 return FALSE;
527 }
528 return TRUE;
529}
530
531WINPR_ATTR_NODISCARD
532static BOOL license_check_stream_capacity(wLog* log, wStream* s, size_t expect, const char* where)
533{
534 WINPR_ASSERT(where);
535
536 return (Stream_CheckAndLogRequiredCapacityWLogEx(log, WLOG_WARN, s, expect, 1,
537 "%s(%s:%" PRIuz ") %s", __func__, __FILE__,
538 (size_t)__LINE__, where));
539}
540
541WINPR_ATTR_NODISCARD
542static BOOL computeCalHash(wLog* log, const char* hostname, char* hashStr, size_t len)
543{
544 WINPR_DIGEST_CTX* sha1 = nullptr;
545 BOOL ret = FALSE;
546 BYTE hash[20] = WINPR_C_ARRAY_INIT;
547
548 WINPR_ASSERT(hostname);
549 WINPR_ASSERT(hashStr);
550
551 if (len < 2 * sizeof(hash) + 1)
552 return FALSE;
553
554 if (!(sha1 = winpr_Digest_New()))
555 goto out;
556 if (!winpr_Digest_Init(sha1, WINPR_MD_SHA1))
557 goto out;
558 if (!winpr_Digest_Update(sha1, (const BYTE*)hostname, strlen(hostname)))
559 goto out;
560 if (!winpr_Digest_Final(sha1, hash, sizeof(hash)))
561 goto out;
562
563 for (size_t i = 0; i < sizeof(hash); i++, hashStr += 2)
564 (void)sprintf_s(hashStr, 3, "%.2x", hash[i]);
565
566 ret = TRUE;
567out:
568 if (!ret)
569 WLog_Print(log, WLOG_ERROR, "failed to generate SHA1 of hostname '%s'", hostname);
570 winpr_Digest_Free(sha1);
571 return ret;
572}
573
574WINPR_ATTR_NODISCARD
575static BOOL saveCal(wLog* log, const rdpSettings* settings, const BYTE* data, size_t length,
576 const char* hostname)
577{
578 char hash[41] = WINPR_C_ARRAY_INIT;
579 FILE* fp = nullptr;
580 char* licenseStorePath = nullptr;
581 char filename[MAX_PATH] = WINPR_C_ARRAY_INIT;
582 char filenameNew[MAX_PATH] = WINPR_C_ARRAY_INIT;
583 char* filepath = nullptr;
584 char* filepathNew = nullptr;
585
586 size_t written = 0;
587 BOOL ret = FALSE;
588 const char* path = freerdp_settings_get_string(settings, FreeRDP_ConfigPath);
589
590 WINPR_ASSERT(path);
591 WINPR_ASSERT(data || (length == 0));
592 WINPR_ASSERT(hostname);
593
594 if (!winpr_PathFileExists(path))
595 {
596 if (!winpr_PathMakePath(path, nullptr))
597 {
598 WLog_Print(log, WLOG_ERROR, "error creating directory '%s'", path);
599 goto out;
600 }
601 WLog_Print(log, WLOG_INFO, "creating directory %s", path);
602 }
603
604 if (!(licenseStorePath = GetCombinedPath(path, licenseStore)))
605 {
606 WLog_Print(log, WLOG_ERROR, "Failed to get license store path from '%s' + '%s'", path,
607 licenseStore);
608 goto out;
609 }
610
611 if (!winpr_PathFileExists(licenseStorePath))
612 {
613 if (!winpr_PathMakePath(licenseStorePath, nullptr))
614 {
615 WLog_Print(log, WLOG_ERROR, "error creating directory '%s'", licenseStorePath);
616 goto out;
617 }
618 WLog_Print(log, WLOG_INFO, "creating directory %s", licenseStorePath);
619 }
620
621 if (!computeCalHash(log, hostname, hash, sizeof(hash)))
622 goto out;
623 (void)sprintf_s(filename, sizeof(filename) - 1, "%s.cal", hash);
624 (void)sprintf_s(filenameNew, sizeof(filenameNew) - 1, "%s.cal.new", hash);
625
626 if (!(filepath = GetCombinedPath(licenseStorePath, filename)))
627 {
628 WLog_Print(log, WLOG_ERROR, "Failed to get license file path from '%s' + '%s'", path,
629 filename);
630 goto out;
631 }
632
633 if (!(filepathNew = GetCombinedPath(licenseStorePath, filenameNew)))
634 {
635 WLog_Print(log, WLOG_ERROR, "Failed to get license new file path from '%s' + '%s'", path,
636 filenameNew);
637 goto out;
638 }
639
640 fp = winpr_fopen(filepathNew, "wb");
641 if (!fp)
642 {
643 WLog_Print(log, WLOG_ERROR, "Failed to open license file '%s'", filepathNew);
644 goto out;
645 }
646
647 written = fwrite(data, length, 1, fp);
648 (void)fclose(fp);
649
650 if (written != 1)
651 {
652 WLog_Print(log, WLOG_ERROR, "Failed to write to license file '%s'", filepathNew);
653 winpr_DeleteFile(filepathNew);
654 goto out;
655 }
656
657 ret = winpr_MoveFileEx(filepathNew, filepath, MOVEFILE_REPLACE_EXISTING);
658 if (!ret)
659 WLog_Print(log, WLOG_ERROR, "Failed to move license file '%s' to '%s'", filepathNew,
660 filepath);
661
662out:
663 free(filepathNew);
664 free(filepath);
665 free(licenseStorePath);
666 return ret;
667}
668
669WINPR_ATTR_MALLOC(free, 1)
670static BYTE* loadCalFile(wLog* log, const rdpSettings* settings, const char* hostname,
671 size_t* dataLen)
672{
673 char* licenseStorePath = nullptr;
674 char* calPath = nullptr;
675 char calFilename[MAX_PATH] = WINPR_C_ARRAY_INIT;
676 char hash[41] = WINPR_C_ARRAY_INIT;
677 INT64 length = 0;
678 size_t status = 0;
679 FILE* fp = nullptr;
680 BYTE* ret = nullptr;
681
682 WINPR_ASSERT(settings);
683 WINPR_ASSERT(hostname);
684 WINPR_ASSERT(dataLen);
685
686 if (!computeCalHash(log, hostname, hash, sizeof(hash)))
687 {
688 WLog_Print(log, WLOG_ERROR, "loadCalFile: unable to compute hostname hash");
689 return nullptr;
690 }
691
692 (void)sprintf_s(calFilename, sizeof(calFilename) - 1, "%s.cal", hash);
693
694 if (!(licenseStorePath = GetCombinedPath(
695 freerdp_settings_get_string(settings, FreeRDP_ConfigPath), licenseStore)))
696 return nullptr;
697
698 if (!(calPath = GetCombinedPath(licenseStorePath, calFilename)))
699 goto error_path;
700
701 fp = winpr_fopen(calPath, "rb");
702 if (!fp)
703 goto error_open;
704
705 if (_fseeki64(fp, 0, SEEK_END) != 0)
706 goto error_malloc;
707 length = _ftelli64(fp);
708 if (_fseeki64(fp, 0, SEEK_SET) != 0)
709 goto error_malloc;
710 if (length < 0)
711 goto error_malloc;
712
713 ret = (BYTE*)malloc((size_t)length);
714 if (!ret)
715 goto error_malloc;
716
717 status = fread(ret, (size_t)length, 1, fp);
718 if (status == 0)
719 goto error_read;
720
721 *dataLen = (size_t)length;
722
723 (void)fclose(fp);
724 free(calPath);
725 free(licenseStorePath);
726 return ret;
727
728error_read:
729 free(ret);
730error_malloc:
731 fclose(fp);
732error_open:
733 free(calPath);
734error_path:
735 free(licenseStorePath);
736 return nullptr;
737}
738
748WINPR_ATTR_NODISCARD
749static BOOL license_read_preamble(wLog* log, wStream* s, BYTE* bMsgType, BYTE* flags,
750 UINT16* wMsgSize)
751{
752 WINPR_ASSERT(bMsgType);
753 WINPR_ASSERT(flags);
754 WINPR_ASSERT(wMsgSize);
755
756 /* preamble (4 bytes) */
757 if (!license_check_stream_length(log, s, 4, "license preamble"))
758 return FALSE;
759
760 Stream_Read_UINT8(s, *bMsgType); /* bMsgType (1 byte) */
761 Stream_Read_UINT8(s, *flags); /* flags (1 byte) */
762 Stream_Read_UINT16(s, *wMsgSize); /* wMsgSize (2 bytes) */
763 return license_check_stream_length(log, s, *wMsgSize - 4ll, "license preamble::wMsgSize");
764}
765
775WINPR_ATTR_NODISCARD
776static BOOL license_write_preamble(wStream* s, BYTE bMsgType, BYTE flags, UINT16 wMsgSize)
777{
778 if (!Stream_EnsureRemainingCapacity(s, 4))
779 return FALSE;
780
781 /* preamble (4 bytes) */
782 Stream_Write_UINT8(s, bMsgType); /* bMsgType (1 byte) */
783 Stream_Write_UINT8(s, flags); /* flags (1 byte) */
784 Stream_Write_UINT16(s, wMsgSize); /* wMsgSize (2 bytes) */
785 return TRUE;
786}
787
796wStream* license_send_stream_init(rdpLicense* license, UINT16* sec_flags)
797{
798 WINPR_ASSERT(license);
799 WINPR_ASSERT(license->rdp);
800 WINPR_ASSERT(sec_flags);
801
802 const BOOL do_crypt = license->rdp->do_crypt;
803
804 *sec_flags = SEC_LICENSE_PKT;
805
806 /*
807 * Encryption of licensing packets is optional even if the rdp security
808 * layer is used. If the peer has not indicated that it is capable of
809 * processing encrypted licensing packets (rdp->do_crypt_license) we turn
810 * off encryption (via rdp->do_crypt) before initializing the rdp stream
811 * and re-enable it afterwards.
