FreeRDP
All Data Structures Namespaces Files Functions Variables Typedefs Enumerations Enumerator Modules Pages
license.c
1/*
2 * FreeRDP: A Remote Desktop Protocol Implementation
3 * RDP Licensing
4 *
5 * Copyright 2011-2013 Marc-Andre Moreau <marcandre.moreau@gmail.com>
6 * Copyright 2014 Norbert Federa <norbert.federa@thincast.com>
7 * Copyright 2018 David Fort <contact@hardening-consulting.com>
8 * Copyright 2022,2023 Armin Novak <armin.novak@thincast.com>
9 * Copyright 2022,2023 Thincast Technologies GmbH
10 *
11 * Licensed under the Apache License, Version 2.0 (the "License");
12 * you may not use this file except in compliance with the License.
13 * You may obtain a copy of the License at
14 *
15 * http://www.apache.org/licenses/LICENSE-2.0
16 *
17 * Unless required by applicable law or agreed to in writing, software
18 * distributed under the License is distributed on an "AS IS" BASIS,
19 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
20 * See the License for the specific language governing permissions and
21 * limitations under the License.
22 */
23
24#include <freerdp/config.h>
25
26#include "settings.h"
27
28#include <freerdp/license.h>
29
30#include <winpr/crt.h>
31#include <winpr/assert.h>
32#include <winpr/crypto.h>
33#include <winpr/shell.h>
34#include <winpr/path.h>
35#include <winpr/file.h>
36
37#include <freerdp/log.h>
38
39#include <freerdp/crypto/certificate.h>
40
41#include "license.h"
42
43#include "../crypto/crypto.h"
44#include "../crypto/certificate.h"
45
46#define LICENSE_TAG FREERDP_TAG("core.license")
47
48// #define LICENSE_NULL_CLIENT_RANDOM 1
49// #define LICENSE_NULL_PREMASTER_SECRET 1
50
51// #define WITH_LICENSE_DECRYPT_CHALLENGE_RESPONSE
52
53#define PLATFORM_CHALLENGE_RESPONSE_VERSION 0x0100
54
56enum LicenseRequestType
57{
58 LICENSE_REQUEST = 0x01,
59 PLATFORM_CHALLENGE = 0x02,
60 NEW_LICENSE = 0x03,
61 UPGRADE_LICENSE = 0x04,
62 LICENSE_INFO = 0x12,
63 NEW_LICENSE_REQUEST = 0x13,
64 PLATFORM_CHALLENGE_RESPONSE = 0x15,
65 ERROR_ALERT = 0xFF
66};
67
68/*
69#define LICENSE_PKT_CS_MASK \
70 (LICENSE_INFO | NEW_LICENSE_REQUEST | PLATFORM_CHALLENGE_RESPONSE | ERROR_ALERT)
71#define LICENSE_PKT_SC_MASK \
72 (LICENSE_REQUEST | PLATFORM_CHALLENGE | NEW_LICENSE | UPGRADE_LICENSE | ERROR_ALERT)
73#define LICENSE_PKT_MASK (LICENSE_PKT_CS_MASK | LICENSE_PKT_SC_MASK)
74*/
75#define LICENSE_PREAMBLE_LENGTH 4
76
77/* Cryptographic Lengths */
78
79#define SERVER_RANDOM_LENGTH 32
80#define MASTER_SECRET_LENGTH 48
81#define PREMASTER_SECRET_LENGTH 48
82#define SESSION_KEY_BLOB_LENGTH 48
83#define MAC_SALT_KEY_LENGTH 16
84#define LICENSING_ENCRYPTION_KEY_LENGTH 16
85#define HWID_PLATFORM_ID_LENGTH 4
86// #define HWID_UNIQUE_DATA_LENGTH 16
87#define HWID_LENGTH 20
88// #define LICENSING_PADDING_SIZE 8
89
90/* Preamble Flags */
91
92// #define PREAMBLE_VERSION_2_0 0x02
93#define PREAMBLE_VERSION_3_0 0x03
94// #define LicenseProtocolVersionMask 0x0F
95#define EXTENDED_ERROR_MSG_SUPPORTED 0x80
96
98enum
99{
100 BB_ANY_BLOB = 0x0000,
101 BB_DATA_BLOB = 0x0001,
102 BB_RANDOM_BLOB = 0x0002,
103 BB_CERTIFICATE_BLOB = 0x0003,
104 BB_ERROR_BLOB = 0x0004,
105 BB_ENCRYPTED_DATA_BLOB = 0x0009,
106 BB_KEY_EXCHG_ALG_BLOB = 0x000D,
107 BB_SCOPE_BLOB = 0x000E,
108 BB_CLIENT_USER_NAME_BLOB = 0x000F,
109 BB_CLIENT_MACHINE_NAME_BLOB = 0x0010
110};
111
112/* License Key Exchange Algorithms */
113
114#define KEY_EXCHANGE_ALG_RSA 0x00000001
115
118enum
119{
120 ERR_INVALID_SERVER_CERTIFICATE = 0x00000001,
121 ERR_NO_LICENSE = 0x00000002,
122 ERR_INVALID_MAC = 0x00000003,
123 ERR_INVALID_SCOPE = 0x00000004,
124 ERR_NO_LICENSE_SERVER = 0x00000006,
125 STATUS_VALID_CLIENT = 0x00000007,
126 ERR_INVALID_CLIENT = 0x00000008,
127 ERR_INVALID_PRODUCT_ID = 0x0000000B,
128 ERR_INVALID_MESSAGE_LENGTH = 0x0000000C
129};
130
133enum
134{
135 ST_TOTAL_ABORT = 0x00000001,
136 ST_NO_TRANSITION = 0x00000002,
137 ST_RESET_PHASE_TO_START = 0x00000003,
138 ST_RESEND_LAST_MESSAGE = 0x00000004
139};
140
143enum
144{
145 WIN32_PLATFORM_CHALLENGE_TYPE = 0x0100,
146 WIN16_PLATFORM_CHALLENGE_TYPE = 0x0200,
147 WINCE_PLATFORM_CHALLENGE_TYPE = 0x0300,
148 OTHER_PLATFORM_CHALLENGE_TYPE = 0xFF00
149};
150
153enum
154{
155 LICENSE_DETAIL_SIMPLE = 0x0001,
156 LICENSE_DETAIL_MODERATE = 0x0002,
157 LICENSE_DETAIL_DETAIL = 0x0003
158};
159
160/*
161 * PlatformId:
162 *
163 * The most significant byte of the PlatformId field contains the operating system version of the
164 * client. The second most significant byte of the PlatformId field identifies the ISV that provided
165 * the client image. The remaining two bytes in the PlatformId field are used by the ISV to identify
166 * the build number of the operating system.
167 *
168 * 0x04010000:
169 *
170 * CLIENT_OS_ID_WINNT_POST_52 (0x04000000)
171 * CLIENT_IMAGE_ID_MICROSOFT (0x00010000)
172 */
173enum
174{
175 CLIENT_OS_ID_WINNT_351 = 0x01000000,
176 CLIENT_OS_ID_WINNT_40 = 0x02000000,
177 CLIENT_OS_ID_WINNT_50 = 0x03000000,
178 CLIENT_OS_ID_WINNT_POST_52 = 0x04000000,
179
180 CLIENT_IMAGE_ID_MICROSOFT = 0x00010000,
181 CLIENT_IMAGE_ID_CITRIX = 0x00020000,
182};
183
184struct rdp_license
185{
186 LICENSE_STATE state;
187 LICENSE_TYPE type;
188 rdpRdp* rdp;
189 rdpCertificate* certificate;
190 BYTE HardwareId[HWID_LENGTH];
191 BYTE ClientRandom[CLIENT_RANDOM_LENGTH];
192 BYTE ServerRandom[SERVER_RANDOM_LENGTH];
193 BYTE MasterSecret[MASTER_SECRET_LENGTH];
194 BYTE PremasterSecret[PREMASTER_SECRET_LENGTH];
195 BYTE SessionKeyBlob[SESSION_KEY_BLOB_LENGTH];
196 BYTE MacSaltKey[MAC_SALT_KEY_LENGTH];
197 BYTE LicensingEncryptionKey[LICENSING_ENCRYPTION_KEY_LENGTH];
198 LICENSE_PRODUCT_INFO* ProductInfo;
199 LICENSE_BLOB* ErrorInfo;
200 LICENSE_BLOB* LicenseInfo; /* Client -> Server */
201 LICENSE_BLOB* KeyExchangeList;
202 LICENSE_BLOB* ServerCertificate;
203 LICENSE_BLOB* ClientUserName;
204 LICENSE_BLOB* ClientMachineName;
205 LICENSE_BLOB* PlatformChallenge;
206 LICENSE_BLOB* PlatformChallengeResponse;
207 LICENSE_BLOB* EncryptedPremasterSecret;
208 LICENSE_BLOB* EncryptedPlatformChallenge;
209 LICENSE_BLOB* EncryptedPlatformChallengeResponse;
210 LICENSE_BLOB* EncryptedHardwareId;
211 LICENSE_BLOB* EncryptedLicenseInfo;
212 BYTE MACData[LICENSING_ENCRYPTION_KEY_LENGTH];
213 SCOPE_LIST* ScopeList;
214 UINT32 PacketHeaderLength;
215 UINT32 PreferredKeyExchangeAlg;
216 UINT32 PlatformId;
217 UINT16 ClientType;
218 UINT16 LicenseDetailLevel;
219 BOOL update;
220 wLog* log;
221};
222
223static BOOL license_send_error_alert(rdpLicense* license, UINT32 dwErrorCode,
224 UINT32 dwStateTransition, const LICENSE_BLOB* info);
225static BOOL license_set_state(rdpLicense* license, LICENSE_STATE state);
226static const char* license_get_state_string(LICENSE_STATE state);
227
228static const char* license_preferred_key_exchange_alg_string(UINT32 alg, char* buffer, size_t size)
229{
230 const char* name = NULL;
231
232 switch (alg)
233 {
234 case KEY_EXCHANGE_ALG_RSA:
235 name = "KEY_EXCHANGE_ALG_RSA";
236 break;
237 default:
238 name = "KEY_EXCHANGE_ALG_UNKNOWN";
239 break;
240 }
241
242 (void)_snprintf(buffer, size, "%s [0x%08" PRIx32 "]", name, alg);
243 return buffer;
244}
245
246static const char* license_request_type_string(UINT32 type)
247{
248 switch (type)
249 {
250 case LICENSE_REQUEST:
251 return "LICENSE_REQUEST";
252 case PLATFORM_CHALLENGE:
253 return "PLATFORM_CHALLENGE";
254 case NEW_LICENSE:
255 return "NEW_LICENSE";
256 case UPGRADE_LICENSE:
257 return "UPGRADE_LICENSE";
258 case LICENSE_INFO:
259 return "LICENSE_INFO";
260 case NEW_LICENSE_REQUEST:
261 return "NEW_LICENSE_REQUEST";
262 case PLATFORM_CHALLENGE_RESPONSE:
263 return "PLATFORM_CHALLENGE_RESPONSE";
264 case ERROR_ALERT:
265 return "ERROR_ALERT";
266 default:
267 return "LICENSE_REQUEST_TYPE_UNKNOWN";
268 }
269}
270
271static const char* licencse_blob_type_string(UINT16 type)
272{
273 switch (type)
274 {
275 case BB_ANY_BLOB:
276 return "BB_ANY_BLOB";
277 case BB_DATA_BLOB:
278 return "BB_DATA_BLOB";
279 case BB_RANDOM_BLOB:
280 return "BB_RANDOM_BLOB";
281 case BB_CERTIFICATE_BLOB:
282 return "BB_CERTIFICATE_BLOB";
283 case BB_ERROR_BLOB:
284 return "BB_ERROR_BLOB";
285 case BB_ENCRYPTED_DATA_BLOB:
286 return "BB_ENCRYPTED_DATA_BLOB";
287 case BB_KEY_EXCHG_ALG_BLOB:
288 return "BB_KEY_EXCHG_ALG_BLOB";
289 case BB_SCOPE_BLOB:
290 return "BB_SCOPE_BLOB";
291 case BB_CLIENT_USER_NAME_BLOB:
292 return "BB_CLIENT_USER_NAME_BLOB";
293 case BB_CLIENT_MACHINE_NAME_BLOB:
294 return "BB_CLIENT_MACHINE_NAME_BLOB";
295 default:
296 return "BB_UNKNOWN";
297 }
298}
299static wStream* license_send_stream_init(rdpLicense* license, UINT16* sec_flags);
300
301static void license_generate_randoms(rdpLicense* license);
302static BOOL license_generate_keys(rdpLicense* license);
303static BOOL license_generate_hwid(rdpLicense* license);
304static BOOL license_encrypt_premaster_secret(rdpLicense* license);
305
306static LICENSE_PRODUCT_INFO* license_new_product_info(void);
307static void license_free_product_info(LICENSE_PRODUCT_INFO* productInfo);
308static BOOL license_read_product_info(wLog* log, wStream* s, LICENSE_PRODUCT_INFO* productInfo);
309
310static LICENSE_BLOB* license_new_binary_blob(UINT16 type);
311static void license_free_binary_blob(LICENSE_BLOB* blob);
312static BOOL license_read_binary_blob_data(wLog* log, LICENSE_BLOB* blob, UINT16 type,
313 const void* data, size_t length);
314static BOOL license_read_binary_blob(wLog* log, wStream* s, LICENSE_BLOB* blob);
315static BOOL license_write_binary_blob(wStream* s, const LICENSE_BLOB* blob);
316
317static SCOPE_LIST* license_new_scope_list(void);
318static BOOL license_scope_list_resize(SCOPE_LIST* scopeList, UINT32 count);
319static void license_free_scope_list(SCOPE_LIST* scopeList);
320static BOOL license_read_scope_list(wLog* log, wStream* s, SCOPE_LIST* scopeList);
321static BOOL license_write_scope_list(wLog* log, wStream* s, const SCOPE_LIST* scopeList);
322
323static BOOL license_read_license_request_packet(rdpLicense* license, wStream* s);
324static BOOL license_write_license_request_packet(const rdpLicense* license, wStream* s);
325
326static BOOL license_read_platform_challenge_packet(rdpLicense* license, wStream* s);
327static BOOL license_send_platform_challenge_packet(rdpLicense* license);
328static BOOL license_read_new_or_upgrade_license_packet(rdpLicense* license, wStream* s);
329static BOOL license_read_error_alert_packet(rdpLicense* license, wStream* s);
330
331static BOOL license_write_new_license_request_packet(const rdpLicense* license, wStream* s);
332static BOOL license_read_new_license_request_packet(rdpLicense* license, wStream* s);
333static BOOL license_answer_license_request(rdpLicense* license);
334
335static BOOL license_send_platform_challenge_response(rdpLicense* license);
336static BOOL license_read_platform_challenge_response(rdpLicense* license);
337
338static BOOL license_read_client_platform_challenge_response(rdpLicense* license, wStream* s);
339static BOOL license_write_client_platform_challenge_response(rdpLicense* license, wStream* s);
340
341static BOOL license_write_server_upgrade_license(const rdpLicense* license, wStream* s);
342
343static BOOL license_send_license_info(rdpLicense* license, const LICENSE_BLOB* calBlob,
344 const BYTE* signature, size_t signature_length);
345static BOOL license_read_license_info(rdpLicense* license, wStream* s);
346static state_run_t license_client_recv(rdpLicense* license, wStream* s);
347static state_run_t license_server_recv(rdpLicense* license, wStream* s);
348
349#define PLATFORMID (CLIENT_OS_ID_WINNT_POST_52 | CLIENT_IMAGE_ID_MICROSOFT)
350
351#ifdef WITH_DEBUG_LICENSE
352
353static const char* error_codes[] = { "ERR_UNKNOWN",
354 "ERR_INVALID_SERVER_CERTIFICATE",
355 "ERR_NO_LICENSE",
356 "ERR_INVALID_MAC",
357 "ERR_INVALID_SCOPE",
358 "ERR_UNKNOWN",
359 "ERR_NO_LICENSE_SERVER",
360 "STATUS_VALID_CLIENT",
361 "ERR_INVALID_CLIENT",
362 "ERR_UNKNOWN",
363 "ERR_UNKNOWN",
364 "ERR_INVALID_PRODUCT_ID",
365 "ERR_INVALID_MESSAGE_LENGTH" };
366
367static const char* state_transitions[] = { "ST_UNKNOWN", "ST_TOTAL_ABORT", "ST_NO_TRANSITION",
368 "ST_RESET_PHASE_TO_START", "ST_RESEND_LAST_MESSAGE" };
369
370static void license_print_product_info(wLog* log, const LICENSE_PRODUCT_INFO* productInfo)
371{
372 char* CompanyName = NULL;
373 char* ProductId = NULL;
374
375 WINPR_ASSERT(productInfo);
376 WINPR_ASSERT(productInfo->pbCompanyName);
377 WINPR_ASSERT(productInfo->pbProductId);
378
379 CompanyName = ConvertWCharNToUtf8Alloc((const WCHAR*)productInfo->pbCompanyName,
380 productInfo->cbCompanyName / sizeof(WCHAR), NULL);
381 ProductId = ConvertWCharNToUtf8Alloc((const WCHAR*)productInfo->pbProductId,
382 productInfo->cbProductId / sizeof(WCHAR), NULL);
383 WLog_Print(log, WLOG_INFO, "ProductInfo:");
384 WLog_Print(log, WLOG_INFO, "\tdwVersion: 0x%08" PRIX32 "", productInfo->dwVersion);
385 WLog_Print(log, WLOG_INFO, "\tCompanyName: %s", CompanyName);
386 WLog_Print(log, WLOG_INFO, "\tProductId: %s", ProductId);
387 free(CompanyName);
388 free(ProductId);
389}
390
391static void license_print_scope_list(wLog* log, const SCOPE_LIST* scopeList)
392{
393 WINPR_ASSERT(scopeList);
394
395 WLog_Print(log, WLOG_INFO, "ScopeList (%" PRIu32 "):", scopeList->count);
396
397 for (UINT32 index = 0; index < scopeList->count; index++)
398 {
399 const LICENSE_BLOB* scope = NULL;
400
401 WINPR_ASSERT(scopeList->array);
402 scope = scopeList->array[index];
403 WINPR_ASSERT(scope);
404
405 WLog_Print(log, WLOG_INFO, "\t%s", (const char*)scope->data);
406 }
407}
408#endif
409
410static const char licenseStore[] = "licenses";
411
412static BOOL license_ensure_state(rdpLicense* license, LICENSE_STATE state, UINT32 msg)
413{
414 const LICENSE_STATE cstate = license_get_state(license);
415
416 WINPR_ASSERT(license);
417
418 if (cstate != state)
419 {
420 const char* scstate = license_get_state_string(cstate);
421 const char* sstate = license_get_state_string(state);
422 const char* where = license_request_type_string(msg);
423
424 WLog_Print(license->log, WLOG_WARN,
425 "Received [%s], but found invalid licensing state %s, expected %s", where,
426 scstate, sstate);
427 return FALSE;
428 }
429 return TRUE;
430}
431
432state_run_t license_recv(rdpLicense* license, wStream* s)
433{
434 WINPR_ASSERT(license);
435 WINPR_ASSERT(license->rdp);
436 WINPR_ASSERT(license->rdp->settings);
437
438 if (freerdp_settings_get_bool(license->rdp->settings, FreeRDP_ServerMode))
439 return license_server_recv(license, s);
440 else
441 return license_client_recv(license, s);
442}
443
444static BOOL license_check_stream_length(wLog* log, wStream* s, SSIZE_T expect, const char* where)
445{
446 const size_t remain = Stream_GetRemainingLength(s);
447
448 WINPR_ASSERT(where);
449
450 if (expect < 0)
451 {
452 WLog_Print(log, WLOG_WARN, "invalid %s, expected value %" PRIdz " invalid", where, expect);
453 return FALSE;
454 }
455 if (remain < (size_t)expect)
456 {
457 WLog_Print(log, WLOG_WARN, "short %s, expected %" PRIdz " bytes, got %" PRIuz, where,
458 expect, remain);
459 return FALSE;
460 }
461 return TRUE;
462}
463
464static BOOL license_check_stream_capacity(wLog* log, wStream* s, size_t expect, const char* where)
465{
466 WINPR_ASSERT(where);
467
468 if (!Stream_CheckAndLogRequiredCapacityWLogEx(log, WLOG_WARN, s, expect, 1,
469 "%s(%s:%" PRIuz ") %s", __func__, __FILE__,
470 (size_t)__LINE__, where))
471 return FALSE;
472
473 return TRUE;
474}
475
476static BOOL computeCalHash(wLog* log, const char* hostname, char* hashStr, size_t len)
477{
478 WINPR_DIGEST_CTX* sha1 = NULL;
479 BOOL ret = FALSE;
480 BYTE hash[20] = { 0 };
481
482 WINPR_ASSERT(hostname);
483 WINPR_ASSERT(hashStr);
484
485 if (len < 2 * sizeof(hash) + 1)
486 return FALSE;
487
488 if (!(sha1 = winpr_Digest_New()))
489 goto out;
490 if (!winpr_Digest_Init(sha1, WINPR_MD_SHA1))
491 goto out;
492 if (!winpr_Digest_Update(sha1, (const BYTE*)hostname, strlen(hostname)))
493 goto out;
494 if (!winpr_Digest_Final(sha1, hash, sizeof(hash)))
495 goto out;
496
497 for (size_t i = 0; i < sizeof(hash); i++, hashStr += 2)
498 (void)sprintf_s(hashStr, 3, "%.2x", hash[i]);
499
500 ret = TRUE;
501out:
502 if (!ret)
503 WLog_Print(log, WLOG_ERROR, "failed to generate SHA1 of hostname '%s'", hostname);
504 winpr_Digest_Free(sha1);
505 return ret;
506}
507
508static BOOL saveCal(wLog* log, const rdpSettings* settings, const BYTE* data, size_t length,
509 const char* hostname)
510{
511 char hash[41] = { 0 };
512 FILE* fp = NULL;
513 char* licenseStorePath = NULL;
514 char filename[MAX_PATH] = { 0 };
515 char filenameNew[MAX_PATH] = { 0 };
516 char* filepath = NULL;
517 char* filepathNew = NULL;
518
519 size_t written = 0;
520 BOOL ret = FALSE;
521 const char* path = freerdp_settings_get_string(settings, FreeRDP_ConfigPath);
522
523 WINPR_ASSERT(path);
524 WINPR_ASSERT(data || (length == 0));
525 WINPR_ASSERT(hostname);
526
527 if (!winpr_PathFileExists(path))
528 {
529 if (!winpr_PathMakePath(path, 0))
530 {
531 WLog_Print(log, WLOG_ERROR, "error creating directory '%s'", path);
532 goto out;
533 }
534 WLog_Print(log, WLOG_INFO, "creating directory %s", path);
535 }
536
537 if (!(licenseStorePath = GetCombinedPath(path, licenseStore)))
538 {
539 WLog_Print(log, WLOG_ERROR, "Failed to get license store path from '%s' + '%s'", path,
540 licenseStore);
541 goto out;
542 }
543
544 if (!winpr_PathFileExists(licenseStorePath))
545 {
546 if (!winpr_PathMakePath(licenseStorePath, 0))
547 {
548 WLog_Print(log, WLOG_ERROR, "error creating directory '%s'", licenseStorePath);
549 goto out;
550 }
551 WLog_Print(log, WLOG_INFO, "creating directory %s", licenseStorePath);
552 }
553
554 if (!computeCalHash(log, hostname, hash, sizeof(hash)))
555 goto out;
556 (void)sprintf_s(filename, sizeof(filename) - 1, "%s.cal", hash);
557 (void)sprintf_s(filenameNew, sizeof(filenameNew) - 1, "%s.cal.new", hash);
558
559 if (!(filepath = GetCombinedPath(licenseStorePath, filename)))
560 {
561 WLog_Print(log, WLOG_ERROR, "Failed to get license file path from '%s' + '%s'", path,
562 filename);
563 goto out;
564 }
565
566 if (!(filepathNew = GetCombinedPath(licenseStorePath, filenameNew)))
567 {
568 WLog_Print(log, WLOG_ERROR, "Failed to get license new file path from '%s' + '%s'", path,
569 filenameNew);
570 goto out;
571 }
572
573 fp = winpr_fopen(filepathNew, "wb");
574 if (!fp)
575 {
576 WLog_Print(log, WLOG_ERROR, "Failed to open license file '%s'", filepathNew);
577 goto out;
578 }
579
580 written = fwrite(data, length, 1, fp);
581 (void)fclose(fp);
582
583 if (written != 1)
584 {
585 WLog_Print(log, WLOG_ERROR, "Failed to write to license file '%s'", filepathNew);
586 winpr_DeleteFile(filepathNew);
587 goto out;
588 }
589
590 ret = winpr_MoveFileEx(filepathNew, filepath, MOVEFILE_REPLACE_EXISTING);
591 if (!ret)
592 WLog_Print(log, WLOG_ERROR, "Failed to move license file '%s' to '%s'", filepathNew,
593 filepath);
594
595out:
596 free(filepathNew);
597 free(filepath);
598 free(licenseStorePath);
599 return ret;
600}
601
602static BYTE* loadCalFile(wLog* log, const rdpSettings* settings, const char* hostname,
603 size_t* dataLen)
604{
605 char* licenseStorePath = NULL;
606 char* calPath = NULL;
607 char calFilename[MAX_PATH] = { 0 };
608 char hash[41] = { 0 };
609 INT64 length = 0;
610 size_t status = 0;
611 FILE* fp = NULL;
612 BYTE* ret = NULL;
613
614 WINPR_ASSERT(settings);
615 WINPR_ASSERT(hostname);
616 WINPR_ASSERT(dataLen);
617
618 if (!computeCalHash(log, hostname, hash, sizeof(hash)))
619 {
620 WLog_Print(log, WLOG_ERROR, "loadCalFile: unable to compute hostname hash");
621 return NULL;
622 }
623
624 (void)sprintf_s(calFilename, sizeof(calFilename) - 1, "%s.cal", hash);
625
626 if (!(licenseStorePath = GetCombinedPath(
627 freerdp_settings_get_string(settings, FreeRDP_ConfigPath), licenseStore)))
628 return NULL;
629
630 if (!(calPath = GetCombinedPath(licenseStorePath, calFilename)))
631 goto error_path;
632
633 fp = winpr_fopen(calPath, "rb");
634 if (!fp)
635 goto error_open;
636
637 if (_fseeki64(fp, 0, SEEK_END) != 0)
638 goto error_malloc;
639 length = _ftelli64(fp);
640 if (_fseeki64(fp, 0, SEEK_SET) != 0)
641 goto error_malloc;
642 if (length < 0)
643 goto error_malloc;
644
645 ret = (BYTE*)malloc((size_t)length);
646 if (!ret)
647 goto error_malloc;
648
649 status = fread(ret, (size_t)length, 1, fp);
650 if (status == 0)
651 goto error_read;
652
653 *dataLen = (size_t)length;
654
655 (void)fclose(fp);
656 free(calPath);
657 free(licenseStorePath);
658 return ret;
659
660error_read:
661 free(ret);
662error_malloc:
663 fclose(fp);
664error_open:
665 free(calPath);
666error_path:
667 free(licenseStorePath);
668 return NULL;
669}
670
681static BOOL license_read_preamble(wLog* log, wStream* s, BYTE* bMsgType, BYTE* flags,
682 UINT16* wMsgSize)
683{
684 WINPR_ASSERT(bMsgType);
685 WINPR_ASSERT(flags);
686 WINPR_ASSERT(wMsgSize);
687
688 /* preamble (4 bytes) */
689 if (!license_check_stream_length(log, s, 4, "license preamble"))
690 return FALSE;
691
692 Stream_Read_UINT8(s, *bMsgType); /* bMsgType (1 byte) */
693 Stream_Read_UINT8(s, *flags); /* flags (1 byte) */
694 Stream_Read_UINT16(s, *wMsgSize); /* wMsgSize (2 bytes) */
695 return license_check_stream_length(log, s, *wMsgSize - 4ll, "license preamble::wMsgSize");
696}
697
708static BOOL license_write_preamble(wStream* s, BYTE bMsgType, BYTE flags, UINT16 wMsgSize)
709{
710 if (!Stream_EnsureRemainingCapacity(s, 4))
711 return FALSE;
712
713 /* preamble (4 bytes) */
714 Stream_Write_UINT8(s, bMsgType); /* bMsgType (1 byte) */
715 Stream_Write_UINT8(s, flags); /* flags (1 byte) */
716 Stream_Write_UINT16(s, wMsgSize); /* wMsgSize (2 bytes) */
717 return TRUE;
718}
719
728wStream* license_send_stream_init(rdpLicense* license, UINT16* sec_flags)
729{
730 WINPR_ASSERT(license);
731 WINPR_ASSERT(license->rdp);
732 WINPR_ASSERT(sec_flags);
733
734 const BOOL do_crypt = license->rdp->do_crypt;
735
736 *sec_flags = SEC_LICENSE_PKT;
737
738 /*
739 * Encryption of licensing packets is optional even if the rdp security
740 * layer is used. If the peer has not indicated that it is capable of
741 * processing encrypted licensing packets (rdp->do_crypt_license) we turn
742 * off encryption (via rdp->do_crypt) before initializing the rdp stream
743 * and re-enable it afterwards.