812 */
813
814 if (do_crypt)
815 {
816 *sec_flags |= SEC_LICENSE_ENCRYPT_CS;
817 license->rdp->do_crypt = license->rdp->do_crypt_license;
818 }
819
820 wStream* s = rdp_send_stream_init(license->rdp, sec_flags);
821 if (!s)
822 return nullptr;
823
824 license->rdp->do_crypt = do_crypt;
825 license->PacketHeaderLength = (UINT16)Stream_GetPosition(s);
826 if (!Stream_SafeSeek(s, LICENSE_PREAMBLE_LENGTH))
827 goto fail;
828 return s;
829
830fail:
831 Stream_Release(s);
832 return nullptr;
833}
834
841WINPR_ATTR_NODISCARD
842static BOOL license_send(rdpLicense* license, wStream* s, BYTE type, UINT16 sec_flags)
843{
844 WINPR_ASSERT(license);
845 WINPR_ASSERT(license->rdp);
846
847 rdpRdp* rdp = license->rdp;
848 WINPR_ASSERT(rdp->settings);
849
850 DEBUG_LICENSE("Sending %s Packet", license_request_type_string(type));
851 const size_t length = Stream_GetPosition(s);
852 WINPR_ASSERT(length >= license->PacketHeaderLength);
853 WINPR_ASSERT(length <= UINT16_MAX + license->PacketHeaderLength);
854
855 const UINT16 wMsgSize = (UINT16)(length - license->PacketHeaderLength);
856 if (!Stream_SetPosition(s, license->PacketHeaderLength))
857 return FALSE;
858 BYTE flags = PREAMBLE_VERSION_3_0;
859
865 if (!rdp->settings->ServerMode)
866 flags |= EXTENDED_ERROR_MSG_SUPPORTED;
867
868 if (!license_write_preamble(s, type, flags, wMsgSize))
869 {
870 Stream_Release(s);
871 return FALSE;
872 }
873
874#ifdef WITH_DEBUG_LICENSE
875 WLog_Print(license->log, WLOG_DEBUG, "Sending %s Packet, length %" PRIu16 "",
876 license_request_type_string(type), wMsgSize);
877 winpr_HexLogDump(license->log, WLOG_DEBUG, Stream_PointerAs(s, char) - LICENSE_PREAMBLE_LENGTH,
878 wMsgSize);
879#endif
880 if (!Stream_SetPosition(s, length))
881 return FALSE;
882 const BOOL ret = rdp_send(rdp, s, MCS_GLOBAL_CHANNEL_ID, sec_flags);
883 return ret;
884}
885
886BOOL license_write_server_upgrade_license(const rdpLicense* license, wStream* s)
887{
888 WINPR_ASSERT(license);
889
890 if (!license_write_binary_blob(s, license->EncryptedLicenseInfo))
891 return FALSE;
892 if (!license_check_stream_capacity(license->log, s, sizeof(license->MACData),
893 "SERVER_UPGRADE_LICENSE::MACData"))
894 return FALSE;
895 Stream_Write(s, license->MACData, sizeof(license->MACData));
896 return TRUE;
897}
898
899WINPR_ATTR_NODISCARD
900static BOOL license_server_send_new_or_upgrade_license(rdpLicense* license, BOOL upgrade)
901{
902 UINT16 sec_flags = 0;
903 wStream* s = license_send_stream_init(license, &sec_flags);
904 const BYTE type = upgrade ? UPGRADE_LICENSE : NEW_LICENSE;
905
906 if (!s)
907 return FALSE;
908
909 if (!license_write_server_upgrade_license(license, s))
910 goto fail;
911
912 return license_send(license, s, type, sec_flags);
913
914fail:
915 Stream_Release(s);
916 return FALSE;
917}
918
926WINPR_ATTR_NODISCARD
927static state_run_t license_client_recv_int(rdpLicense* license, wStream* s)
928{
929 BYTE flags = 0;
930 BYTE bMsgType = 0;
931 UINT16 wMsgSize = 0;
932 const size_t length = Stream_GetRemainingLength(s);
933
934 WINPR_ASSERT(license);
935
936 if (!license_read_preamble(license->log, s, &bMsgType, &flags,
937 &wMsgSize)) /* preamble (4 bytes) */
938 return STATE_RUN_FAILED;
939
940 DEBUG_LICENSE("Receiving %s Packet", license_request_type_string(bMsgType));
941
942 switch (bMsgType)
943 {
944 case LICENSE_REQUEST:
945 /* Client does not require configuration, so skip this state */
946 if (license_get_state(license) == LICENSE_STATE_INITIAL)
947 license_set_state(license, LICENSE_STATE_CONFIGURED);
948
949 if (!license_ensure_state(license, LICENSE_STATE_CONFIGURED, bMsgType))
950 return STATE_RUN_FAILED;
951
952 if (!license_read_license_request_packet(license, s))
953 return STATE_RUN_FAILED;
954
955 if (!license_answer_license_request(license))
956 return STATE_RUN_FAILED;
957
958 license_set_state(license, LICENSE_STATE_NEW_REQUEST);
959 break;
960
961 case PLATFORM_CHALLENGE:
962 if (!license_ensure_state(license, LICENSE_STATE_NEW_REQUEST, bMsgType))
963 return STATE_RUN_FAILED;
964
965 if (!license_read_platform_challenge_packet(license, s))
966 return STATE_RUN_FAILED;
967
968 if (!license_send_platform_challenge_response(license))
969 return STATE_RUN_FAILED;
970 license_set_state(license, LICENSE_STATE_PLATFORM_CHALLENGE_RESPONSE);
971 break;
972
973 case NEW_LICENSE:
974 case UPGRADE_LICENSE:
975 if (!license_ensure_state(license, LICENSE_STATE_PLATFORM_CHALLENGE_RESPONSE, bMsgType))
976 return STATE_RUN_FAILED;
977 if (!license_read_new_or_upgrade_license_packet(license, s))
978 return STATE_RUN_FAILED;
979 break;
980
981 case ERROR_ALERT:
982 if (!license_read_error_alert_packet(license, s))
983 return STATE_RUN_FAILED;
984 break;
985
986 default:
987 WLog_Print(license->log, WLOG_ERROR, "invalid bMsgType:%" PRIu8 "", bMsgType);
988 return STATE_RUN_FAILED;
989 }
990
991 if (!tpkt_ensure_stream_consumed(license->log, s, length))
992 return STATE_RUN_FAILED;
993 return STATE_RUN_SUCCESS;
994}
995
996state_run_t license_client_recv(rdpLicense* license, wStream* s)
997{
998 state_run_t rc = license_client_recv_int(license, s);
999 if (state_run_failed(rc))
1000 {
1001 freerdp_set_last_error(license->rdp->context, ERROR_CTX_LICENSE_CLIENT_INVALID);
1002 }
1003 return rc;
1004}
1005
1006state_run_t license_server_recv(rdpLicense* license, wStream* s)
1007{
1008 state_run_t rc = STATE_RUN_FAILED;
1009 BYTE flags = 0;
1010 BYTE bMsgType = 0;
1011 UINT16 wMsgSize = 0;
1012 const size_t length = Stream_GetRemainingLength(s);
1013
1014 WINPR_ASSERT(license);
1015
1016 if (!license_read_preamble(license->log, s, &bMsgType, &flags,
1017 &wMsgSize)) /* preamble (4 bytes) */
1018 goto fail;
1019
1020 DEBUG_LICENSE("Receiving %s Packet", license_request_type_string(bMsgType));
1021
1022 switch (bMsgType)
1023 {
1024 case NEW_LICENSE_REQUEST:
1025 if (!license_ensure_state(license, LICENSE_STATE_REQUEST, bMsgType))
1026 goto fail;
1027 if (!license_read_new_license_request_packet(license, s))
1028 goto fail;
1029 // TODO: Validate if client is allowed
1030 if (!license_send_error_alert(license, ERR_INVALID_MAC, ST_TOTAL_ABORT,
1031 license->ErrorInfo))
1032 goto fail;
1033 if (!license_send_platform_challenge_packet(license))
1034 goto fail;
1035 license->update = FALSE;
1036 license_set_state(license, LICENSE_STATE_PLATFORM_CHALLENGE);
1037 break;
1038 case LICENSE_INFO:
1039 if (!license_ensure_state(license, LICENSE_STATE_REQUEST, bMsgType))
1040 goto fail;
1041 if (!license_read_license_info(license, s))
1042 goto fail;
1043 // TODO: Validate license info
1044 if (!license_send_platform_challenge_packet(license))
1045 goto fail;
1046 license_set_state(license, LICENSE_STATE_PLATFORM_CHALLENGE);
1047 license->update = TRUE;
1048 break;
1049
1050 case PLATFORM_CHALLENGE_RESPONSE:
1051 if (!license_ensure_state(license, LICENSE_STATE_PLATFORM_CHALLENGE, bMsgType))
1052 goto fail;
1053 if (!license_read_client_platform_challenge_response(license, s))
1054 goto fail;
1055
1056 // TODO: validate challenge response
1057 if (FALSE)
1058 {
1059 if (license_send_error_alert(license, ERR_INVALID_CLIENT, ST_TOTAL_ABORT,
1060 license->ErrorInfo))
1061 goto fail;
1062 }
1063 else
1064 {
1065 if (!license_server_send_new_or_upgrade_license(license, license->update))
1066 goto fail;
1067
1068 license->type = LICENSE_TYPE_ISSUED;
1069 license_set_state(license, LICENSE_STATE_COMPLETED);
1070
1071 rc = STATE_RUN_CONTINUE; /* License issued, switch state */
1072 }
1073 break;
1074
1075 case ERROR_ALERT:
1076 if (!license_read_error_alert_packet(license, s))
1077 goto fail;
1078 break;
1079
1080 default:
1081 WLog_Print(license->log, WLOG_ERROR, "invalid bMsgType:%" PRIu8 "", bMsgType);
1082 goto fail;
1083 }
1084
1085 if (!tpkt_ensure_stream_consumed(license->log, s, length))
1086 goto fail;
1087
1088 if (!state_run_success(rc))
1089 rc = STATE_RUN_SUCCESS;
1090
1091fail:
1092 if (state_run_failed(rc))
1093 {
1094 if (flags & EXTENDED_ERROR_MSG_SUPPORTED)
1095 {
1096 if (!license_send_error_alert(license, ERR_INVALID_CLIENT, ST_TOTAL_ABORT, nullptr))
1097 {
1098 WLog_Print(license->log, WLOG_ERROR, "license_send_error_alert failed");
1099 }
1100 }
1101 license_set_state(license, LICENSE_STATE_ABORTED);
1102 }
1103
1104 return rc;
1105}
1106
1107BOOL license_generate_randoms(rdpLicense* license)
1108{
1109 WINPR_ASSERT(license);
1110
1111#ifdef LICENSE_NULL_CLIENT_RANDOM
1112 ZeroMemory(license->ClientRandom, sizeof(license->ClientRandom)); /* ClientRandom */
1113#else
1114 if (winpr_RAND(license->ClientRandom, sizeof(license->ClientRandom)) < 0) /* ClientRandom */
1115 return FALSE;
1116#endif
1117
1118 if (winpr_RAND(license->ServerRandom, sizeof(license->ServerRandom)) < 0) /* ServerRandom */
1119 return FALSE;
1120
1121#ifdef LICENSE_NULL_PREMASTER_SECRET
1122 ZeroMemory(license->PremasterSecret, sizeof(license->PremasterSecret)); /* PremasterSecret */
1123#else
1124 if (winpr_RAND(license->PremasterSecret, sizeof(license->PremasterSecret)) <
1125 0) /* PremasterSecret */
1126 return FALSE;
1127#endif
1128 return TRUE;
1129}
1130
1135WINPR_ATTR_NODISCARD
1136static BOOL license_generate_keys(rdpLicense* license)
1137{
1138 WINPR_ASSERT(license);
1139
1140 if (
1141 /* MasterSecret */
1142 !security_master_secret(license->PremasterSecret, sizeof(license->PremasterSecret),
1143 license->ClientRandom, sizeof(license->ClientRandom),
1144 license->ServerRandom, sizeof(license->ServerRandom),
1145 license->MasterSecret, sizeof(license->MasterSecret)) ||
1146 /* SessionKeyBlob */
1147 !security_session_key_blob(license->MasterSecret, sizeof(license->MasterSecret),
1148 license->ClientRandom, sizeof(license->ClientRandom),
1149 license->ServerRandom, sizeof(license->ServerRandom),
1150 license->SessionKeyBlob, sizeof(license->SessionKeyBlob)))
1151 {
1152 return FALSE;
1153 }
1154 security_mac_salt_key(license->SessionKeyBlob, sizeof(license->SessionKeyBlob),
1155 license->ClientRandom, sizeof(license->ClientRandom),
1156 license->ServerRandom, sizeof(license->ServerRandom), license->MacSaltKey,
1157 sizeof(license->MacSaltKey)); /* MacSaltKey */
1158 const BOOL ret = security_licensing_encryption_key(
1159 license->SessionKeyBlob, sizeof(license->SessionKeyBlob), license->ClientRandom,
1160 sizeof(license->ClientRandom), license->ServerRandom, sizeof(license->ServerRandom),
1161 license->LicensingEncryptionKey,
1162 sizeof(license->LicensingEncryptionKey)); /* LicensingEncryptionKey */
1163
1164 WLog_Print(license->log, WLOG_TRACE, "license keys %s generated", ret ? "successfully" : "NOT");
1165
1166#ifdef WITH_DEBUG_LICENSE
1167 WLog_Print(license->log, WLOG_DEBUG, "ClientRandom:");
1168 winpr_HexLogDump(license->log, WLOG_DEBUG, license->ClientRandom,
1169 sizeof(license->ClientRandom));
1170 WLog_Print(license->log, WLOG_DEBUG, "ServerRandom:");
1171 winpr_HexLogDump(license->log, WLOG_DEBUG, license->ServerRandom,
1172 sizeof(license->ServerRandom));
1173 WLog_Print(license->log, WLOG_DEBUG, "PremasterSecret:");
1174 winpr_HexLogDump(license->log, WLOG_DEBUG, license->PremasterSecret,
1175 sizeof(license->PremasterSecret));
1176 WLog_Print(license->log, WLOG_DEBUG, "MasterSecret:");
1177 winpr_HexLogDump(license->log, WLOG_DEBUG, license->MasterSecret,
1178 sizeof(license->MasterSecret));
1179 WLog_Print(license->log, WLOG_DEBUG, "SessionKeyBlob:");
1180 winpr_HexLogDump(license->log, WLOG_DEBUG, license->SessionKeyBlob,
1181 sizeof(license->SessionKeyBlob));
1182 WLog_Print(license->log, WLOG_DEBUG, "MacSaltKey:");
1183 winpr_HexLogDump(license->log, WLOG_DEBUG, license->MacSaltKey, sizeof(license->MacSaltKey));
1184 WLog_Print(license->log, WLOG_DEBUG, "LicensingEncryptionKey:");