744 */
745
746 if (do_crypt)
747 {
748 *sec_flags |= SEC_LICENSE_ENCRYPT_CS;
749 license->rdp->do_crypt = license->rdp->do_crypt_license;
750 }
751
752 wStream* s = rdp_send_stream_init(license->rdp, sec_flags);
753 if (!s)
754 return NULL;
755
756 license->rdp->do_crypt = do_crypt;
757 license->PacketHeaderLength = (UINT16)Stream_GetPosition(s);
758 if (!Stream_SafeSeek(s, LICENSE_PREAMBLE_LENGTH))
759 goto fail;
760 return s;
761
762fail:
763 Stream_Release(s);
764 return NULL;
765}
766
774static BOOL license_send(rdpLicense* license, wStream* s, BYTE type, UINT16 sec_flags)
775{
776 WINPR_ASSERT(license);
777 WINPR_ASSERT(license->rdp);
778
779 rdpRdp* rdp = license->rdp;
780 WINPR_ASSERT(rdp->settings);
781
782 DEBUG_LICENSE("Sending %s Packet", license_request_type_string(type));
783 const size_t length = Stream_GetPosition(s);
784 WINPR_ASSERT(length >= license->PacketHeaderLength);
785 WINPR_ASSERT(length <= UINT16_MAX + license->PacketHeaderLength);
786
787 const UINT16 wMsgSize = (UINT16)(length - license->PacketHeaderLength);
788 Stream_SetPosition(s, license->PacketHeaderLength);
789 BYTE flags = PREAMBLE_VERSION_3_0;
790
796 if (!rdp->settings->ServerMode)
797 flags |= EXTENDED_ERROR_MSG_SUPPORTED;
798
799 if (!license_write_preamble(s, type, flags, wMsgSize))
800 {
801 Stream_Release(s);
802 return FALSE;
803 }
804
805#ifdef WITH_DEBUG_LICENSE
806 WLog_Print(license->log, WLOG_DEBUG, "Sending %s Packet, length %" PRIu16 "",
807 license_request_type_string(type), wMsgSize);
808 winpr_HexLogDump(license->log, WLOG_DEBUG, Stream_PointerAs(s, char) - LICENSE_PREAMBLE_LENGTH,
809 wMsgSize);
810#endif
811 Stream_SetPosition(s, length);
812 const BOOL ret = rdp_send(rdp, s, MCS_GLOBAL_CHANNEL_ID, sec_flags);
813 return ret;
814}
815
816BOOL license_write_server_upgrade_license(const rdpLicense* license, wStream* s)
817{
818 WINPR_ASSERT(license);
819
820 if (!license_write_binary_blob(s, license->EncryptedLicenseInfo))
821 return FALSE;
822 if (!license_check_stream_capacity(license->log, s, sizeof(license->MACData),
823 "SERVER_UPGRADE_LICENSE::MACData"))
824 return FALSE;
825 Stream_Write(s, license->MACData, sizeof(license->MACData));
826 return TRUE;
827}
828
829static BOOL license_server_send_new_or_upgrade_license(rdpLicense* license, BOOL upgrade)
830{
831 UINT16 sec_flags = 0;
832 wStream* s = license_send_stream_init(license, &sec_flags);
833 const BYTE type = upgrade ? UPGRADE_LICENSE : NEW_LICENSE;
834
835 if (!s)
836 return FALSE;
837
838 if (!license_write_server_upgrade_license(license, s))
839 goto fail;
840
841 return license_send(license, s, type, sec_flags);
842
843fail:
844 Stream_Release(s);
845 return FALSE;
846}
847
856state_run_t license_client_recv(rdpLicense* license, wStream* s)
857{
858 BYTE flags = 0;
859 BYTE bMsgType = 0;
860 UINT16 wMsgSize = 0;
861 const size_t length = Stream_GetRemainingLength(s);
862
863 WINPR_ASSERT(license);
864
865 if (!license_read_preamble(license->log, s, &bMsgType, &flags,
866 &wMsgSize)) /* preamble (4 bytes) */
867 return STATE_RUN_FAILED;
868
869 DEBUG_LICENSE("Receiving %s Packet", license_request_type_string(bMsgType));
870
871 switch (bMsgType)
872 {
873 case LICENSE_REQUEST:
874 /* Client does not require configuration, so skip this state */
875 if (license_get_state(license) == LICENSE_STATE_INITIAL)
876 license_set_state(license, LICENSE_STATE_CONFIGURED);
877
878 if (!license_ensure_state(license, LICENSE_STATE_CONFIGURED, bMsgType))
879 return STATE_RUN_FAILED;
880
881 if (!license_read_license_request_packet(license, s))
882 return STATE_RUN_FAILED;
883
884 if (!license_answer_license_request(license))
885 return STATE_RUN_FAILED;
886
887 license_set_state(license, LICENSE_STATE_NEW_REQUEST);
888 break;
889
890 case PLATFORM_CHALLENGE:
891 if (!license_ensure_state(license, LICENSE_STATE_NEW_REQUEST, bMsgType))
892 return STATE_RUN_FAILED;
893
894 if (!license_read_platform_challenge_packet(license, s))
895 return STATE_RUN_FAILED;
896
897 if (!license_send_platform_challenge_response(license))
898 return STATE_RUN_FAILED;
899 license_set_state(license, LICENSE_STATE_PLATFORM_CHALLENGE_RESPONSE);
900 break;
901
902 case NEW_LICENSE:
903 case UPGRADE_LICENSE:
904 if (!license_ensure_state(license, LICENSE_STATE_PLATFORM_CHALLENGE_RESPONSE, bMsgType))
905 return STATE_RUN_FAILED;
906 if (!license_read_new_or_upgrade_license_packet(license, s))
907 return STATE_RUN_FAILED;
908 break;
909
910 case ERROR_ALERT:
911 if (!license_read_error_alert_packet(license, s))
912 return STATE_RUN_FAILED;
913 break;
914
915 default:
916 WLog_Print(license->log, WLOG_ERROR, "invalid bMsgType:%" PRIu8 "", bMsgType);
917 return STATE_RUN_FAILED;
918 }
919
920 if (!tpkt_ensure_stream_consumed(license->log, s, length))
921 return STATE_RUN_FAILED;
922 return STATE_RUN_SUCCESS;
923}
924
925state_run_t license_server_recv(rdpLicense* license, wStream* s)
926{
927 state_run_t rc = STATE_RUN_FAILED;
928 BYTE flags = 0;
929 BYTE bMsgType = 0;
930 UINT16 wMsgSize = 0;
931 const size_t length = Stream_GetRemainingLength(s);
932
933 WINPR_ASSERT(license);
934
935 if (!license_read_preamble(license->log, s, &bMsgType, &flags,
936 &wMsgSize)) /* preamble (4 bytes) */
937 goto fail;
938
939 DEBUG_LICENSE("Receiving %s Packet", license_request_type_string(bMsgType));
940
941 switch (bMsgType)
942 {
943 case NEW_LICENSE_REQUEST:
944 if (!license_ensure_state(license, LICENSE_STATE_REQUEST, bMsgType))
945 goto fail;
946 if (!license_read_new_license_request_packet(license, s))
947 goto fail;
948 // TODO: Validate if client is allowed
949 if (!license_send_error_alert(license, ERR_INVALID_MAC, ST_TOTAL_ABORT,
950 license->ErrorInfo))
951 goto fail;
952 if (!license_send_platform_challenge_packet(license))
953 goto fail;
954 license->update = FALSE;
955 if (!license_set_state(license, LICENSE_STATE_PLATFORM_CHALLENGE))
956 goto fail;
957 break;
958 case LICENSE_INFO:
959 if (!license_ensure_state(license, LICENSE_STATE_REQUEST, bMsgType))
960 goto fail;
961 if (!license_read_license_info(license, s))
962 goto fail;
963 // TODO: Validate license info
964 if (!license_send_platform_challenge_packet(license))
965 goto fail;
966 if (!license_set_state(license, LICENSE_STATE_PLATFORM_CHALLENGE))
967 goto fail;
968 license->update = TRUE;
969 break;
970
971 case PLATFORM_CHALLENGE_RESPONSE:
972 if (!license_ensure_state(license, LICENSE_STATE_PLATFORM_CHALLENGE, bMsgType))
973 goto fail;
974 if (!license_read_client_platform_challenge_response(license, s))
975 goto fail;
976
977 // TODO: validate challenge response
978 if (FALSE)
979 {
980 if (license_send_error_alert(license, ERR_INVALID_CLIENT, ST_TOTAL_ABORT,
981 license->ErrorInfo))
982 goto fail;
983 }
984 else
985 {
986 if (!license_server_send_new_or_upgrade_license(license, license->update))
987 goto fail;
988
989 license->type = LICENSE_TYPE_ISSUED;
990 license_set_state(license, LICENSE_STATE_COMPLETED);
991
992 rc = STATE_RUN_CONTINUE; /* License issued, switch state */
993 }
994 break;
995
996 case ERROR_ALERT:
997 if (!license_read_error_alert_packet(license, s))
998 goto fail;
999 break;
1000
1001 default:
1002 WLog_Print(license->log, WLOG_ERROR, "invalid bMsgType:%" PRIu8 "", bMsgType);
1003 goto fail;
1004 }
1005
1006 if (!tpkt_ensure_stream_consumed(license->log, s, length))
1007 goto fail;
1008
1009 if (!state_run_success(rc))
1010 rc = STATE_RUN_SUCCESS;
1011
1012fail:
1013 if (state_run_failed(rc))
1014 {
1015 if (flags & EXTENDED_ERROR_MSG_SUPPORTED)
1016 license_send_error_alert(license, ERR_INVALID_CLIENT, ST_TOTAL_ABORT, NULL);
1017 license_set_state(license, LICENSE_STATE_ABORTED);
1018 }
1019
1020 return rc;
1021}
1022
1023void license_generate_randoms(rdpLicense* license)
1024{
1025 WINPR_ASSERT(license);
1026
1027#ifdef LICENSE_NULL_CLIENT_RANDOM
1028 ZeroMemory(license->ClientRandom, sizeof(license->ClientRandom)); /* ClientRandom */
1029#else
1030 winpr_RAND(license->ClientRandom, sizeof(license->ClientRandom)); /* ClientRandom */
1031#endif
1032
1033 winpr_RAND(license->ServerRandom, sizeof(license->ServerRandom)); /* ServerRandom */
1034
1035#ifdef LICENSE_NULL_PREMASTER_SECRET
1036 ZeroMemory(license->PremasterSecret, sizeof(license->PremasterSecret)); /* PremasterSecret */
1037#else
1038 winpr_RAND(license->PremasterSecret, sizeof(license->PremasterSecret)); /* PremasterSecret */
1039#endif
1040}
1041
1047static BOOL license_generate_keys(rdpLicense* license)
1048{
1049 WINPR_ASSERT(license);
1050
1051 if (
1052 /* MasterSecret */
1053 !security_master_secret(license->PremasterSecret, sizeof(license->PremasterSecret),
1054 license->ClientRandom, sizeof(license->ClientRandom),
1055 license->ServerRandom, sizeof(license->ServerRandom),
1056 license->MasterSecret, sizeof(license->MasterSecret)) ||
1057 /* SessionKeyBlob */
1058 !security_session_key_blob(license->MasterSecret, sizeof(license->MasterSecret),
1059 license->ClientRandom, sizeof(license->ClientRandom),
1060 license->ServerRandom, sizeof(license->ServerRandom),
1061 license->SessionKeyBlob, sizeof(license->SessionKeyBlob)))
1062 {
1063 return FALSE;
1064 }
1065 security_mac_salt_key(license->SessionKeyBlob, sizeof(license->SessionKeyBlob),
1066 license->ClientRandom, sizeof(license->ClientRandom),
1067 license->ServerRandom, sizeof(license->ServerRandom), license->MacSaltKey,
1068 sizeof(license->MacSaltKey)); /* MacSaltKey */
1069 const BOOL ret = security_licensing_encryption_key(
1070 license->SessionKeyBlob, sizeof(license->SessionKeyBlob), license->ClientRandom,
1071 sizeof(license->ClientRandom), license->ServerRandom, sizeof(license->ServerRandom),
1072 license->LicensingEncryptionKey,
1073 sizeof(license->LicensingEncryptionKey)); /* LicensingEncryptionKey */
1074
1075#ifdef WITH_DEBUG_LICENSE
1076 WLog_Print(license->log, WLOG_DEBUG, "ClientRandom:");
1077 winpr_HexLogDump(license->log, WLOG_DEBUG, license->ClientRandom,
1078 sizeof(license->ClientRandom));
1079 WLog_Print(license->log, WLOG_DEBUG, "ServerRandom:");
1080 winpr_HexLogDump(license->log, WLOG_DEBUG, license->ServerRandom,
1081 sizeof(license->ServerRandom));
1082 WLog_Print(license->log, WLOG_DEBUG, "PremasterSecret:");
1083 winpr_HexLogDump(license->log, WLOG_DEBUG, license->PremasterSecret,
1084 sizeof(license->PremasterSecret));
1085 WLog_Print(license->log, WLOG_DEBUG, "MasterSecret:");
1086 winpr_HexLogDump(license->log, WLOG_DEBUG, license->MasterSecret,
1087 sizeof(license->MasterSecret));
1088 WLog_Print(license->log, WLOG_DEBUG, "SessionKeyBlob:");
1089 winpr_HexLogDump(license->log, WLOG_DEBUG, license->SessionKeyBlob,
1090 sizeof(license->SessionKeyBlob));
1091 WLog_Print(license->log, WLOG_DEBUG, "MacSaltKey:");
1092 winpr_HexLogDump(license->log, WLOG_DEBUG, license->MacSaltKey, sizeof(license->MacSaltKey));
1093 WLog_Print(license->log, WLOG_DEBUG, "LicensingEncryptionKey:");
1094 winpr_HexLogDump(license->log, WLOG_DEBUG, license->LicensingEncryptionKey,
1095 sizeof(license->LicensingEncryptionKey));
1096#endif
1097 return ret;
1098}
1099
1105BOOL license_generate_hwid(rdpLicense* license)
1106{
1107 const BYTE* hashTarget = NULL;
1108 size_t targetLen = 0;
1109 BYTE macAddress[6] = { 0 };
1110
1111 WINPR_ASSERT(license);
1112 WINPR_ASSERT(license->rdp);
1113 WINPR_ASSERT(license->rdp->settings);
1114
1115 ZeroMemory(license->HardwareId, sizeof(license->HardwareId));
1116
1117 if (license->rdp->settings->OldLicenseBehaviour)
1118 {
1119 hashTarget = macAddress;
1120 targetLen = sizeof(macAddress);
1121 }
1122 else
1123 {
1124 wStream buffer = { 0 };
1125 const char* hostname = license->rdp->settings->ClientHostname;
1126 wStream* s = Stream_StaticInit(&buffer, license->HardwareId, 4);
1127 Stream_Write_UINT32(s, license->PlatformId);
1128
1129 hashTarget = (const BYTE*)hostname;
1130 targetLen = hostname ? strlen(hostname) : 0;
1131 }
1132
1133 /* Allow FIPS override for use of MD5 here, really this does not have to be MD5 as we are just
1134 * taking a MD5 hash of the 6 bytes of 0's(macAddress) */
1135 /* and filling in the Data1-Data4 fields of the CLIENT_HARDWARE_ID structure(from MS-RDPELE
1136 * section 2.2.2.3.1). This is for RDP licensing packets */
1137 /* which will already be encrypted under FIPS, so the use of MD5 here is not for sensitive data
1138 * protection. */
1139 return winpr_Digest_Allow_FIPS(WINPR_MD_MD5, hashTarget, targetLen,
1140 &license->HardwareId[HWID_PLATFORM_ID_LENGTH],
1141 WINPR_MD5_DIGEST_LENGTH);
1142}
1143
1144static BOOL license_get_server_rsa_public_key(rdpLicense* license)
1145{
1146 rdpSettings* settings = NULL;
1147
1148 WINPR_ASSERT(license);
1149 WINPR_ASSERT(license->certificate);
1150 WINPR_ASSERT(license->rdp);
1151
1152 settings = license->rdp->settings;
1153 WINPR_ASSERT(settings);
1154
1155 if (license->ServerCertificate->length < 1)
1156 {
1157 if (!freerdp_certificate_read_server_cert(license->certificate, settings->ServerCertificate,
1158 settings->ServerCertificateLength))
1159 return FALSE;
1160 }
1161
1162 return TRUE;
1163}
1164
1165BOOL license_encrypt_premaster_secret(rdpLicense* license)
1166{
1167 WINPR_ASSERT(license);
1168 WINPR_ASSERT(license->certificate);
1169
1170 if (!license_get_server_rsa_public_key(license))
1171 return FALSE;
1172
1173 WINPR_ASSERT(license->EncryptedPremasterSecret);
1174
1175 const rdpCertInfo* info = freerdp_certificate_get_info(license->certificate);
1176 if (!info)
1177 {
1178 WLog_Print(license->log, WLOG_ERROR, "info=%p, license->certificate=%p", info,
1179 license->certificate);
1180 return FALSE;
1181 }
1182
1183#ifdef WITH_DEBUG_LICENSE
1184 WLog_Print(license->log, WLOG_DEBUG, "Modulus (%" PRIu32 " bits):", info->ModulusLength * 8);
1185 winpr_HexLogDump(license->log, WLOG_DEBUG, info->Modulus, info->ModulusLength);
1186 WLog_Print(license->log, WLOG_DEBUG, "Exponent:");
1187 winpr_HexLogDump(license->log, WLOG_DEBUG, info->exponent, sizeof(info->exponent));
1188#endif
1189
1190 BYTE* EncryptedPremasterSecret = (BYTE*)calloc(1, info->ModulusLength);
1191 if (!EncryptedPremasterSecret)
1192 {
1193 WLog_Print(license->log, WLOG_ERROR,
1194 "EncryptedPremasterSecret=%p, info->ModulusLength=%" PRIu32,
1195 EncryptedPremasterSecret, info->ModulusLength);
1196 return FALSE;
1197 }
1198
1199 license->EncryptedPremasterSecret->type = BB_RANDOM_BLOB;
1200 license->EncryptedPremasterSecret->length = sizeof(license->PremasterSecret);
1201#ifndef LICENSE_NULL_PREMASTER_SECRET
1202 {
1203 const SSIZE_T length =
1204 crypto_rsa_public_encrypt(license->PremasterSecret, sizeof(license->PremasterSecret),
1205 info, EncryptedPremasterSecret, info->ModulusLength);
1206 if ((length < 0) || (length > UINT16_MAX))
1207 {
1208 WLog_Print(license->log, WLOG_ERROR,
1209 "RSA public encrypt length=%" PRIdz " < 0 || > %" PRIu16, length,
1210 UINT16_MAX);
1211 return FALSE;
1212 }
1213 license->EncryptedPremasterSecret->length = (UINT16)length;
1214 }
1215#endif