1185 winpr_HexLogDump(license->log, WLOG_DEBUG, license->LicensingEncryptionKey,
1186 sizeof(license->LicensingEncryptionKey));
1187#endif
1188 return ret;
1189}
1190
1196BOOL license_generate_hwid(rdpLicense* license)
1197{
1198 const BYTE* hashTarget = nullptr;
1199 size_t targetLen = 0;
1200 BYTE macAddress[6] = WINPR_C_ARRAY_INIT;
1201
1202 WINPR_ASSERT(license);
1203 WINPR_ASSERT(license->rdp);
1204 WINPR_ASSERT(license->rdp->settings);
1205
1206 ZeroMemory(license->HardwareId, sizeof(license->HardwareId));
1207
1208 if (license->rdp->settings->OldLicenseBehaviour)
1209 {
1210 hashTarget = macAddress;
1211 targetLen = sizeof(macAddress);
1212 }
1213 else
1214 {
1215 wStream buffer = WINPR_C_ARRAY_INIT;
1216 const char* hostname = license->rdp->settings->ClientHostname;
1217 wStream* s = Stream_StaticInit(&buffer, license->HardwareId, 4);
1218 Stream_Write_UINT32(s, license->PlatformId);
1219
1220 hashTarget = (const BYTE*)hostname;
1221 targetLen = hostname ? strlen(hostname) : 0;
1222 }
1223
1224 /* Allow FIPS override for use of MD5 here, really this does not have to be MD5 as we are just
1225 * taking a MD5 hash of the 6 bytes of 0's(macAddress) */
1226 /* and filling in the Data1-Data4 fields of the CLIENT_HARDWARE_ID structure(from MS-RDPELE
1227 * section 2.2.2.3.1). This is for RDP licensing packets */
1228 /* which will already be encrypted under FIPS, so the use of MD5 here is not for sensitive data
1229 * protection. */
1230 return winpr_Digest_Allow_FIPS(WINPR_MD_MD5, hashTarget, targetLen,
1231 &license->HardwareId[HWID_PLATFORM_ID_LENGTH],
1232 WINPR_MD5_DIGEST_LENGTH);
1233}
1234
1235WINPR_ATTR_NODISCARD
1236static BOOL license_get_server_rsa_public_key(rdpLicense* license)
1237{
1238 rdpSettings* settings = nullptr;
1239
1240 WINPR_ASSERT(license);
1241 WINPR_ASSERT(license->certificate);
1242 WINPR_ASSERT(license->rdp);
1243
1244 settings = license->rdp->settings;
1245 WINPR_ASSERT(settings);
1246
1247 if (license->ServerCertificate->length < 1)
1248 {
1249 if (!freerdp_certificate_read_server_cert(license->certificate, settings->ServerCertificate,
1250 settings->ServerCertificateLength))
1251 return FALSE;
1252 }
1253
1254 return TRUE;
1255}
1256
1257BOOL license_encrypt_premaster_secret(rdpLicense* license)
1258{
1259 WINPR_ASSERT(license);
1260 WINPR_ASSERT(license->certificate);
1261
1262 if (!license_get_server_rsa_public_key(license))
1263 return FALSE;
1264
1265 WINPR_ASSERT(license->EncryptedPremasterSecret);
1266
1267 const rdpCertInfo* info = freerdp_certificate_get_info(license->certificate);
1268 if (!info)
1269 {
1270 WLog_Print(license->log, WLOG_ERROR, "info=%p, license->certificate=%p", (const void*)info,
1271 (void*)license->certificate);
1272 return FALSE;
1273 }
1274
1275#ifdef WITH_DEBUG_LICENSE
1276 WLog_Print(license->log, WLOG_DEBUG, "Modulus (%" PRIu32 " bits):", info->ModulusLength * 8);
1277 winpr_HexLogDump(license->log, WLOG_DEBUG, info->Modulus, info->ModulusLength);
1278 WLog_Print(license->log, WLOG_DEBUG, "Exponent:");
1279 winpr_HexLogDump(license->log, WLOG_DEBUG, info->exponent, sizeof(info->exponent));
1280#endif
1281
1282 BYTE* EncryptedPremasterSecret = (BYTE*)calloc(1, info->ModulusLength);
1283 if (!EncryptedPremasterSecret)
1284 {
1285 WLog_Print(license->log, WLOG_ERROR,
1286 "EncryptedPremasterSecret=%p, info->ModulusLength=%" PRIu32,
1287 (const void*)EncryptedPremasterSecret, info->ModulusLength);
1288 return FALSE;
1289 }
1290
1291 license->EncryptedPremasterSecret->type = BB_RANDOM_BLOB;
1292 license->EncryptedPremasterSecret->length = sizeof(license->PremasterSecret);
1293#ifndef LICENSE_NULL_PREMASTER_SECRET
1294 {
1295 const SSIZE_T length =
1296 crypto_rsa_public_encrypt(license->PremasterSecret, sizeof(license->PremasterSecret),
1297 info, EncryptedPremasterSecret, info->ModulusLength);
1298 if ((length < 0) || (length > UINT16_MAX))
1299 {
1300 WLog_Print(license->log, WLOG_ERROR, "RSA public encrypt length=%" PRIdz " < 0 || > %d",
1301 length, UINT16_MAX);
1302 return FALSE;
1303 }
1304 license->EncryptedPremasterSecret->length = (UINT16)length;
1305 }
1306#endif
1307 license->EncryptedPremasterSecret->data = EncryptedPremasterSecret;
1308 return TRUE;
1309}
1310
1311WINPR_ATTR_NODISCARD
1312static BOOL license_rc4_with_licenseKey(const rdpLicense* license, const BYTE* input, size_t len,
1313 LICENSE_BLOB* target)
1314{
1315 WINPR_ASSERT(license);
1316 WINPR_ASSERT(input || (len == 0));
1317 WINPR_ASSERT(target);
1318 WINPR_ASSERT(len <= UINT16_MAX);
1319
1320 WINPR_RC4_CTX* rc4 = winpr_RC4_New_Allow_FIPS(license->LicensingEncryptionKey,
1321 sizeof(license->LicensingEncryptionKey));
1322 if (!rc4)
1323 {
1324 WLog_Print(license->log, WLOG_ERROR, "Failed to allocate RC4");
1325 return FALSE;
1326 }
1327
1328 BYTE* buffer = nullptr;
1329 if (len > 0)
1330 buffer = realloc(target->data, len);
1331 if (!buffer)
1332 goto error_buffer;
1333
1334 target->data = buffer;
1335 target->length = (UINT16)len;
1336
1337 if (!winpr_RC4_Update(rc4, len, input, buffer))
1338 goto error_buffer;
1339
1340 winpr_RC4_Free(rc4);
1341 return TRUE;
1342
1343error_buffer:
1344 WLog_Print(license->log, WLOG_ERROR, "Failed to create/update RC4: len=%" PRIuz ", buffer=%p",
1345 len, (const void*)buffer);
1346 winpr_RC4_Free(rc4);
1347 return FALSE;
1348}
1349
1361WINPR_ATTR_NODISCARD
1362static BOOL license_encrypt_and_MAC(rdpLicense* license, const BYTE* input, size_t len,
1363 LICENSE_BLOB* target, BYTE* mac, size_t mac_length)
1364{
1365 WINPR_ASSERT(license);
1366 return license_rc4_with_licenseKey(license, input, len, target) &&
1367 security_mac_data(license->MacSaltKey, sizeof(license->MacSaltKey), input, len, mac,
1368 mac_length);
1369}
1370
1382WINPR_ATTR_NODISCARD
1383static BOOL license_decrypt_and_check_MAC(rdpLicense* license, const BYTE* input, size_t len,
1384 LICENSE_BLOB* target, const BYTE* packetMac)
1385{
1386 BYTE macData[sizeof(license->MACData)] = WINPR_C_ARRAY_INIT;
1387
1388 WINPR_ASSERT(license);
1389 WINPR_ASSERT(target);
1390
1391 if (freerdp_settings_get_bool(license->rdp->settings, FreeRDP_TransportDumpReplay))
1392 {
1393 WLog_Print(license->log, WLOG_DEBUG, "TransportDumpReplay active, skipping...");
1394 return TRUE;
1395 }
1396
1397 if (!license_rc4_with_licenseKey(license, input, len, target))
1398 return FALSE;
1399
1400 if (!security_mac_data(license->MacSaltKey, sizeof(license->MacSaltKey), target->data, len,
1401 macData, sizeof(macData)))
1402 return FALSE;
1403
1404 if (memcmp(packetMac, macData, sizeof(macData)) != 0)
1405 {
1406 WLog_Print(license->log, WLOG_ERROR, "packetMac != expectedMac");
1407 return FALSE;
1408 }
1409 return TRUE;
1410}
1411
1419BOOL license_read_product_info(wLog* log, wStream* s, LICENSE_PRODUCT_INFO* productInfo)
1420{
1421 WINPR_ASSERT(productInfo);
1422
1423 if (!license_check_stream_length(log, s, 8, "license product info::cbCompanyName"))
1424 return FALSE;
1425
1426 Stream_Read_UINT32(s, productInfo->dwVersion); /* dwVersion (4 bytes) */
1427 Stream_Read_UINT32(s, productInfo->cbCompanyName); /* cbCompanyName (4 bytes) */
1428
1429 /* Name must be >0, but there is no upper limit defined, use UINT32_MAX */
1430 if ((productInfo->cbCompanyName < 2) || (productInfo->cbCompanyName % 2 != 0))
1431 {
1432 WLog_Print(log, WLOG_WARN, "license product info invalid cbCompanyName %" PRIu32,
1433 productInfo->cbCompanyName);
1434 return FALSE;
1435 }
1436
1437 if (!license_check_stream_length(log, s, productInfo->cbCompanyName,
1438 "license product info::CompanyName"))
1439 return FALSE;
1440
1441 productInfo->pbProductId = nullptr;
1442 productInfo->pbCompanyName = (BYTE*)malloc(productInfo->cbCompanyName);
1443 if (!productInfo->pbCompanyName)
1444 goto out_fail;
1445 Stream_Read(s, productInfo->pbCompanyName, productInfo->cbCompanyName);
1446
1447 if (!license_check_stream_length(log, s, 4, "license product info::cbProductId"))
1448 goto out_fail;
1449
1450 Stream_Read_UINT32(s, productInfo->cbProductId); /* cbProductId (4 bytes) */
1451
1452 if ((productInfo->cbProductId < 2) || (productInfo->cbProductId % 2 != 0))
1453 {
1454 WLog_Print(log, WLOG_WARN, "license product info invalid cbProductId %" PRIu32,
1455 productInfo->cbProductId);
1456 goto out_fail;
1457 }
1458
1459 if (!license_check_stream_length(log, s, productInfo->cbProductId,
1460 "license product info::ProductId"))
1461 goto out_fail;
1462
1463 productInfo->pbProductId = (BYTE*)malloc(productInfo->cbProductId);
1464 if (!productInfo->pbProductId)
1465 goto out_fail;
1466 Stream_Read(s, productInfo->pbProductId, productInfo->cbProductId);
1467 return TRUE;
1468
1469out_fail:
1470 free(productInfo->pbCompanyName);
1471 free(productInfo->pbProductId);
1472 productInfo->pbCompanyName = nullptr;
1473 productInfo->pbProductId = nullptr;
1474 return FALSE;
1475}
1476
1477WINPR_ATTR_NODISCARD
1478static BOOL license_write_product_info(wLog* log, wStream* s,
1479 const LICENSE_PRODUCT_INFO* productInfo)
1480{
1481 WINPR_ASSERT(productInfo);
1482
1483 if (!license_check_stream_capacity(log, s, 8, "license product info::cbCompanyName"))
1484 return FALSE;
1485
1486 Stream_Write_UINT32(s, productInfo->dwVersion); /* dwVersion (4 bytes) */
1487 Stream_Write_UINT32(s, productInfo->cbCompanyName); /* cbCompanyName (4 bytes) */
1488
1489 /* Name must be >0, but there is no upper limit defined, use UINT32_MAX */
1490 if ((productInfo->cbCompanyName < 2) || (productInfo->cbCompanyName % 2 != 0) ||
1491 !productInfo->pbCompanyName)
1492 {
1493 WLog_Print(log, WLOG_WARN, "license product info invalid cbCompanyName %" PRIu32,
1494 productInfo->cbCompanyName);
1495 return FALSE;
1496 }
1497
1498 if (!license_check_stream_capacity(log, s, productInfo->cbCompanyName,
1499 "license product info::CompanyName"))
1500 return FALSE;
1501
1502 Stream_Write(s, productInfo->pbCompanyName, productInfo->cbCompanyName);
1503
1504 if (!license_check_stream_capacity(log, s, 4, "license product info::cbProductId"))
1505 return FALSE;
1506
1507 Stream_Write_UINT32(s, productInfo->cbProductId); /* cbProductId (4 bytes) */
1508
1509 if ((productInfo->cbProductId < 2) || (productInfo->cbProductId % 2 != 0) ||
1510 !productInfo->pbProductId)
1511 {
1512 WLog_Print(log, WLOG_WARN, "license product info invalid cbProductId %" PRIu32,
1513 productInfo->cbProductId);
1514 return FALSE;
1515 }
1516
1517 if (!license_check_stream_capacity(log, s, productInfo->cbProductId,
1518 "license product info::ProductId"))
1519 return FALSE;
1520
1521 Stream_Write(s, productInfo->pbProductId, productInfo->cbProductId);
1522 return TRUE;
1523}
1524
1531LICENSE_PRODUCT_INFO* license_new_product_info(void)
1532{
1533 LICENSE_PRODUCT_INFO* productInfo =
1534 (LICENSE_PRODUCT_INFO*)calloc(1, sizeof(LICENSE_PRODUCT_INFO));
1535 if (!productInfo)
1536 return nullptr;
1537 return productInfo;
1538}
1539
1546void license_free_product_info(LICENSE_PRODUCT_INFO* productInfo)
1547{
1548 if (productInfo)
1549 {
1550 free(productInfo->pbCompanyName);
1551 free(productInfo->pbProductId);
1552 free(productInfo);
1553 }
1554}
1555
1556BOOL license_read_binary_blob_data(wLog* log, LICENSE_BLOB* blob, UINT16 wBlobType,
1557 const void* data, size_t length)
1558{
1559 WINPR_ASSERT(blob);
1560 WINPR_ASSERT(length <= UINT16_MAX);
1561 WINPR_ASSERT(data || (length == 0));
1562
1563 blob->length = (UINT16)length;
1564 free(blob->data);
1565 blob->data = nullptr;
1566
1567 if ((blob->type != wBlobType) && (blob->type != BB_ANY_BLOB))
1568 {
1569 WLog_Print(log, WLOG_ERROR, "license binary blob::type expected %s, got %s",
1570 licencse_blob_type_string(wBlobType), licencse_blob_type_string(blob->type));
1571 }
1572
1573 /*
1574 * Server can choose to not send data by setting length to 0.