1216 license->EncryptedPremasterSecret->data = EncryptedPremasterSecret;
1217 return TRUE;
1218}
1219
1220static BOOL license_rc4_with_licenseKey(const rdpLicense* license, const BYTE* input, size_t len,
1221 LICENSE_BLOB* target)
1222{
1223 WINPR_ASSERT(license);
1224 WINPR_ASSERT(input || (len == 0));
1225 WINPR_ASSERT(target);
1226 WINPR_ASSERT(len <= UINT16_MAX);
1227
1228 WINPR_RC4_CTX* rc4 = winpr_RC4_New_Allow_FIPS(license->LicensingEncryptionKey,
1229 sizeof(license->LicensingEncryptionKey));
1230 if (!rc4)
1231 {
1232 WLog_Print(license->log, WLOG_ERROR, "Failed to allocate RC4");
1233 return FALSE;
1234 }
1235
1236 BYTE* buffer = NULL;
1237 if (len > 0)
1238 buffer = realloc(target->data, len);
1239 if (!buffer)
1240 goto error_buffer;
1241
1242 target->data = buffer;
1243 target->length = (UINT16)len;
1244
1245 if (!winpr_RC4_Update(rc4, len, input, buffer))
1246 goto error_buffer;
1247
1248 winpr_RC4_Free(rc4);
1249 return TRUE;
1250
1251error_buffer:
1252 WLog_Print(license->log, WLOG_ERROR, "Failed to create/update RC4: len=%" PRIuz ", buffer=%p",
1253 len, buffer);
1254 winpr_RC4_Free(rc4);
1255 return FALSE;
1256}
1257
1268static BOOL license_encrypt_and_MAC(rdpLicense* license, const BYTE* input, size_t len,
1269 LICENSE_BLOB* target, BYTE* mac, size_t mac_length)
1270{
1271 WINPR_ASSERT(license);
1272 return license_rc4_with_licenseKey(license, input, len, target) &&
1273 security_mac_data(license->MacSaltKey, sizeof(license->MacSaltKey), input, len, mac,
1274 mac_length);
1275}
1276
1288static BOOL license_decrypt_and_check_MAC(rdpLicense* license, const BYTE* input, size_t len,
1289 LICENSE_BLOB* target, const BYTE* packetMac)
1290{
1291 BYTE macData[sizeof(license->MACData)] = { 0 };
1292
1293 WINPR_ASSERT(license);
1294 WINPR_ASSERT(target);
1295
1296 if (freerdp_settings_get_bool(license->rdp->settings, FreeRDP_TransportDumpReplay))
1297 {
1298 WLog_Print(license->log, WLOG_DEBUG, "TransportDumpReplay active, skipping...");
1299 return TRUE;
1300 }
1301
1302 if (!license_rc4_with_licenseKey(license, input, len, target))
1303 return FALSE;
1304
1305 if (!security_mac_data(license->MacSaltKey, sizeof(license->MacSaltKey), target->data, len,
1306 macData, sizeof(macData)))
1307 return FALSE;
1308
1309 if (memcmp(packetMac, macData, sizeof(macData)) != 0)
1310 {
1311 WLog_Print(license->log, WLOG_ERROR, "packetMac != expectedMac");
1312 return FALSE;
1313 }
1314 return TRUE;
1315}
1316
1324BOOL license_read_product_info(wLog* log, wStream* s, LICENSE_PRODUCT_INFO* productInfo)
1325{
1326 WINPR_ASSERT(productInfo);
1327
1328 if (!license_check_stream_length(log, s, 8, "license product info::cbCompanyName"))
1329 return FALSE;
1330
1331 Stream_Read_UINT32(s, productInfo->dwVersion); /* dwVersion (4 bytes) */
1332 Stream_Read_UINT32(s, productInfo->cbCompanyName); /* cbCompanyName (4 bytes) */
1333
1334 /* Name must be >0, but there is no upper limit defined, use UINT32_MAX */
1335 if ((productInfo->cbCompanyName < 2) || (productInfo->cbCompanyName % 2 != 0))
1336 {
1337 WLog_Print(log, WLOG_WARN, "license product info invalid cbCompanyName %" PRIu32,
1338 productInfo->cbCompanyName);
1339 return FALSE;
1340 }
1341
1342 if (!license_check_stream_length(log, s, productInfo->cbCompanyName,
1343 "license product info::CompanyName"))
1344 return FALSE;
1345
1346 productInfo->pbProductId = NULL;
1347 productInfo->pbCompanyName = (BYTE*)malloc(productInfo->cbCompanyName);
1348 if (!productInfo->pbCompanyName)
1349 goto out_fail;
1350 Stream_Read(s, productInfo->pbCompanyName, productInfo->cbCompanyName);
1351
1352 if (!license_check_stream_length(log, s, 4, "license product info::cbProductId"))
1353 goto out_fail;
1354
1355 Stream_Read_UINT32(s, productInfo->cbProductId); /* cbProductId (4 bytes) */
1356
1357 if ((productInfo->cbProductId < 2) || (productInfo->cbProductId % 2 != 0))
1358 {
1359 WLog_Print(log, WLOG_WARN, "license product info invalid cbProductId %" PRIu32,
1360 productInfo->cbProductId);
1361 goto out_fail;
1362 }
1363
1364 if (!license_check_stream_length(log, s, productInfo->cbProductId,
1365 "license product info::ProductId"))
1366 goto out_fail;
1367
1368 productInfo->pbProductId = (BYTE*)malloc(productInfo->cbProductId);
1369 if (!productInfo->pbProductId)
1370 goto out_fail;
1371 Stream_Read(s, productInfo->pbProductId, productInfo->cbProductId);
1372 return TRUE;
1373
1374out_fail:
1375 free(productInfo->pbCompanyName);
1376 free(productInfo->pbProductId);
1377 productInfo->pbCompanyName = NULL;
1378 productInfo->pbProductId = NULL;
1379 return FALSE;
1380}
1381
1382static BOOL license_write_product_info(wLog* log, wStream* s,
1383 const LICENSE_PRODUCT_INFO* productInfo)
1384{
1385 WINPR_ASSERT(productInfo);
1386
1387 if (!license_check_stream_capacity(log, s, 8, "license product info::cbCompanyName"))
1388 return FALSE;
1389
1390 Stream_Write_UINT32(s, productInfo->dwVersion); /* dwVersion (4 bytes) */
1391 Stream_Write_UINT32(s, productInfo->cbCompanyName); /* cbCompanyName (4 bytes) */
1392
1393 /* Name must be >0, but there is no upper limit defined, use UINT32_MAX */
1394 if ((productInfo->cbCompanyName < 2) || (productInfo->cbCompanyName % 2 != 0) ||
1395 !productInfo->pbCompanyName)
1396 {
1397 WLog_Print(log, WLOG_WARN, "license product info invalid cbCompanyName %" PRIu32,
1398 productInfo->cbCompanyName);
1399 return FALSE;
1400 }
1401
1402 if (!license_check_stream_capacity(log, s, productInfo->cbCompanyName,
1403 "license product info::CompanyName"))
1404 return FALSE;
1405
1406 Stream_Write(s, productInfo->pbCompanyName, productInfo->cbCompanyName);
1407
1408 if (!license_check_stream_capacity(log, s, 4, "license product info::cbProductId"))
1409 return FALSE;
1410
1411 Stream_Write_UINT32(s, productInfo->cbProductId); /* cbProductId (4 bytes) */
1412
1413 if ((productInfo->cbProductId < 2) || (productInfo->cbProductId % 2 != 0) ||
1414 !productInfo->pbProductId)
1415 {
1416 WLog_Print(log, WLOG_WARN, "license product info invalid cbProductId %" PRIu32,
1417 productInfo->cbProductId);
1418 return FALSE;
1419 }
1420
1421 if (!license_check_stream_capacity(log, s, productInfo->cbProductId,
1422 "license product info::ProductId"))
1423 return FALSE;
1424
1425 Stream_Write(s, productInfo->pbProductId, productInfo->cbProductId);
1426 return TRUE;
1427}
1428
1435LICENSE_PRODUCT_INFO* license_new_product_info(void)
1436{
1437 LICENSE_PRODUCT_INFO* productInfo =
1438 (LICENSE_PRODUCT_INFO*)calloc(1, sizeof(LICENSE_PRODUCT_INFO));
1439 if (!productInfo)
1440 return NULL;
1441 return productInfo;
1442}
1443
1450void license_free_product_info(LICENSE_PRODUCT_INFO* productInfo)
1451{
1452 if (productInfo)
1453 {
1454 free(productInfo->pbCompanyName);
1455 free(productInfo->pbProductId);
1456 free(productInfo);
1457 }
1458}
1459
1460BOOL license_read_binary_blob_data(wLog* log, LICENSE_BLOB* blob, UINT16 wBlobType,
1461 const void* data, size_t length)
1462{
1463 WINPR_ASSERT(blob);
1464 WINPR_ASSERT(length <= UINT16_MAX);
1465 WINPR_ASSERT(data || (length == 0));
1466
1467 blob->length = (UINT16)length;
1468 free(blob->data);
1469 blob->data = NULL;
1470
1471 if ((blob->type != wBlobType) && (blob->type != BB_ANY_BLOB))
1472 {
1473 WLog_Print(log, WLOG_ERROR, "license binary blob::type expected %s, got %s",
1474 licencse_blob_type_string(wBlobType), licencse_blob_type_string(blob->type));
1475 }
1476
1477 /*
1478 * Server can choose to not send data by setting length to 0.
1479 * If so, it may not bother to set the type, so shortcut the warning
1480 */
1481 if ((blob->type != BB_ANY_BLOB) && (blob->length == 0))
1482 {
1483 WLog_Print(log, WLOG_WARN, "license binary blob::type %s, length=0, skipping.",
1484 licencse_blob_type_string(blob->type));
1485 return TRUE;
1486 }
1487
1488 blob->type = wBlobType;
1489 blob->data = NULL;
1490 if (blob->length > 0)
1491 blob->data = malloc(blob->length);
1492 if (!blob->data)
1493 {
1494 WLog_Print(log, WLOG_ERROR, "license binary blob::length=%" PRIu16 ", blob::data=%p",
1495 blob->length, blob->data);
1496 return FALSE;
1497 }
1498 memcpy(blob->data, data, blob->length); /* blobData */
1499 return TRUE;
1500}
1501
1509BOOL license_read_binary_blob(wLog* log, wStream* s, LICENSE_BLOB* blob)
1510{
1511 UINT16 wBlobType = 0;
1512 UINT16 length = 0;
1513
1514 WINPR_ASSERT(blob);
1515
1516 if (!license_check_stream_length(log, s, 4, "license binary blob::type"))
1517 return FALSE;
1518
1519 Stream_Read_UINT16(s, wBlobType); /* wBlobType (2 bytes) */
1520 Stream_Read_UINT16(s, length); /* wBlobLen (2 bytes) */
1521
1522 if (!license_check_stream_length(log, s, length, "license binary blob::length"))
1523 return FALSE;
1524
1525 if (!license_read_binary_blob_data(log, blob, wBlobType, Stream_Pointer(s), length))
1526 return FALSE;
1527
1528 return Stream_SafeSeek(s, length);
1529}
1530
1538BOOL license_write_binary_blob(wStream* s, const LICENSE_BLOB* blob)
1539{
1540 WINPR_ASSERT(blob);
1541
1542 if (!Stream_EnsureRemainingCapacity(s, blob->length + 4))
1543 return FALSE;
1544
1545 Stream_Write_UINT16(s, blob->type); /* wBlobType (2 bytes) */
1546 Stream_Write_UINT16(s, blob->length); /* wBlobLen (2 bytes) */
1547
1548 if (blob->length > 0)
1549 Stream_Write(s, blob->data, blob->length); /* blobData */
1550 return TRUE;
1551}
1552
1553static BOOL license_write_encrypted_premaster_secret_blob(wLog* log, wStream* s,
1554 const LICENSE_BLOB* blob,
1555 UINT32 ModulusLength)
1556{
1557 const UINT32 length = ModulusLength + 8;
1558
1559 WINPR_ASSERT(blob);
1560 WINPR_ASSERT(length <= UINT16_MAX);
1561
1562 if (blob->length > ModulusLength)
1563 {
1564 WLog_Print(log, WLOG_ERROR, "invalid blob");
1565 return FALSE;
1566 }
1567
1568 if (!Stream_EnsureRemainingCapacity(s, length + 4))
1569 return FALSE;
1570 Stream_Write_UINT16(s, blob->type); /* wBlobType (2 bytes) */
1571 Stream_Write_UINT16(s, (UINT16)length); /* wBlobLen (2 bytes) */
1572
1573 if (blob->length > 0)
1574 Stream_Write(s, blob->data, blob->length); /* blobData */
1575
1576 Stream_Zero(s, length - blob->length);
1577 return TRUE;
1578}
1579
1580static BOOL license_read_encrypted_premaster_secret_blob(wLog* log, wStream* s, LICENSE_BLOB* blob,
1581 UINT32* ModulusLength)
1582{
1583 if (!license_read_binary_blob(log, s, blob))
1584 return FALSE;
1585 WINPR_ASSERT(ModulusLength);
1586 *ModulusLength = blob->length;
1587 return TRUE;
1588}
1589
1596LICENSE_BLOB* license_new_binary_blob(UINT16 type)
1597{
1598 LICENSE_BLOB* blob = (LICENSE_BLOB*)calloc(1, sizeof(LICENSE_BLOB));
1599 if (blob)
1600 blob->type = type;
1601 return blob;
1602}
1603
1610void license_free_binary_blob(LICENSE_BLOB* blob)
1611{
1612 if (blob)
1613 {
1614 free(blob->data);
1615 free(blob);
1616 }
1617}
1618
1626BOOL license_read_scope_list(wLog* log, wStream* s, SCOPE_LIST* scopeList)
1627{
1628 UINT32 scopeCount = 0;
1629
1630 WINPR_ASSERT(scopeList);
1631
1632 if (!license_check_stream_length(log, s, 4, "license scope list"))
1633 return FALSE;
1634
1635 Stream_Read_UINT32(s, scopeCount); /* ScopeCount (4 bytes) */
1636
1637 if (!license_check_stream_length(log, s, 4ll * scopeCount, "license scope list::count"))
1638 return FALSE;
1639
1640 if (!license_scope_list_resize(scopeList, scopeCount))
1641 return FALSE;
1642 /* ScopeArray */
1643 for (UINT32 i = 0; i < scopeCount; i++)
1644 {
1645 if (!license_read_binary_blob(log, s, scopeList->array[i]))
1646 return FALSE;
1647 }
1648
1649 return TRUE;
1650}
1651
1652BOOL license_write_scope_list(wLog* log, wStream* s, const SCOPE_LIST* scopeList)
1653{
1654 WINPR_ASSERT(scopeList);
1655
1656 if (!license_check_stream_capacity(log, s, 4, "license scope list"))
1657 return FALSE;
1658
1659 Stream_Write_UINT32(s, scopeList->count); /* ScopeCount (4 bytes) */
1660
1661 if (!license_check_stream_capacity(log, s, scopeList->count * 4ull,
1662 "license scope list::count"))
1663 return FALSE;
1664
1665 /* ScopeArray */
1666 WINPR_ASSERT(scopeList->array || (scopeList->count == 0));
1667 for (UINT32 i = 0; i < scopeList->count; i++)
1668 {
1669 const LICENSE_BLOB* element = scopeList->array[i];
1670
1671 if (!license_write_binary_blob(s, element))
1672 return FALSE;
1673 }
1674
1675 return TRUE;
1676}
1677
1684SCOPE_LIST* license_new_scope_list(void)
1685{
1686 SCOPE_LIST* list = calloc(1, sizeof(SCOPE_LIST));
1687 return list;
1688}
1689
1690BOOL license_scope_list_resize(SCOPE_LIST* scopeList, UINT32 count)
1691{
1692 WINPR_ASSERT(scopeList);
1693 WINPR_ASSERT(scopeList->array || (scopeList->count == 0));
1694
1695 for (UINT32 x = count; x < scopeList->count; x++)
1696 {
1697 license_free_binary_blob(scopeList->array[x]);
1698 scopeList->array[x] = NULL;
1699 }
1700
1701 if (count > 0)
1702 {
1703 LICENSE_BLOB** tmp =
1704 (LICENSE_BLOB**)realloc((void*)scopeList->array, count * sizeof(LICENSE_BLOB*));
1705 if (!tmp)
1706 return FALSE;
1707 scopeList->array = tmp;
1708 }
1709 else
1710 {
1711 free((void*)scopeList->array);
1712 scopeList->array = NULL;
1713 }
1714
1715 for (UINT32 x = scopeList->count; x < count; x++)
1716 {
1717 LICENSE_BLOB* blob = license_new_binary_blob(BB_SCOPE_BLOB);
1718 if (!blob)
1719 {
1720 scopeList->count = x;
1721 return FALSE;
1722 }
1723 scopeList->array[x] = blob;
1724 }
1725
1726 scopeList->count = count;
1727 return TRUE;
1728}
1729
1736void license_free_scope_list(SCOPE_LIST* scopeList)
1737{
1738 if (!scopeList)
1739 return;
1740
1741 license_scope_list_resize(scopeList, 0);
1742 free(scopeList);
1743}
1744
1745BOOL license_send_license_info(rdpLicense* license, const LICENSE_BLOB* calBlob,
1746 const BYTE* signature, size_t signature_length)
1747{
1748 WINPR_ASSERT(calBlob);
1749 WINPR_ASSERT(signature);
1750 WINPR_ASSERT(license->certificate);
1751
1752 const rdpCertInfo* info = freerdp_certificate_get_info(license->certificate);
1753 if (!info)
1754 return FALSE;
1755
1756 UINT16 sec_flags = 0;
1757 wStream* s = license_send_stream_init(license, &sec_flags);
1758 if (!s)
1759 return FALSE;
1760
1761 if (!license_check_stream_capacity(license->log, s, 8 + sizeof(license->ClientRandom),
1762 "license info::ClientRandom"))
1763 goto error;
1764
1765 Stream_Write_UINT32(s,
1766 license->PreferredKeyExchangeAlg); /* PreferredKeyExchangeAlg (4 bytes) */
1767 Stream_Write_UINT32(s, license->PlatformId); /* PlatformId (4 bytes) */
1768
1769 /* ClientRandom (32 bytes) */
1770 Stream_Write(s, license->ClientRandom, sizeof(license->ClientRandom));
1771
1772 /* Licensing Binary Blob with EncryptedPreMasterSecret: */
1773 if (!license_write_encrypted_premaster_secret_blob(
1774 license->log, s, license->EncryptedPremasterSecret, info->ModulusLength))
1775 goto error;
1776
1777 /* Licensing Binary Blob with LicenseInfo: */
1778 if (!license_write_binary_blob(s, calBlob))
1779 goto error;
1780
1781 /* Licensing Binary Blob with EncryptedHWID */
1782 if (!license_write_binary_blob(s, license->EncryptedHardwareId))
1783 goto error;
1784
1785 /* MACData */
1786 if (!license_check_stream_capacity(license->log, s, signature_length, "license info::MACData"))
1787 goto error;
1788 Stream_Write(s, signature, signature_length);
1789
1790 return license_send(license, s, LICENSE_INFO, sec_flags);
1791
1792error:
1793 Stream_Release(s);
1794 return FALSE;
1795}
1796
1797static BOOL license_check_preferred_alg(rdpLicense* license, UINT32 PreferredKeyExchangeAlg,
1798 const char* where)
1799{
1800 WINPR_ASSERT(license);
1801 WINPR_ASSERT(where);
1802
1803 if (license->PreferredKeyExchangeAlg != PreferredKeyExchangeAlg)
1804 {
1805 char buffer1[64] = { 0 };
1806 char buffer2[64] = { 0 };
1807 WLog_Print(license->log, WLOG_WARN, "%s::PreferredKeyExchangeAlg, expected %s, got %s",
1808 where,
1809 license_preferred_key_exchange_alg_string(license->PreferredKeyExchangeAlg,
1810 buffer1, sizeof(buffer1)),
1811 license_preferred_key_exchange_alg_string(PreferredKeyExchangeAlg, buffer2,
1812 sizeof(buffer2)));
1813 return FALSE;
1814 }
1815 return TRUE;
1816}
1817
1818BOOL license_read_license_info(rdpLicense* license, wStream* s)
1819{
1820 BOOL rc = FALSE;
1821 UINT32 PreferredKeyExchangeAlg = 0;
1822
1823 WINPR_ASSERT(license);
1824 WINPR_ASSERT(license->certificate);
1825
1826 const rdpCertInfo* info = freerdp_certificate_get_info(license->certificate);
1827 if (!info)
1828 goto error;
1829
1830 /* ClientRandom (32 bytes) */
1831 if (!license_check_stream_length(license->log, s, 8 + sizeof(license->ClientRandom),
1832 "license info"))
1833 goto error;
1834
1835 Stream_Read_UINT32(s, PreferredKeyExchangeAlg); /* PreferredKeyExchangeAlg (4 bytes) */
1836 if (!license_check_preferred_alg(license, PreferredKeyExchangeAlg, "license info"))
1837 goto error;
1838 Stream_Read_UINT32(s, license->PlatformId); /* PlatformId (4 bytes) */
1839
1840 /* ClientRandom (32 bytes) */
1841 Stream_Read(s, license->ClientRandom, sizeof(license->ClientRandom));
1842
1843 /* Licensing Binary Blob with EncryptedPreMasterSecret: */
1844 UINT32 ModulusLength = 0;
1845 if (!license_read_encrypted_premaster_secret_blob(
1846 license->log, s, license->EncryptedPremasterSecret, &ModulusLength))
1847 goto error;
1848
1849 if (ModulusLength != info->ModulusLength)
1850 {
1851 WLog_Print(license->log, WLOG_WARN,
1852 "EncryptedPremasterSecret,::ModulusLength[%" PRIu32
1853 "] != rdpCertInfo::ModulusLength[%" PRIu32 "]",
1854 ModulusLength, info->ModulusLength);
1855 goto error;
1856 }
1857 /* Licensing Binary Blob with LicenseInfo: */
1858 if (!license_read_binary_blob(license->log, s, license->LicenseInfo))
1859 goto error;
1860
1861 /* Licensing Binary Blob with EncryptedHWID */
1862 if (!license_read_binary_blob(license->log, s, license->EncryptedHardwareId))
1863 goto error;
1864
1865 /* MACData */
1866 if (!license_check_stream_length(license->log, s, sizeof(license->MACData),
1867 "license info::MACData"))
1868 goto error;
1869 Stream_Read(s, license->MACData, sizeof(license->MACData));
1870
1871 rc = TRUE;
1872
1873error:
1874 return rc;
1875}
1876
1884BOOL license_read_license_request_packet(rdpLicense* license, wStream* s)
1885{
1886 WINPR_ASSERT(license);
1887
1888 /* ServerRandom (32 bytes) */
1889 if (!license_check_stream_length(license->log, s, sizeof(license->ServerRandom),
1890 "license request"))
1891 return FALSE;
1892
1893 Stream_Read(s, license->ServerRandom, sizeof(license->ServerRandom));
1894
1895 /* ProductInfo */
1896 if (!license_read_product_info(license->log, s, license->ProductInfo))
1897 return FALSE;
1898
1899 /* KeyExchangeList */
1900 if (!license_read_binary_blob(license->log, s, license->KeyExchangeList))
1901 return FALSE;
1902
1903 /* ServerCertificate */
1904 if (!license_read_binary_blob(license->log, s, license->ServerCertificate))
1905 return FALSE;
1906
1907 /* ScopeList */
1908 if (!license_read_scope_list(license->log, s, license->ScopeList))
1909 return FALSE;
1910
1911 /* Parse Server Certificate */
1912 if (!freerdp_certificate_read_server_cert(license->certificate,
1913 license->ServerCertificate->data,
1914 license->ServerCertificate->length))
1915 return FALSE;
1916
1917 if (!license_generate_keys(license) || !license_generate_hwid(license) ||
1918 !license_encrypt_premaster_secret(license))
1919 return FALSE;
1920
1921#ifdef WITH_DEBUG_LICENSE
1922 WLog_Print(license->log, WLOG_DEBUG, "ServerRandom:");
1923 winpr_HexLogDump(license->log, WLOG_DEBUG, license->ServerRandom,
1924 sizeof(license->ServerRandom));
1925 license_print_product_info(license->log, license->ProductInfo);
1926 license_print_scope_list(license->log, license->ScopeList);
1927#endif
1928 return TRUE;
1929}
1930
1931BOOL license_write_license_request_packet(const rdpLicense* license, wStream* s)
1932{
1933 WINPR_ASSERT(license);
1934
1935 /* ServerRandom (32 bytes) */
1936 if (!license_check_stream_capacity(license->log, s, sizeof(license->ServerRandom),
1937 "license request"))
1938 return FALSE;
1939 Stream_Write(s, license->ServerRandom, sizeof(license->ServerRandom));
1940
1941 /* ProductInfo */
1942 if (!license_write_product_info(license->log, s, license->ProductInfo))
1943 return FALSE;
1944
1945 /* KeyExchangeList */
1946 if (!license_write_binary_blob(s, license->KeyExchangeList))
1947 return FALSE;
1948
1949 /* ServerCertificate */
1950 if (!license_write_binary_blob(s, license->ServerCertificate))
1951 return FALSE;
1952
1953 /* ScopeList */
1954 if (!license_write_scope_list(license->log, s, license->ScopeList))
1955 return FALSE;
1956
1957 return TRUE;
1958}
1959
1960static BOOL license_send_license_request_packet(rdpLicense* license)
1961{
1962 UINT16 sec_flags = 0;
1963 wStream* s = license_send_stream_init(license, &sec_flags);
1964 if (!s)
1965 return FALSE;
1966
1967 if (!license_write_license_request_packet(license, s))
1968 goto fail;
1969
1970 return license_send(license, s, LICENSE_REQUEST, sec_flags);
1971
1972fail:
1973 Stream_Release(s);
1974 return FALSE;
1975}
1976
1977/*
1978 * Read a PLATFORM_CHALLENGE packet.