1575 * If so, it may not bother to set the type, so shortcut the warning
1576 */
1577 if ((blob->type != BB_ANY_BLOB) && (blob->length == 0))
1578 {
1579 WLog_Print(log, WLOG_DEBUG, "license binary blob::type %s, length=0, skipping.",
1580 licencse_blob_type_string(blob->type));
1581 return TRUE;
1582 }
1583
1584 blob->type = wBlobType;
1585 blob->data = nullptr;
1586 if (blob->length > 0)
1587 blob->data = malloc(blob->length);
1588 if (!blob->data)
1589 {
1590 WLog_Print(log, WLOG_ERROR, "license binary blob::length=%" PRIu16 ", blob::data=%p",
1591 blob->length, (const void*)blob->data);
1592 return FALSE;
1593 }
1594 memcpy(blob->data, data, blob->length); /* blobData */
1595 return TRUE;
1596}
1597
1605BOOL license_read_binary_blob(wLog* log, wStream* s, LICENSE_BLOB* blob)
1606{
1607 UINT16 wBlobType = 0;
1608 UINT16 length = 0;
1609
1610 WINPR_ASSERT(blob);
1611
1612 if (!license_check_stream_length(log, s, 4, "license binary blob::type"))
1613 return FALSE;
1614
1615 Stream_Read_UINT16(s, wBlobType); /* wBlobType (2 bytes) */
1616 Stream_Read_UINT16(s, length); /* wBlobLen (2 bytes) */
1617
1618 if (!license_check_stream_length(log, s, length, "license binary blob::length"))
1619 return FALSE;
1620
1621 if (!license_read_binary_blob_data(log, blob, wBlobType, Stream_Pointer(s), length))
1622 return FALSE;
1623
1624 return Stream_SafeSeek(s, length);
1625}
1626
1634BOOL license_write_binary_blob(wStream* s, const LICENSE_BLOB* blob)
1635{
1636 WINPR_ASSERT(blob);
1637
1638 if (!Stream_EnsureRemainingCapacity(s, blob->length + 4))
1639 return FALSE;
1640
1641 Stream_Write_UINT16(s, blob->type); /* wBlobType (2 bytes) */
1642 Stream_Write_UINT16(s, blob->length); /* wBlobLen (2 bytes) */
1643
1644 if (blob->length > 0)
1645 Stream_Write(s, blob->data, blob->length); /* blobData */
1646 return TRUE;
1647}
1648
1649WINPR_ATTR_NODISCARD
1650static BOOL license_write_encrypted_premaster_secret_blob(wLog* log, wStream* s,
1651 const LICENSE_BLOB* blob,
1652 UINT32 ModulusLength)
1653{
1654 const UINT32 length = ModulusLength + 8;
1655
1656 WINPR_ASSERT(blob);
1657 WINPR_ASSERT(length <= UINT16_MAX);
1658
1659 if (blob->length > ModulusLength)
1660 {
1661 WLog_Print(log, WLOG_ERROR, "invalid blob");
1662 return FALSE;
1663 }
1664
1665 if (!Stream_EnsureRemainingCapacity(s, length + 4))
1666 return FALSE;
1667 Stream_Write_UINT16(s, blob->type); /* wBlobType (2 bytes) */
1668 Stream_Write_UINT16(s, (UINT16)length); /* wBlobLen (2 bytes) */
1669
1670 if (blob->length > 0)
1671 Stream_Write(s, blob->data, blob->length); /* blobData */
1672
1673 Stream_Zero(s, length - blob->length);
1674 return TRUE;
1675}
1676
1677WINPR_ATTR_NODISCARD
1678static BOOL license_read_encrypted_premaster_secret_blob(wLog* log, wStream* s, LICENSE_BLOB* blob,
1679 UINT32* ModulusLength)
1680{
1681 if (!license_read_binary_blob(log, s, blob))
1682 return FALSE;
1683 WINPR_ASSERT(ModulusLength);
1684 *ModulusLength = blob->length;
1685 return TRUE;
1686}
1687
1694LICENSE_BLOB* license_new_binary_blob(UINT16 type)
1695{
1696 LICENSE_BLOB* blob = (LICENSE_BLOB*)calloc(1, sizeof(LICENSE_BLOB));
1697 if (blob)
1698 blob->type = type;
1699 return blob;
1700}
1701
1708void license_free_binary_blob(LICENSE_BLOB* blob)
1709{
1710 if (blob)
1711 {
1712 free(blob->data);
1713 free(blob);
1714 }
1715}
1716
1724BOOL license_read_scope_list(wLog* log, wStream* s, SCOPE_LIST* scopeList)
1725{
1726 UINT32 scopeCount = 0;
1727
1728 WINPR_ASSERT(scopeList);
1729
1730 if (!license_check_stream_length(log, s, 4, "license scope list"))
1731 return FALSE;
1732
1733 Stream_Read_UINT32(s, scopeCount); /* ScopeCount (4 bytes) */
1734
1735 if (!license_check_stream_length(log, s, 4ll * scopeCount, "license scope list::count"))
1736 return FALSE;
1737
1738 if (!license_scope_list_resize(scopeList, scopeCount))
1739 return FALSE;
1740 /* ScopeArray */
1741 for (UINT32 i = 0; i < scopeCount; i++)
1742 {
1743 if (!license_read_binary_blob(log, s, scopeList->array[i]))
1744 return FALSE;
1745 }
1746
1747 return TRUE;
1748}
1749
1750BOOL license_write_scope_list(wLog* log, wStream* s, const SCOPE_LIST* scopeList)
1751{
1752 WINPR_ASSERT(scopeList);
1753
1754 if (!license_check_stream_capacity(log, s, 4, "license scope list"))
1755 return FALSE;
1756
1757 Stream_Write_UINT32(s, scopeList->count); /* ScopeCount (4 bytes) */
1758
1759 if (!license_check_stream_capacity(log, s, scopeList->count * 4ull,
1760 "license scope list::count"))
1761 return FALSE;
1762
1763 /* ScopeArray */
1764 WINPR_ASSERT(scopeList->array || (scopeList->count == 0));
1765 for (UINT32 i = 0; i < scopeList->count; i++)
1766 {
1767 const LICENSE_BLOB* element = scopeList->array[i];
1768
1769 if (!license_write_binary_blob(s, element))
1770 return FALSE;
1771 }
1772
1773 return TRUE;
1774}
1775
1782SCOPE_LIST* license_new_scope_list(void)
1783{
1784 SCOPE_LIST* list = calloc(1, sizeof(SCOPE_LIST));
1785 return list;
1786}
1787
1788static void license_scope_list_free(SCOPE_LIST* scopeList, UINT32 count)
1789{
1790 WINPR_ASSERT(scopeList);
1791 WINPR_ASSERT(scopeList->array || (scopeList->count == 0));
1792
1793 for (UINT32 x = count; x < scopeList->count; x++)
1794 {
1795 license_free_binary_blob(scopeList->array[x]);
1796 scopeList->array[x] = nullptr;
1797 }
1798
1799 if (count == 0)
1800 {
1801 free((void*)scopeList->array);
1802 scopeList->array = nullptr;
1803 }
1804}
1805
1806BOOL license_scope_list_resize(SCOPE_LIST* scopeList, UINT32 count)
1807{
1808 license_scope_list_free(scopeList, count);
1809 if (count > 0)
1810 {
1811 LICENSE_BLOB** tmp =
1812 (LICENSE_BLOB**)realloc((void*)scopeList->array, count * sizeof(LICENSE_BLOB*));
1813 if (!tmp)
1814 return FALSE;
1815 scopeList->array = tmp;
1816 }
1817
1818 for (UINT32 x = scopeList->count; x < count; x++)
1819 {
1820 LICENSE_BLOB* blob = license_new_binary_blob(BB_SCOPE_BLOB);
1821 if (!blob)
1822 {
1823 scopeList->count = x;
1824 return FALSE;
1825 }
1826 scopeList->array[x] = blob;
1827 }
1828
1829 scopeList->count = count;
1830 return TRUE;
1831}
1832
1839void license_free_scope_list(SCOPE_LIST* scopeList)
1840{
1841 if (!scopeList)
1842 return;
1843
1844 license_scope_list_free(scopeList, 0);
1845 free(scopeList);
1846}
1847
1848BOOL license_send_license_info(rdpLicense* license, const LICENSE_BLOB* calBlob,
1849 const BYTE* signature, size_t signature_length)
1850{
1851 WINPR_ASSERT(calBlob);
1852 WINPR_ASSERT(signature);
1853 WINPR_ASSERT(license->certificate);
1854
1855 const rdpCertInfo* info = freerdp_certificate_get_info(license->certificate);
1856 if (!info)
1857 return FALSE;
1858
1859 UINT16 sec_flags = 0;
1860 wStream* s = license_send_stream_init(license, &sec_flags);
1861 if (!s)
1862 return FALSE;
1863
1864 if (!license_check_stream_capacity(license->log, s, 8 + sizeof(license->ClientRandom),
1865 "license info::ClientRandom"))
1866 goto error;
1867
1868 Stream_Write_UINT32(s,
1869 license->PreferredKeyExchangeAlg); /* PreferredKeyExchangeAlg (4 bytes) */
1870 Stream_Write_UINT32(s, license->PlatformId); /* PlatformId (4 bytes) */
1871
1872 /* ClientRandom (32 bytes) */
1873 Stream_Write(s, license->ClientRandom, sizeof(license->ClientRandom));
1874
1875 /* Licensing Binary Blob with EncryptedPreMasterSecret: */
1876 if (!license_write_encrypted_premaster_secret_blob(
1877 license->log, s, license->EncryptedPremasterSecret, info->ModulusLength))
1878 goto error;
1879
1880 /* Licensing Binary Blob with LicenseInfo: */
1881 if (!license_write_binary_blob(s, calBlob))
1882 goto error;
1883
1884 /* Licensing Binary Blob with EncryptedHWID */
1885 if (!license_write_binary_blob(s, license->EncryptedHardwareId))
1886 goto error;
1887
1888 /* MACData */
1889 if (!license_check_stream_capacity(license->log, s, signature_length, "license info::MACData"))
1890 goto error;
1891 Stream_Write(s, signature, signature_length);
1892
1893 return license_send(license, s, LICENSE_INFO, sec_flags);
1894
1895error:
1896 Stream_Release(s);
1897 return FALSE;
1898}
1899
1900WINPR_ATTR_NODISCARD
1901static BOOL license_check_preferred_alg(rdpLicense* license, UINT32 PreferredKeyExchangeAlg,
1902 const char* where)
1903{
1904 WINPR_ASSERT(license);
1905 WINPR_ASSERT(where);
1906
1907 if (license->PreferredKeyExchangeAlg != PreferredKeyExchangeAlg)
1908 {
1909 char buffer1[64] = WINPR_C_ARRAY_INIT;
1910 char buffer2[64] = WINPR_C_ARRAY_INIT;
1911 WLog_Print(license->log, WLOG_WARN, "%s::PreferredKeyExchangeAlg, expected %s, got %s",
1912 where,
1913 license_preferred_key_exchange_alg_string(license->PreferredKeyExchangeAlg,
1914 buffer1, sizeof(buffer1)),
1915 license_preferred_key_exchange_alg_string(PreferredKeyExchangeAlg, buffer2,
1916 sizeof(buffer2)));
1917 return FALSE;
1918 }
1919 return TRUE;
1920}
1921
1922BOOL license_read_license_info(rdpLicense* license, wStream* s)
1923{
1924 BOOL rc = FALSE;
1925 UINT32 PreferredKeyExchangeAlg = 0;
1926
1927 WINPR_ASSERT(license);
1928 WINPR_ASSERT(license->certificate);
1929
1930 const rdpCertInfo* info = freerdp_certificate_get_info(license->certificate);
1931 if (!info)
1932 goto error;
1933
1934 /* ClientRandom (32 bytes) */
1935 if (!license_check_stream_length(license->log, s, 8 + sizeof(license->ClientRandom),
1936 "license info"))
1937 goto error;
1938
1939 Stream_Read_UINT32(s, PreferredKeyExchangeAlg); /* PreferredKeyExchangeAlg (4 bytes) */
1940 if (!license_check_preferred_alg(license, PreferredKeyExchangeAlg, "license info"))
1941 goto error;
1942 Stream_Read_UINT32(s, license->PlatformId); /* PlatformId (4 bytes) */
1943
1944 /* ClientRandom (32 bytes) */
1945 Stream_Read(s, license->ClientRandom, sizeof(license->ClientRandom));
1946
1947 /* Licensing Binary Blob with EncryptedPreMasterSecret: */
1948 {
1949 UINT32 ModulusLength = 0;
1950 if (!license_read_encrypted_premaster_secret_blob(
1951 license->log, s, license->EncryptedPremasterSecret, &ModulusLength))
1952 goto error;
1953
1954 if (ModulusLength != info->ModulusLength)
1955 {
1956 WLog_Print(license->log, WLOG_WARN,
1957 "EncryptedPremasterSecret,::ModulusLength[%" PRIu32
1958 "] != rdpCertInfo::ModulusLength[%" PRIu32 "]",
1959 ModulusLength, info->ModulusLength);
1960 goto error;
1961 }
1962 }
1963
1964 /* Licensing Binary Blob with LicenseInfo: */
1965 if (!license_read_binary_blob(license->log, s, license->LicenseInfo))
1966 goto error;
1967
1968 /* Licensing Binary Blob with EncryptedHWID */
1969 if (!license_read_binary_blob(license->log, s, license->EncryptedHardwareId))
1970 goto error;
1971
1972 /* MACData */
1973 if (!license_check_stream_length(license->log, s, sizeof(license->MACData),
1974 "license info::MACData"))
1975 goto error;
1976 Stream_Read(s, license->MACData, sizeof(license->MACData));
1977
1978 rc = TRUE;
1979
1980error:
1981 return rc;
1982}
1983
1991BOOL license_read_license_request_packet(rdpLicense* license, wStream* s)
1992{
1993 WINPR_ASSERT(license);
1994
1995 /* ServerRandom (32 bytes) */
1996 if (!license_check_stream_length(license->log, s, sizeof(license->ServerRandom),
1997 "license request"))
1998 return FALSE;
1999
2000 Stream_Read(s, license->ServerRandom, sizeof(license->ServerRandom));
2001
2002 /* ProductInfo */
2003 if (!license_read_product_info(license->log, s, license->ProductInfo))
2004 return FALSE;
2005
2006 /* KeyExchangeList */
2007 if (!license_read_binary_blob(license->log, s, license->KeyExchangeList))
2008 return FALSE;
2009
2010 /* ServerCertificate */
2011 if (!license_read_binary_blob(license->log, s, license->ServerCertificate))
2012 return FALSE;
2013
2014 /* ScopeList */
2015 if (!license_read_scope_list(license->log, s, license->ScopeList))
2016 return FALSE;
2017
2018 /* Parse Server Certificate */
2019 if (!freerdp_certificate_read_server_cert(license->certificate,
2020 license->ServerCertificate->data,
2021 license->ServerCertificate->length))
2022 return FALSE;
2023
2024 if (!license_generate_keys(license) || !license_generate_hwid(license) ||
2025 !license_encrypt_premaster_secret(license))
2026 return FALSE;
2027
2028#ifdef WITH_DEBUG_LICENSE
2029 WLog_Print(license->log, WLOG_DEBUG, "ServerRandom:");
2030 winpr_HexLogDump(license->log, WLOG_DEBUG, license->ServerRandom,
2031 sizeof(license->ServerRandom));
2032 license_print_product_info(license->log, license->ProductInfo);
2033 license_print_scope_list(license->log, license->ScopeList);
2034#endif
2035 return TRUE;
2036}
2037
2038BOOL license_write_license_request_packet(const rdpLicense* license, wStream* s)
2039{
2040 WINPR_ASSERT(license);
2041
2042 /* ServerRandom (32 bytes) */
2043 if (!license_check_stream_capacity(license->log, s, sizeof(license->ServerRandom),
2044 "license request"))
2045 return FALSE;
2046 Stream_Write(s, license->ServerRandom, sizeof(license->ServerRandom));
2047
2048 /* ProductInfo */
2049 if (!license_write_product_info(license->log, s, license->ProductInfo))
2050 return FALSE;
2051
2052 /* KeyExchangeList */
2053 if (!license_write_binary_blob(s, license->KeyExchangeList))
2054 return FALSE;
2055
2056 /* ServerCertificate */
2057 if (!license_write_binary_blob(s, license->ServerCertificate))
2058 return FALSE;
2059
2060 /* ScopeList */
2061 if (!license_write_scope_list(license->log, s, license->ScopeList))
2062 return FALSE;
2063
2064 return TRUE;
2065}
2066
2067WINPR_ATTR_NODISCARD
2068static BOOL license_send_license_request_packet(rdpLicense* license)
2069{
2070 UINT16 sec_flags = 0;
2071 wStream* s = license_send_stream_init(license, &sec_flags);
2072 if (!s)
2073 return FALSE;
2074
2075 if (!license_write_license_request_packet(license, s))
2076 goto fail;
2077
2078 return license_send(license, s, LICENSE_REQUEST, sec_flags);
2079
2080fail:
2081 Stream_Release(s);
2082 return FALSE;
2083}
2084
2085/*
2086 * Read a PLATFORM_CHALLENGE packet.
2087 * msdn{cc241921}
2088 * @param license license module
2089 * @param s stream
2090 */
2091
2092BOOL license_read_platform_challenge_packet(rdpLicense* license, wStream* s)
2093{
2094 BYTE macData[LICENSING_ENCRYPTION_KEY_LENGTH] = WINPR_C_ARRAY_INIT;
2095
2096 WINPR_ASSERT(license);
2097
2098 DEBUG_LICENSE("Receiving Platform Challenge Packet");
2099
2100 if (!license_check_stream_length(license->log, s, 4, "license platform challenge"))
2101 return FALSE;
2102
2103 /* [MS-RDPELE] 2.2.2.4 Server Platform Challenge (SERVER_PLATFORM_CHALLENGE)
2104 * reserved field */
2105 Stream_Seek_UINT32(s); /* ConnectFlags, Reserved (4 bytes) */
2106
2107 /* EncryptedPlatformChallenge */
2108 license->EncryptedPlatformChallenge->type = BB_ANY_BLOB;
2109 if (!license_read_binary_blob(license->log, s, license->EncryptedPlatformChallenge))
2110 return FALSE;
2111 license->EncryptedPlatformChallenge->type = BB_ENCRYPTED_DATA_BLOB;
2112
2113 /* MACData (16 bytes) */
2114 if (!license_check_stream_length(license->log, s, sizeof(macData),
2115 "license platform challenge::MAC"))
2116 return FALSE;
2117
2118 Stream_Read(s, macData, sizeof(macData));
2119 if (!license_decrypt_and_check_MAC(license, license->EncryptedPlatformChallenge->data,
2120 license->EncryptedPlatformChallenge->length,
2121 license->PlatformChallenge, macData))
2122 return FALSE;
2123
2124 WLog_Print(license->log, WLOG_TRACE, "platform challenge read");
2125
2126#ifdef WITH_DEBUG_LICENSE
2127 WLog_Print(license->log, WLOG_DEBUG, "EncryptedPlatformChallenge:");
2128 winpr_HexLogDump(license->log, WLOG_DEBUG, license->EncryptedPlatformChallenge->data,
2129 license->EncryptedPlatformChallenge->length);
2130 WLog_Print(license->log, WLOG_DEBUG, "PlatformChallenge:");
2131 winpr_HexLogDump(license->log, WLOG_DEBUG, license->PlatformChallenge->data,
2132 license->PlatformChallenge->length);
2133 WLog_Print(license->log, WLOG_DEBUG, "MacData:");
2134 winpr_HexLogDump(license->log, WLOG_DEBUG, macData, sizeof(macData));
2135#endif
2136 return TRUE;
2137}
2138
2139BOOL license_send_error_alert(rdpLicense* license, UINT32 dwErrorCode, UINT32 dwStateTransition,
2140 const LICENSE_BLOB* info)
2141{
2142 UINT16 sec_flags = 0;
2143 wStream* s = license_send_stream_init(license, &sec_flags);
2144
2145 if (!s)
2146 goto fail;
2147
2148 if (!license_check_stream_capacity(license->log, s, 8, "license error alert"))
2149 goto fail;
2150 Stream_Write_UINT32(s, dwErrorCode);
2151 Stream_Write_UINT32(s, dwStateTransition);
2152
2153 if (info)
2154 {
2155 if (!license_write_binary_blob(s, info))
2156 goto fail;
2157 }
2158
2159 return license_send(license, s, ERROR_ALERT, sec_flags);
2160fail:
2161 Stream_Release(s);
2162 return FALSE;
2163}
2164
2165BOOL license_send_platform_challenge_packet(rdpLicense* license)
2166{
2167 UINT16 sec_flags = 0;
2168 wStream* s = license_send_stream_init(license, &sec_flags);
2169
2170 if (!s)
2171 goto fail;
2172
2173 DEBUG_LICENSE("Receiving Platform Challenge Packet");
2174
2175 if (!license_check_stream_capacity(license->log, s, 4, "license platform challenge"))
2176 goto fail;
2177
2178 Stream_Zero(s, 4); /* ConnectFlags, Reserved (4 bytes) */
2179
2180 /* EncryptedPlatformChallenge */
2181 if (!license_write_binary_blob(s, license->EncryptedPlatformChallenge))
2182 goto fail;
2183
2184 /* MACData (16 bytes) */
2185 if (!license_check_stream_length(license->log, s, sizeof(license->MACData),
2186 "license platform challenge::MAC"))
2187 goto fail;
2188
2189 Stream_Write(s, license->MACData, sizeof(license->MACData));
2190
2191 return license_send(license, s, PLATFORM_CHALLENGE, sec_flags);
2192fail:
2193 Stream_Release(s);
2194 return FALSE;
2195}
2196
2197WINPR_ATTR_NODISCARD
2198static BOOL license_read_encrypted_blob(const rdpLicense* license, wStream* s, LICENSE_BLOB* target)
2199{
2200 UINT16 wBlobType = 0;
2201 UINT16 wBlobLen = 0;
2202
2203 WINPR_ASSERT(license);
2204 WINPR_ASSERT(target);
2205
2206 if (!license_check_stream_length(license->log, s, 4, "license encrypted blob"))
2207 return FALSE;
2208
2209 Stream_Read_UINT16(s, wBlobType);
2210 if (wBlobType != BB_ENCRYPTED_DATA_BLOB)
2211 {
2212 WLog_Print(
2213 license->log, WLOG_WARN,
2214 "expecting BB_ENCRYPTED_DATA_BLOB blob, probably a windows 2003 server, continuing...");
2215 }
2216
2217 Stream_Read_UINT16(s, wBlobLen);
2218
2219 BYTE* encryptedData = Stream_Pointer(s);
2220 if (!Stream_SafeSeek(s, wBlobLen))
2221 {
2222 WLog_Print(license->log, WLOG_WARN,
2223 "short license encrypted blob::length, expected %" PRIu16 " bytes, got %" PRIuz,
2224 wBlobLen, Stream_GetRemainingLength(s));
2225 return FALSE;
2226 }
2227
2228 return license_rc4_with_licenseKey(license, encryptedData, wBlobLen, target);
2229}
2230
2238BOOL license_read_new_or_upgrade_license_packet(rdpLicense* license, wStream* s)
2239{
2240 UINT32 os_major = 0;
2241 UINT32 os_minor = 0;
2242 UINT32 cbScope = 0;
2243 UINT32 cbCompanyName = 0;
2244 UINT32 cbProductId = 0;
2245 UINT32 cbLicenseInfo = 0;
2246 wStream sbuffer = WINPR_C_ARRAY_INIT;
2247 wStream* licenseStream = nullptr;
2248 BOOL ret = FALSE;
2249 BYTE computedMac[16] = WINPR_C_ARRAY_INIT;
2250 const BYTE* readMac = nullptr;
2251
2252 WINPR_ASSERT(license);
2253
2254 DEBUG_LICENSE("Receiving Server New/Upgrade License Packet");
2255
2256 LICENSE_BLOB* calBlob = license_new_binary_blob(BB_DATA_BLOB);
2257 if (!calBlob)
2258 return FALSE;
2259
2260 /* EncryptedLicenseInfo */
2261 if (!license_read_encrypted_blob(license, s, calBlob))
2262 goto fail;
2263
2264 /* compute MAC and check it */
2265 readMac = Stream_Pointer(s);
2266 if (!Stream_SafeSeek(s, sizeof(computedMac)))
2267 {
2268 WLog_Print(license->log, WLOG_WARN,
2269 "short license new/upgrade, expected 16 bytes, got %" PRIuz,
2270 Stream_GetRemainingLength(s));
2271 goto fail;
2272 }
2273
2274 if (!security_mac_data(license->MacSaltKey, sizeof(license->MacSaltKey), calBlob->data,
2275 calBlob->length, computedMac, sizeof(computedMac)))
2276 goto fail;
2277
2278 if (memcmp(computedMac, readMac, sizeof(computedMac)) != 0)
2279 {
2280 WLog_Print(license->log, WLOG_ERROR, "new or upgrade license MAC mismatch");
2281 goto fail;
2282 }
2283
2284 licenseStream = Stream_StaticConstInit(&sbuffer, calBlob->data, calBlob->length);
2285 if (!licenseStream)
2286 {
2287 WLog_Print(license->log, WLOG_ERROR,
2288 "license::blob::data=%p, license::blob::length=%" PRIu16,
2289 (const void*)calBlob->data, calBlob->length);
2290 goto fail;
2291 }
2292
2293 if (!license_check_stream_length(license->log, licenseStream, 8,
2294 "license new/upgrade::blob::version"))
2295 goto fail;
2296
2297 Stream_Read_UINT16(licenseStream, os_minor);
2298 Stream_Read_UINT16(licenseStream, os_major);
2299
2300 WLog_Print(license->log, WLOG_DEBUG, "Version: %" PRIu16 ".%" PRIu16, os_major, os_minor);
2301
2302 /* Scope */
2303 Stream_Read_UINT32(licenseStream, cbScope);
2304 if (!license_check_stream_length(license->log, licenseStream, cbScope,
2305 "license new/upgrade::blob::scope"))
2306 goto fail;
2307
2308#ifdef WITH_DEBUG_LICENSE
2309 WLog_Print(license->log, WLOG_DEBUG, "Scope:");
2310 winpr_HexLogDump(license->log, WLOG_DEBUG, Stream_Pointer(licenseStream), cbScope);
2311#endif
2312 Stream_Seek(licenseStream, cbScope);
2313
2314 /* CompanyName */
2315 if (!license_check_stream_length(license->log, licenseStream, 4,
2316 "license new/upgrade::blob::cbCompanyName"))
2317 goto fail;
2318
2319 Stream_Read_UINT32(licenseStream, cbCompanyName);
2320 if (!license_check_stream_length(license->log, licenseStream, cbCompanyName,
2321 "license new/upgrade::blob::CompanyName"))
2322 goto fail;
2323
2324#ifdef WITH_DEBUG_LICENSE
2325 WLog_Print(license->log, WLOG_DEBUG, "Company name:");
2326 winpr_HexLogDump(license->log, WLOG_DEBUG, Stream_Pointer(licenseStream), cbCompanyName);
2327#endif
2328 Stream_Seek(licenseStream, cbCompanyName);
2329
2330 /* productId */
2331 if (!license_check_stream_length(license->log, licenseStream, 4,
2332 "license new/upgrade::blob::cbProductId"))
2333 goto fail;
2334
2335 Stream_Read_UINT32(licenseStream, cbProductId);
2336
2337 if (!license_check_stream_length(license->log, licenseStream, cbProductId,
2338 "license new/upgrade::blob::ProductId"))
2339 goto fail;
2340
2341#ifdef WITH_DEBUG_LICENSE
2342 WLog_Print(license->log, WLOG_DEBUG, "Product id:");
2343 winpr_HexLogDump(license->log, WLOG_DEBUG, Stream_Pointer(licenseStream), cbProductId);
2344#endif
2345 Stream_Seek(licenseStream, cbProductId);
2346
2347 /* licenseInfo */
2348 if (!license_check_stream_length(license->log, licenseStream, 4,
2349 "license new/upgrade::blob::cbLicenseInfo"))
2350 goto fail;
2351
2352 Stream_Read_UINT32(licenseStream, cbLicenseInfo);
2353 if (!license_check_stream_length(license->log, licenseStream, cbLicenseInfo,
2354 "license new/upgrade::blob::LicenseInfo"))
2355 goto fail;
2356
2357 license->type = LICENSE_TYPE_ISSUED;
2358 license_set_state(license, LICENSE_STATE_COMPLETED);
2359 ret = TRUE;
2360
2361 if (!license->rdp->settings->OldLicenseBehaviour)
2362 ret = saveCal(license->log, license->rdp->settings, Stream_Pointer(licenseStream),
2363 cbLicenseInfo, license->rdp->settings->ClientHostname);
2364
2365fail:
2366 license_free_binary_blob(calBlob);
2367 return ret;
2368}
2369
2377BOOL license_read_error_alert_packet(rdpLicense* license, wStream* s)
2378{
2379 UINT32 dwErrorCode = 0;
2380 UINT32 dwStateTransition = 0;
2381
2382 WINPR_ASSERT(license);
2383 WINPR_ASSERT(license->rdp);
2384
2385 if (!license_check_stream_length(license->log, s, 8ul, "error alert"))
2386 return FALSE;
2387
2388 Stream_Read_UINT32(s, dwErrorCode); /* dwErrorCode (4 bytes) */
2389 Stream_Read_UINT32(s, dwStateTransition); /* dwStateTransition (4 bytes) */
2390
2391 if (!license_read_binary_blob(license->log, s, license->ErrorInfo)) /* bbErrorInfo */
2392 return FALSE;
2393
2394#ifdef WITH_DEBUG_LICENSE
2395 WLog_Print(license->log, WLOG_DEBUG, "dwErrorCode: %s, dwStateTransition: %s",
2396 error_codes[dwErrorCode], state_transitions[dwStateTransition]);
2397#endif
2398
2399 if (dwErrorCode == STATUS_VALID_CLIENT)
2400 {
2401 license->type = LICENSE_TYPE_NONE;
2402 license_set_state(license, LICENSE_STATE_COMPLETED);
2403 return TRUE;
2404 }
2405
2406 switch (dwStateTransition)
2407 {
2408 case ST_TOTAL_ABORT:
2409 license_set_state(license, LICENSE_STATE_ABORTED);
2410 break;
2411 case ST_NO_TRANSITION:
2412 license_set_state(license, LICENSE_STATE_COMPLETED);
2413 break;
2414 case ST_RESET_PHASE_TO_START:
2415 license_set_state(license, LICENSE_STATE_CONFIGURED);
2416 break;
2417 case ST_RESEND_LAST_MESSAGE:
2418 break;
2419 default:
2420 break;
2421 }
2422
2423 return TRUE;
2424}
2425
2433BOOL license_write_new_license_request_packet(const rdpLicense* license, wStream* s)
2434{
2435 WINPR_ASSERT(license);
2436
2437 const rdpCertInfo* info = freerdp_certificate_get_info(license->certificate);
2438 if (!info)
2439 return FALSE;
2440
2441 if (!license_check_stream_capacity(license->log, s, 8 + sizeof(license->ClientRandom),
2442 "License Request"))
2443 return FALSE;
2444
2445 Stream_Write_UINT32(s,
2446 license->PreferredKeyExchangeAlg); /* PreferredKeyExchangeAlg (4 bytes) */
2447 Stream_Write_UINT32(s, license->PlatformId); /* PlatformId (4 bytes) */
2448 Stream_Write(s, license->ClientRandom,
2449 sizeof(license->ClientRandom)); /* ClientRandom (32 bytes) */
2450
2451 if (/* EncryptedPremasterSecret */
2452 !license_write_encrypted_premaster_secret_blob(
2453 license->log, s, license->EncryptedPremasterSecret, info->ModulusLength) ||
2454 /* ClientUserName */
2455 !license_write_binary_blob(s, license->ClientUserName) ||
2456 /* ClientMachineName */
2457 !license_write_binary_blob(s, license->ClientMachineName))
2458 {
2459 return FALSE;
2460 }
2461
2462 WLog_Print(license->log, WLOG_TRACE, "new license written");
2463
2464#ifdef WITH_DEBUG_LICENSE
2465 WLog_Print(license->log, WLOG_DEBUG, "PreferredKeyExchangeAlg: 0x%08" PRIX32 "",
2466 license->PreferredKeyExchangeAlg);
2467 WLog_Print(license->log, WLOG_DEBUG, "ClientRandom:");
2468 winpr_HexLogDump(license->log, WLOG_DEBUG, license->ClientRandom,
2469 sizeof(license->ClientRandom));
2470 WLog_Print(license->log, WLOG_DEBUG, "EncryptedPremasterSecret");
2471 winpr_HexLogDump(license->log, WLOG_DEBUG, license->EncryptedPremasterSecret->data,
2472 license->EncryptedPremasterSecret->length);
2473 WLog_Print(license->log, WLOG_DEBUG, "ClientUserName (%" PRIu16 "): %s",
2474 license->ClientUserName->length, (char*)license->ClientUserName->data);
2475 WLog_Print(license->log, WLOG_DEBUG, "ClientMachineName (%" PRIu16 "): %s",
2476 license->ClientMachineName->length, (char*)license->ClientMachineName->data);
2477#endif
2478 return TRUE;
2479}
2480
2481BOOL license_read_new_license_request_packet(rdpLicense* license, wStream* s)
2482{
2483 UINT32 PreferredKeyExchangeAlg = 0;
2484
2485 WINPR_ASSERT(license);
2486
2487 if (!license_check_stream_length(license->log, s, 8ull + sizeof(license->ClientRandom),
2488 "new license request"))
2489 return FALSE;
2490
2491 Stream_Read_UINT32(s, PreferredKeyExchangeAlg); /* PreferredKeyExchangeAlg (4 bytes) */
2492 if (!license_check_preferred_alg(license, PreferredKeyExchangeAlg, "new license request"))
2493 return FALSE;
2494
2495 Stream_Read_UINT32(s, license->PlatformId); /* PlatformId (4 bytes) */
2496 Stream_Read(s, license->ClientRandom,
2497 sizeof(license->ClientRandom)); /* ClientRandom (32 bytes) */
2498
2499 /* EncryptedPremasterSecret */
2500 UINT32 ModulusLength = 0;
2501 if (!license_read_encrypted_premaster_secret_blob(
2502 license->log, s, license->EncryptedPremasterSecret, &ModulusLength))
2503 return FALSE;
2504
2505 const rdpCertInfo* info = freerdp_certificate_get_info(license->certificate);
2506 if (!info)
2507 WLog_Print(license->log, WLOG_WARN,
2508 "Missing license certificate, skipping ModulusLength checks");
2509 else if (ModulusLength != info->ModulusLength)
2510 {
2511 WLog_Print(license->log, WLOG_WARN,
2512 "EncryptedPremasterSecret expected to be %" PRIu32 " bytes, but read %" PRIu32
2513 " bytes",
2514 info->ModulusLength, ModulusLength);
2515 return FALSE;
2516 }
2517
2518 /* ClientUserName */
2519 if (!license_read_binary_blob(license->log, s, license->ClientUserName))
2520 return FALSE;
2521 /* ClientMachineName */
2522 if (!license_read_binary_blob(license->log, s, license->ClientMachineName))
2523 return FALSE;
2524
2525 return TRUE;
2526}
2527
2534BOOL license_answer_license_request(rdpLicense* license)
2535{
2536 UINT16 sec_flags = 0;
2537 wStream* s = nullptr;
2538 BYTE* license_data = nullptr;
2539 size_t license_size = 0;
2540 BOOL status = 0;
2541 char* username = nullptr;
2542
2543 WINPR_ASSERT(license);
2544 WINPR_ASSERT(license->rdp);
2545 WINPR_ASSERT(license->rdp->settings);
2546
2547 if (!license->rdp->settings->OldLicenseBehaviour)
2548 license_data = loadCalFile(license->log, license->rdp->settings,
2549 license->rdp->settings->ClientHostname, &license_size);
2550
2551 if (license_data)
2552 {
2553 LICENSE_BLOB* calBlob = nullptr;
2554 BYTE signature[LICENSING_ENCRYPTION_KEY_LENGTH] = WINPR_C_ARRAY_INIT;
2555
2556 DEBUG_LICENSE("Sending Saved License Packet");
2557
2558 WINPR_ASSERT(license->EncryptedHardwareId);
2559 license->EncryptedHardwareId->type = BB_ENCRYPTED_DATA_BLOB;
2560 if (!license_encrypt_and_MAC(license, license->HardwareId, sizeof(license->HardwareId),
2561 license->EncryptedHardwareId, signature, sizeof(signature)))
2562 {
2563 free(license_data);
2564 return FALSE;
2565 }
2566
2567 calBlob = license_new_binary_blob(BB_DATA_BLOB);
2568 if (!calBlob)
2569 {
2570 free(license_data);
2571 return FALSE;
2572 }
2573 calBlob->data = license_data;
2574 WINPR_ASSERT(license_size <= UINT16_MAX);
2575 calBlob->length = (UINT16)license_size;
2576
2577 status = license_send_license_info(license, calBlob, signature, sizeof(signature));
2578 license_free_binary_blob(calBlob);
2579
2580 return status;
2581 }
2582
2583 DEBUG_LICENSE("Sending New License Packet");
2584
2585 s = license_send_stream_init(license, &sec_flags);
2586 if (!s)
2587 return FALSE;
2588 if (license->rdp->settings->Username != nullptr)
2589 username = license->rdp->settings->Username;
2590 else
2591 username = "username";
2592
2593 {
2594 WINPR_ASSERT(license->ClientUserName);
2595 const size_t len = strlen(username) + 1;
2596 WINPR_ASSERT(len <= UINT16_MAX);
2597
2598 license->ClientUserName->data = (BYTE*)username;
2599 license->ClientUserName->length = (UINT16)len;
2600 }
2601
2602 {
2603 WINPR_ASSERT(license->ClientMachineName);
2604 const size_t len = strlen(license->rdp->settings->ClientHostname) + 1;
2605 WINPR_ASSERT(len <= UINT16_MAX);
2606
2607 license->ClientMachineName->data = (BYTE*)license->rdp->settings->ClientHostname;
2608 license->ClientMachineName->length = (UINT16)len;
2609 }
2610 status = license_write_new_license_request_packet(license, s);
2611
2612 WINPR_ASSERT(license->ClientUserName);
2613 license->ClientUserName->data = nullptr;
2614 license->ClientUserName->length = 0;
2615
2616 WINPR_ASSERT(license->ClientMachineName);
2617 license->ClientMachineName->data = nullptr;
2618 license->ClientMachineName->length = 0;
2619
2620 if (!status)
2621 {
2622 Stream_Release(s);
2623 return FALSE;
2624 }
2625
2626 return license_send(license, s, NEW_LICENSE_REQUEST, sec_flags);
2627}
2628
2635BOOL license_send_platform_challenge_response(rdpLicense* license)
2636{
2637 wStream* challengeRespData = nullptr;
2638 BYTE* buffer = nullptr;
2639 BOOL status = 0;
2640
2641 WINPR_ASSERT(license);
2642 WINPR_ASSERT(license->PlatformChallenge);
2643 WINPR_ASSERT(license->MacSaltKey);
2644 WINPR_ASSERT(license->EncryptedPlatformChallenge);
2645 WINPR_ASSERT(license->EncryptedHardwareId);
2646
2647 DEBUG_LICENSE("Sending Platform Challenge Response Packet");
2648
2649 license->EncryptedPlatformChallenge->type = BB_DATA_BLOB;
2650
2651 /* prepare the PLATFORM_CHALLENGE_RESPONSE_DATA */
2652 challengeRespData = Stream_New(nullptr, 8 + license->PlatformChallenge->length);
2653 if (!challengeRespData)
2654 return FALSE;
2655 Stream_Write_UINT16(challengeRespData, PLATFORM_CHALLENGE_RESPONSE_VERSION); /* wVersion */
2656 Stream_Write_UINT16(challengeRespData, license->ClientType); /* wClientType */
2657 Stream_Write_UINT16(challengeRespData, license->LicenseDetailLevel); /* wLicenseDetailLevel */
2658 Stream_Write_UINT16(challengeRespData, license->PlatformChallenge->length); /* cbChallenge */
2659 Stream_Write(challengeRespData, license->PlatformChallenge->data,
2660 license->PlatformChallenge->length); /* pbChallenge */
2661 Stream_SealLength(challengeRespData);
2662
2663 /* compute MAC of PLATFORM_CHALLENGE_RESPONSE_DATA + HWID */
2664 const size_t length = Stream_Length(challengeRespData) + sizeof(license->HardwareId);
2665 buffer = (BYTE*)malloc(length);
2666 if (!buffer)
2667 {
2668 Stream_Free(challengeRespData, TRUE);
2669 return FALSE;
2670 }
2671
2672 CopyMemory(buffer, Stream_Buffer(challengeRespData), Stream_Length(challengeRespData));
2673 CopyMemory(&buffer[Stream_Length(challengeRespData)], license->HardwareId,
2674 sizeof(license->HardwareId));
2675 status = security_mac_data(license->MacSaltKey, sizeof(license->MacSaltKey), buffer, length,
2676 license->MACData, sizeof(license->MACData));
2677 free(buffer);
2678
2679 if (!status)
2680 {
2681 Stream_Free(challengeRespData, TRUE);
2682 return FALSE;
2683 }
2684
2685 license->EncryptedHardwareId->type = BB_ENCRYPTED_DATA_BLOB;
2686 if (!license_rc4_with_licenseKey(license, license->HardwareId, sizeof(license->HardwareId),
2687 license->EncryptedHardwareId))
2688 {
2689 Stream_Free(challengeRespData, TRUE);
2690 return FALSE;
2691 }
2692
2693 status = license_rc4_with_licenseKey(license, Stream_Buffer(challengeRespData),
2694 Stream_Length(challengeRespData),
2695 license->EncryptedPlatformChallengeResponse);
2696 Stream_Free(challengeRespData, TRUE);
2697 if (!status)
2698 return FALSE;
2699
2700#ifdef WITH_DEBUG_LICENSE
2701 WLog_Print(license->log, WLOG_DEBUG, "LicensingEncryptionKey:");
2702 winpr_HexLogDump(license->log, WLOG_DEBUG, license->LicensingEncryptionKey, 16);
2703 WLog_Print(license->log, WLOG_DEBUG, "HardwareId:");
2704 winpr_HexLogDump(license->log, WLOG_DEBUG, license->HardwareId, sizeof(license->HardwareId));
2705 WLog_Print(license->log, WLOG_DEBUG, "EncryptedHardwareId:");
2706 winpr_HexLogDump(license->log, WLOG_DEBUG, license->EncryptedHardwareId->data,
2707 license->EncryptedHardwareId->length);
2708#endif
2709 UINT16 sec_flags = 0;
2710 wStream* s = license_send_stream_init(license, &sec_flags);
2711 if (!s)
2712 return FALSE;
2713
2714 if (license_write_client_platform_challenge_response(license, s))
2715 return license_send(license, s, PLATFORM_CHALLENGE_RESPONSE, sec_flags);
2716
2717 Stream_Release(s);
2718 return FALSE;
2719}
2720
2721BOOL license_read_platform_challenge_response(WINPR_ATTR_UNUSED rdpLicense* license)
2722{
2723 WINPR_ASSERT(license);
2724 WINPR_ASSERT(license->PlatformChallenge);
2725 WINPR_ASSERT(license->MacSaltKey);
2726 WINPR_ASSERT(license->EncryptedPlatformChallenge);
2727 WINPR_ASSERT(license->EncryptedHardwareId);
2728
2729 DEBUG_LICENSE("Receiving Platform Challenge Response Packet");
2730
2731#if defined(WITH_LICENSE_DECRYPT_CHALLENGE_RESPONSE)
2732 BOOL rc = FALSE;
2733 LICENSE_BLOB* dblob = license_new_binary_blob(BB_ANY_BLOB);
2734 if (!dblob)
2735 return FALSE;
2736
2737 wStream sbuffer = WINPR_C_ARRAY_INIT;
2738 UINT16 wVersion = 0;
2739 UINT16 cbChallenge = 0;
2740 const BYTE* pbChallenge = nullptr;
2741 LICENSE_BLOB* blob = license->EncryptedPlatformChallengeResponse;
2742
2743 if (!license_rc4_with_licenseKey(license, blob->data, blob->length, dblob))
2744 goto fail;
2745
2746 wStream* s = Stream_StaticConstInit(&sbuffer, dblob->data, dblob->length);
2747 if (!license_check_stream_length(s, 8, "PLATFORM_CHALLENGE_RESPONSE_DATA"))
2748 goto fail;
2749
2750 Stream_Read_UINT16(s, wVersion);
2751 if (wVersion != PLATFORM_CHALLENGE_RESPONSE_VERSION)
2752 {
2753 WLog_Print(license->log, WLOG_WARN,
2754 "Invalid PLATFORM_CHALLENGE_RESPONSE_DATA::wVersion 0x%04" PRIx16
2755 ", expected 0x04" PRIx16,
2756 wVersion, PLATFORM_CHALLENGE_RESPONSE_VERSION);
2757 goto fail;
2758 }
2759 Stream_Read_UINT16(s, license->ClientType);
2760 Stream_Read_UINT16(s, license->LicenseDetailLevel);
2761 Stream_Read_UINT16(s, cbChallenge);
2762
2763 if (!license_check_stream_length(s, cbChallenge,
2764 "PLATFORM_CHALLENGE_RESPONSE_DATA::pbChallenge"))
2765 goto fail;
2766
2767 pbChallenge = Stream_Pointer(s);
2768 if (!license_read_binary_blob_data(license->PlatformChallengeResponse, BB_DATA_BLOB,
2769 pbChallenge, cbChallenge))
2770 goto fail;
2771 if (!Stream_SafeSeek(s, cbChallenge))
2772 goto fail;
2773
2774 rc = TRUE;
2775fail:
2776 license_free_binary_blob(dblob);
2777 return rc;
2778#else
2779 return TRUE;
2780#endif
2781}
2782
2783BOOL license_write_client_platform_challenge_response(rdpLicense* license, wStream* s)
2784{
2785 WINPR_ASSERT(license);
2786
2787 if (!license_write_binary_blob(s, license->EncryptedPlatformChallengeResponse))
2788 return FALSE;
2789 if (!license_write_binary_blob(s, license->EncryptedHardwareId))
2790 return FALSE;
2791 if (!license_check_stream_capacity(license->log, s, sizeof(license->MACData),
2792 "CLIENT_PLATFORM_CHALLENGE_RESPONSE::MACData"))
2793 return FALSE;
2794 Stream_Write(s, license->MACData, sizeof(license->MACData));
2795 return TRUE;
2796}
2797
2798BOOL license_read_client_platform_challenge_response(rdpLicense* license, wStream* s)
2799{
2800 WINPR_ASSERT(license);
2801
2802 if (!license_read_binary_blob(license->log, s, license->EncryptedPlatformChallengeResponse))
2803 return FALSE;
2804 if (!license_read_binary_blob(license->log, s, license->EncryptedHardwareId))
2805 return FALSE;
2806 if (!license_check_stream_length(license->log, s, sizeof(license->MACData),
2807 "CLIENT_PLATFORM_CHALLENGE_RESPONSE::MACData"))
2808 return FALSE;
2809 Stream_Read(s, license->MACData, sizeof(license->MACData));
2810 return license_read_platform_challenge_response(license);
2811}
2812
2822BOOL license_send_valid_client_error_packet(rdpRdp* rdp)
2823{
2824 WINPR_ASSERT(rdp);
2825 rdpLicense* license = rdp->license;
2826 WINPR_ASSERT(license);
2827
2828 license->state = LICENSE_STATE_COMPLETED;
2829 license->type = LICENSE_TYPE_NONE;
2830 return license_send_error_alert(license, STATUS_VALID_CLIENT, ST_NO_TRANSITION,
2831 license->ErrorInfo);
2832}
2833
2840rdpLicense* license_new(rdpRdp* rdp)
2841{
2842 WINPR_ASSERT(rdp);
2843
2844 rdpLicense* license = (rdpLicense*)calloc(1, sizeof(rdpLicense));
2845 if (!license)
2846 return nullptr;
2847 license->log = WLog_Get(LICENSE_TAG);
2848 WINPR_ASSERT(license->log);
2849
2850 license->PlatformId = PLATFORMID;
2851 license->ClientType = OTHER_PLATFORM_CHALLENGE_TYPE;
2852 license->LicenseDetailLevel = LICENSE_DETAIL_DETAIL;
2853 license->PreferredKeyExchangeAlg = KEY_EXCHANGE_ALG_RSA;
2854 license->rdp = rdp;
2855
2856 license_set_state(license, LICENSE_STATE_INITIAL);
2857 if (!(license->certificate = freerdp_certificate_new()))
2858 goto out_error;
2859 if (!(license->ProductInfo = license_new_product_info()))
2860 goto out_error;
2861 if (!(license->ErrorInfo = license_new_binary_blob(BB_ERROR_BLOB)))
2862 goto out_error;
2863 if (!(license->LicenseInfo = license_new_binary_blob(BB_DATA_BLOB)))
2864 goto out_error;
2865 if (!(license->KeyExchangeList = license_new_binary_blob(BB_KEY_EXCHG_ALG_BLOB)))
2866 goto out_error;
2867 if (!(license->ServerCertificate = license_new_binary_blob(BB_CERTIFICATE_BLOB)))
2868 goto out_error;
2869 if (!(license->ClientUserName = license_new_binary_blob(BB_CLIENT_USER_NAME_BLOB)))
2870 goto out_error;
2871 if (!(license->ClientMachineName = license_new_binary_blob(BB_CLIENT_MACHINE_NAME_BLOB)))
2872 goto out_error;
2873 if (!(license->PlatformChallenge = license_new_binary_blob(BB_ANY_BLOB)))
2874 goto out_error;
2875 if (!(license->PlatformChallengeResponse = license_new_binary_blob(BB_ANY_BLOB)))
2876 goto out_error;
2877 if (!(license->EncryptedPlatformChallenge = license_new_binary_blob(BB_ANY_BLOB)))
2878 goto out_error;
2879 if (!(license->EncryptedPlatformChallengeResponse =
2880 license_new_binary_blob(BB_ENCRYPTED_DATA_BLOB)))
2881 goto out_error;
2882 if (!(license->EncryptedPremasterSecret = license_new_binary_blob(BB_ANY_BLOB)))
2883 goto out_error;
2884 if (!(license->EncryptedHardwareId = license_new_binary_blob(BB_ENCRYPTED_DATA_BLOB)))
2885 goto out_error;
2886 if (!(license->EncryptedLicenseInfo = license_new_binary_blob(BB_ENCRYPTED_DATA_BLOB)))
2887 goto out_error;
2888 if (!(license->ScopeList = license_new_scope_list()))
2889 goto out_error;
2890
2891 if (!license_generate_randoms(license))
2892 goto out_error;
2893
2894 return license;
2895
2896out_error:
2897 WINPR_PRAGMA_DIAG_PUSH
2898 WINPR_PRAGMA_DIAG_IGNORED_MISMATCHED_DEALLOC
2899 license_free(license);
2900 WINPR_PRAGMA_DIAG_POP
2901 return nullptr;
2902}
2903
2909void license_free(rdpLicense* license)
2910{
2911 if (license)
2912 {
2913 freerdp_certificate_free(license->certificate);
2914 license_free_product_info(license->ProductInfo);
2915 license_free_binary_blob(license->ErrorInfo);
2916 license_free_binary_blob(license->LicenseInfo);
2917 license_free_binary_blob(license->KeyExchangeList);
2918 license_free_binary_blob(license->ServerCertificate);
2919 license_free_binary_blob(license->ClientUserName);
2920 license_free_binary_blob(license->ClientMachineName);
2921 license_free_binary_blob(license->PlatformChallenge);
2922 license_free_binary_blob(license->PlatformChallengeResponse);
2923 license_free_binary_blob(license->EncryptedPlatformChallenge);
2924 license_free_binary_blob(license->EncryptedPlatformChallengeResponse);
2925 license_free_binary_blob(license->EncryptedPremasterSecret);
2926 license_free_binary_blob(license->EncryptedHardwareId);
2927 license_free_binary_blob(license->EncryptedLicenseInfo);
2928 license_free_scope_list(license->ScopeList);
2929 free(license);
2930 }
2931}
2932
2933LICENSE_STATE license_get_state(const rdpLicense* license)
2934{
2935 WINPR_ASSERT(license);
2936 return license->state;
2937}
2938
2939LICENSE_TYPE license_get_type(const rdpLicense* license)
2940{
2941 WINPR_ASSERT(license);
2942 return license->type;
2943}
2944
2945void license_set_state(rdpLicense* license, LICENSE_STATE state)
2946{
2947 WINPR_ASSERT(license);
2948 license->state = state;
2949 switch (state)
2950 {
2951 case LICENSE_STATE_COMPLETED:
2952 break;
2953 case LICENSE_STATE_ABORTED:
2954 default:
2955 license->type = LICENSE_TYPE_INVALID;
2956 break;
2957 }
2958}
2959
2960const char* license_get_state_string(LICENSE_STATE state)
2961{
2962 switch (state)
2963 {
2964 case LICENSE_STATE_INITIAL:
2965 return "LICENSE_STATE_INITIAL";
2966 case LICENSE_STATE_CONFIGURED:
2967 return "LICENSE_STATE_CONFIGURED";
2968 case LICENSE_STATE_REQUEST:
2969 return "LICENSE_STATE_REQUEST";
2970 case LICENSE_STATE_NEW_REQUEST:
2971 return "LICENSE_STATE_NEW_REQUEST";
2972 case LICENSE_STATE_PLATFORM_CHALLENGE:
2973 return "LICENSE_STATE_PLATFORM_CHALLENGE";
2974 case LICENSE_STATE_PLATFORM_CHALLENGE_RESPONSE:
2975 return "LICENSE_STATE_PLATFORM_CHALLENGE_RESPONSE";
2976 case LICENSE_STATE_COMPLETED:
2977 return "LICENSE_STATE_COMPLETED";
2978 case LICENSE_STATE_ABORTED:
2979 return "LICENSE_STATE_ABORTED";
2980 default:
2981 return "LICENSE_STATE_UNKNOWN";
2982 }
2983}
2984
2985BOOL license_server_send_request(rdpLicense* license)
2986{
2987 if (!license_ensure_state(license, LICENSE_STATE_CONFIGURED, LICENSE_REQUEST))
2988 return FALSE;
2989 if (!license_send_license_request_packet(license))
2990 return FALSE;
2991 license_set_state(license, LICENSE_STATE_REQUEST);
2992 return TRUE;
2993}
2994
2995WINPR_ATTR_NODISCARD
2996static BOOL license_set_string(wLog* log, const char* what, const char* value, BYTE** bdst,
2997 UINT32* dstLen)
2998{
2999 WINPR_ASSERT(what);
3000 WINPR_ASSERT(value);
3001 WINPR_ASSERT(bdst);
3002 WINPR_ASSERT(dstLen);
3003
3004 union
3005 {
3006 WCHAR** w;
3007 BYTE** b;
3008 } cnv;
3009 cnv.b = bdst;
3010
3011 size_t len = 0;
3012 *cnv.w = ConvertUtf8ToWCharAlloc(value, &len);
3013 if (!*cnv.w || (len > UINT32_MAX / sizeof(WCHAR)))
3014 {
3015 WLog_Print(log, WLOG_ERROR, "license->ProductInfo: %s == %p || %" PRIuz " > UINT32_MAX",
3016 what, (void*)(*cnv.w), len);
3017 return FALSE;
3018 }
3019 *dstLen = (UINT32)(len * sizeof(WCHAR));
3020 return TRUE;
3021}
3022
3023BOOL license_server_configure(rdpLicense* license)
3024{
3025 wStream* s = nullptr;
3026 UINT32 algs[] = { KEY_EXCHANGE_ALG_RSA };
3027
3028 WINPR_ASSERT(license);
3029 WINPR_ASSERT(license->rdp);
3030
3031 const rdpSettings* settings = license->rdp->settings;
3032
3033 const char* CompanyName =
3034 freerdp_settings_get_string(settings, FreeRDP_ServerLicenseCompanyName);
3035
3036 const char* ProductName =
3037 freerdp_settings_get_string(settings, FreeRDP_ServerLicenseProductName);
3038 const UINT32 ProductVersion =
3039 freerdp_settings_get_uint32(settings, FreeRDP_ServerLicenseProductVersion);
3040 const UINT32 issuerCount =
3041 freerdp_settings_get_uint32(settings, FreeRDP_ServerLicenseProductIssuersCount);
3042
3043 const void* ptr = freerdp_settings_get_pointer(settings, FreeRDP_ServerLicenseProductIssuers);
3044 const char** issuers = WINPR_REINTERPRET_CAST(ptr, const void*, const char**);
3045
3046 WINPR_ASSERT(CompanyName);
3047 WINPR_ASSERT(ProductName);
3048 WINPR_ASSERT(ProductVersion > 0);
3049 WINPR_ASSERT(issuers || (issuerCount == 0));
3050
3051 if (!license_ensure_state(license, LICENSE_STATE_INITIAL, LICENSE_REQUEST))
3052 return FALSE;
3053
3054 license->ProductInfo->dwVersion = ProductVersion;
3055 if (!license_set_string(license->log, "pbCompanyName", CompanyName,
3056 &license->ProductInfo->pbCompanyName,
3057 &license->ProductInfo->cbCompanyName))
3058 return FALSE;
3059
3060 if (!license_set_string(license->log, "pbProductId", ProductName,
3061 &license->ProductInfo->pbProductId, &license->ProductInfo->cbProductId))
3062 return FALSE;
3063
3064 if (!license_read_binary_blob_data(license->log, license->KeyExchangeList,
3065 BB_KEY_EXCHG_ALG_BLOB, algs, sizeof(algs)))
3066 return FALSE;
3067
3068 if (!freerdp_certificate_read_server_cert(license->certificate, settings->ServerCertificate,
3069 settings->ServerCertificateLength))
3070 return FALSE;
3071
3072 s = Stream_New(nullptr, 1024);
3073 if (!s)
3074 return FALSE;
3075 else
3076 {
3077 BOOL r = FALSE;
3078 SSIZE_T res =
3079 freerdp_certificate_write_server_cert(license->certificate, CERT_CHAIN_VERSION_2, s);
3080 if (res >= 0)
3081 r = license_read_binary_blob_data(license->log, license->ServerCertificate,
3082 BB_CERTIFICATE_BLOB, Stream_Buffer(s),
3083 Stream_GetPosition(s));
3084
3085 Stream_Free(s, TRUE);
3086 if (!r)
3087 return FALSE;
3088 }
3089
3090 if (!license_scope_list_resize(license->ScopeList, issuerCount))
3091 return FALSE;
3092 for (size_t x = 0; x < issuerCount; x++)
3093 {
3094 LICENSE_BLOB* blob = license->ScopeList->array[x];
3095 const char* name = issuers[x];
3096 const size_t length = strnlen(name, UINT16_MAX) + 1;
3097 if ((length == 0) || (length > UINT16_MAX))
3098 {
3099 WLog_Print(license->log, WLOG_WARN,
3100 "Invalid issuer at position %" PRIuz ": length 0 < %" PRIuz " <= %d"
3101 " ['%s']",
3102 x, length, UINT16_MAX, name);
3103 return FALSE;
3104 }
3105 if (!license_read_binary_blob_data(license->log, blob, BB_SCOPE_BLOB, name, length))
3106 return FALSE;
3107 }
3108
3109 license_set_state(license, LICENSE_STATE_CONFIGURED);
3110 return TRUE;
3111}
3112
3113rdpLicense* license_get(rdpContext* context)
3114{
3115 WINPR_ASSERT(context);
3116 WINPR_ASSERT(context->rdp);
3117 return context->rdp->license;
3118}
freerdp_settings_get_pointer
WINPR_ATTR_NODISCARD FREERDP_API const void * freerdp_settings_get_pointer(const rdpSettings *settings, FreeRDP_Settings_Keys_Pointer id)
Returns a immutable pointer settings value.
Definition common/settings.c:1419
freerdp_settings_get_string
WINPR_ATTR_NODISCARD FREERDP_API const char * freerdp_settings_get_string(const rdpSettings *settings, FreeRDP_Settings_Keys_String id)
Returns a immutable string settings value.
freerdp_settings_get_uint32
WINPR_ATTR_NODISCARD FREERDP_API UINT32 freerdp_settings_get_uint32(const rdpSettings *settings, FreeRDP_Settings_Keys_UInt32 id)
Returns a UINT32 settings value.
freerdp_settings_get_bool
WINPR_ATTR_NODISCARD FREERDP_API BOOL freerdp_settings_get_bool(const rdpSettings *settings, FreeRDP_Settings_Keys_Bool id)
Returns a boolean settings value.
LICENSE_BLOB
Definition libfreerdp/core/license.h:47
LICENSE_PRODUCT_INFO
Definition libfreerdp/core/license.h:38
SCOPE_LIST
Definition libfreerdp/core/license.h:54