1979 * msdn{cc241921}
1980 * @param license license module
1981 * @param s stream
1982 */
1983
1984BOOL license_read_platform_challenge_packet(rdpLicense* license, wStream* s)
1985{
1986 BYTE macData[LICENSING_ENCRYPTION_KEY_LENGTH] = { 0 };
1987
1988 WINPR_ASSERT(license);
1989
1990 DEBUG_LICENSE("Receiving Platform Challenge Packet");
1991
1992 if (!license_check_stream_length(license->log, s, 4, "license platform challenge"))
1993 return FALSE;
1994
1995 /* [MS-RDPELE] 2.2.2.4 Server Platform Challenge (SERVER_PLATFORM_CHALLENGE)
1996 * reserved field */
1997 Stream_Seek_UINT32(s); /* ConnectFlags, Reserved (4 bytes) */
1998
1999 /* EncryptedPlatformChallenge */
2000 license->EncryptedPlatformChallenge->type = BB_ANY_BLOB;
2001 if (!license_read_binary_blob(license->log, s, license->EncryptedPlatformChallenge))
2002 return FALSE;
2003 license->EncryptedPlatformChallenge->type = BB_ENCRYPTED_DATA_BLOB;
2004
2005 /* MACData (16 bytes) */
2006 if (!license_check_stream_length(license->log, s, sizeof(macData),
2007 "license platform challenge::MAC"))
2008 return FALSE;
2009
2010 Stream_Read(s, macData, sizeof(macData));
2011 if (!license_decrypt_and_check_MAC(license, license->EncryptedPlatformChallenge->data,
2012 license->EncryptedPlatformChallenge->length,
2013 license->PlatformChallenge, macData))
2014 return FALSE;
2015
2016#ifdef WITH_DEBUG_LICENSE
2017 WLog_Print(license->log, WLOG_DEBUG, "EncryptedPlatformChallenge:");
2018 winpr_HexLogDump(license->log, WLOG_DEBUG, license->EncryptedPlatformChallenge->data,
2019 license->EncryptedPlatformChallenge->length);
2020 WLog_Print(license->log, WLOG_DEBUG, "PlatformChallenge:");
2021 winpr_HexLogDump(license->log, WLOG_DEBUG, license->PlatformChallenge->data,
2022 license->PlatformChallenge->length);
2023 WLog_Print(license->log, WLOG_DEBUG, "MacData:");
2024 winpr_HexLogDump(license->log, WLOG_DEBUG, macData, sizeof(macData));
2025#endif
2026 return TRUE;
2027}
2028
2029BOOL license_send_error_alert(rdpLicense* license, UINT32 dwErrorCode, UINT32 dwStateTransition,
2030 const LICENSE_BLOB* info)
2031{
2032 UINT16 sec_flags = 0;
2033 wStream* s = license_send_stream_init(license, &sec_flags);
2034
2035 if (!s)
2036 goto fail;
2037
2038 if (!license_check_stream_capacity(license->log, s, 8, "license error alert"))
2039 goto fail;
2040 Stream_Write_UINT32(s, dwErrorCode);
2041 Stream_Write_UINT32(s, dwStateTransition);
2042
2043 if (info)
2044 {
2045 if (!license_write_binary_blob(s, info))
2046 goto fail;
2047 }
2048
2049 return license_send(license, s, ERROR_ALERT, sec_flags);
2050fail:
2051 Stream_Release(s);
2052 return FALSE;
2053}
2054
2055BOOL license_send_platform_challenge_packet(rdpLicense* license)
2056{
2057 UINT16 sec_flags = 0;
2058 wStream* s = license_send_stream_init(license, &sec_flags);
2059
2060 if (!s)
2061 goto fail;
2062
2063 DEBUG_LICENSE("Receiving Platform Challenge Packet");
2064
2065 if (!license_check_stream_capacity(license->log, s, 4, "license platform challenge"))
2066 goto fail;
2067
2068 Stream_Zero(s, 4); /* ConnectFlags, Reserved (4 bytes) */
2069
2070 /* EncryptedPlatformChallenge */
2071 if (!license_write_binary_blob(s, license->EncryptedPlatformChallenge))
2072 goto fail;
2073
2074 /* MACData (16 bytes) */
2075 if (!license_check_stream_length(license->log, s, sizeof(license->MACData),
2076 "license platform challenge::MAC"))
2077 goto fail;
2078
2079 Stream_Write(s, license->MACData, sizeof(license->MACData));
2080
2081 return license_send(license, s, PLATFORM_CHALLENGE, sec_flags);
2082fail:
2083 Stream_Release(s);
2084 return FALSE;
2085}
2086
2087static BOOL license_read_encrypted_blob(const rdpLicense* license, wStream* s, LICENSE_BLOB* target)
2088{
2089 UINT16 wBlobType = 0;
2090 UINT16 wBlobLen = 0;
2091
2092 WINPR_ASSERT(license);
2093 WINPR_ASSERT(target);
2094
2095 if (!license_check_stream_length(license->log, s, 4, "license encrypted blob"))
2096 return FALSE;
2097
2098 Stream_Read_UINT16(s, wBlobType);
2099 if (wBlobType != BB_ENCRYPTED_DATA_BLOB)
2100 {
2101 WLog_Print(
2102 license->log, WLOG_WARN,
2103 "expecting BB_ENCRYPTED_DATA_BLOB blob, probably a windows 2003 server, continuing...");
2104 }
2105
2106 Stream_Read_UINT16(s, wBlobLen);
2107
2108 BYTE* encryptedData = Stream_Pointer(s);
2109 if (!Stream_SafeSeek(s, wBlobLen))
2110 {
2111 WLog_Print(license->log, WLOG_WARN,
2112 "short license encrypted blob::length, expected %" PRIu16 " bytes, got %" PRIuz,
2113 wBlobLen, Stream_GetRemainingLength(s));
2114 return FALSE;
2115 }
2116
2117 return license_rc4_with_licenseKey(license, encryptedData, wBlobLen, target);
2118}
2119
2127BOOL license_read_new_or_upgrade_license_packet(rdpLicense* license, wStream* s)
2128{
2129 UINT32 os_major = 0;
2130 UINT32 os_minor = 0;
2131 UINT32 cbScope = 0;
2132 UINT32 cbCompanyName = 0;
2133 UINT32 cbProductId = 0;
2134 UINT32 cbLicenseInfo = 0;
2135 wStream sbuffer = { 0 };
2136 wStream* licenseStream = NULL;
2137 BOOL ret = FALSE;
2138 BYTE computedMac[16] = { 0 };
2139 const BYTE* readMac = NULL;
2140
2141 WINPR_ASSERT(license);
2142
2143 DEBUG_LICENSE("Receiving Server New/Upgrade License Packet");
2144
2145 LICENSE_BLOB* calBlob = license_new_binary_blob(BB_DATA_BLOB);
2146 if (!calBlob)
2147 return FALSE;
2148
2149 /* EncryptedLicenseInfo */
2150 if (!license_read_encrypted_blob(license, s, calBlob))
2151 goto fail;
2152
2153 /* compute MAC and check it */
2154 readMac = Stream_Pointer(s);
2155 if (!Stream_SafeSeek(s, sizeof(computedMac)))
2156 {
2157 WLog_Print(license->log, WLOG_WARN,
2158 "short license new/upgrade, expected 16 bytes, got %" PRIuz,
2159 Stream_GetRemainingLength(s));
2160 goto fail;
2161 }
2162
2163 if (!security_mac_data(license->MacSaltKey, sizeof(license->MacSaltKey), calBlob->data,
2164 calBlob->length, computedMac, sizeof(computedMac)))
2165 goto fail;
2166
2167 if (memcmp(computedMac, readMac, sizeof(computedMac)) != 0)
2168 {
2169 WLog_Print(license->log, WLOG_ERROR, "new or upgrade license MAC mismatch");
2170 goto fail;
2171 }
2172
2173 licenseStream = Stream_StaticConstInit(&sbuffer, calBlob->data, calBlob->length);
2174 if (!licenseStream)
2175 {
2176 WLog_Print(license->log, WLOG_ERROR,
2177 "license::blob::data=%p, license::blob::length=%" PRIu16, calBlob->data,
2178 calBlob->length);
2179 goto fail;
2180 }
2181
2182 if (!license_check_stream_length(license->log, licenseStream, 8,
2183 "license new/upgrade::blob::version"))
2184 goto fail;
2185
2186 Stream_Read_UINT16(licenseStream, os_minor);
2187 Stream_Read_UINT16(licenseStream, os_major);
2188
2189 WLog_Print(license->log, WLOG_DEBUG, "Version: %" PRIu16 ".%" PRIu16, os_major, os_minor);
2190
2191 /* Scope */
2192 Stream_Read_UINT32(licenseStream, cbScope);
2193 if (!license_check_stream_length(license->log, licenseStream, cbScope,
2194 "license new/upgrade::blob::scope"))
2195 goto fail;
2196
2197#ifdef WITH_DEBUG_LICENSE
2198 WLog_Print(license->log, WLOG_DEBUG, "Scope:");
2199 winpr_HexLogDump(license->log, WLOG_DEBUG, Stream_Pointer(licenseStream), cbScope);
2200#endif
2201 Stream_Seek(licenseStream, cbScope);
2202
2203 /* CompanyName */
2204 if (!license_check_stream_length(license->log, licenseStream, 4,
2205 "license new/upgrade::blob::cbCompanyName"))
2206 goto fail;
2207
2208 Stream_Read_UINT32(licenseStream, cbCompanyName);
2209 if (!license_check_stream_length(license->log, licenseStream, cbCompanyName,
2210 "license new/upgrade::blob::CompanyName"))
2211 goto fail;
2212
2213#ifdef WITH_DEBUG_LICENSE
2214 WLog_Print(license->log, WLOG_DEBUG, "Company name:");
2215 winpr_HexLogDump(license->log, WLOG_DEBUG, Stream_Pointer(licenseStream), cbCompanyName);
2216#endif
2217 Stream_Seek(licenseStream, cbCompanyName);
2218
2219 /* productId */
2220 if (!license_check_stream_length(license->log, licenseStream, 4,
2221 "license new/upgrade::blob::cbProductId"))
2222 goto fail;
2223
2224 Stream_Read_UINT32(licenseStream, cbProductId);
2225
2226 if (!license_check_stream_length(license->log, licenseStream, cbProductId,
2227 "license new/upgrade::blob::ProductId"))
2228 goto fail;
2229
2230#ifdef WITH_DEBUG_LICENSE
2231 WLog_Print(license->log, WLOG_DEBUG, "Product id:");
2232 winpr_HexLogDump(license->log, WLOG_DEBUG, Stream_Pointer(licenseStream), cbProductId);
2233#endif
2234 Stream_Seek(licenseStream, cbProductId);
2235
2236 /* licenseInfo */
2237 if (!license_check_stream_length(license->log, licenseStream, 4,
2238 "license new/upgrade::blob::cbLicenseInfo"))
2239 goto fail;
2240
2241 Stream_Read_UINT32(licenseStream, cbLicenseInfo);
2242 if (!license_check_stream_length(license->log, licenseStream, cbLicenseInfo,
2243 "license new/upgrade::blob::LicenseInfo"))
2244 goto fail;
2245
2246 license->type = LICENSE_TYPE_ISSUED;
2247 ret = license_set_state(license, LICENSE_STATE_COMPLETED);
2248
2249 if (!license->rdp->settings->OldLicenseBehaviour)
2250 ret = saveCal(license->log, license->rdp->settings, Stream_Pointer(licenseStream),
2251 cbLicenseInfo, license->rdp->settings->ClientHostname);
2252
2253fail:
2254 license_free_binary_blob(calBlob);
2255 return ret;
2256}
2257
2265BOOL license_read_error_alert_packet(rdpLicense* license, wStream* s)
2266{
2267 UINT32 dwErrorCode = 0;
2268 UINT32 dwStateTransition = 0;
2269
2270 WINPR_ASSERT(license);
2271 WINPR_ASSERT(license->rdp);
2272
2273 if (!license_check_stream_length(license->log, s, 8ul, "error alert"))
2274 return FALSE;
2275
2276 Stream_Read_UINT32(s, dwErrorCode); /* dwErrorCode (4 bytes) */
2277 Stream_Read_UINT32(s, dwStateTransition); /* dwStateTransition (4 bytes) */
2278
2279 if (!license_read_binary_blob(license->log, s, license->ErrorInfo)) /* bbErrorInfo */
2280 return FALSE;
2281
2282#ifdef WITH_DEBUG_LICENSE
2283 WLog_Print(license->log, WLOG_DEBUG, "dwErrorCode: %s, dwStateTransition: %s",
2284 error_codes[dwErrorCode], state_transitions[dwStateTransition]);
2285#endif
2286
2287 if (dwErrorCode == STATUS_VALID_CLIENT)
2288 {
2289 license->type = LICENSE_TYPE_NONE;
2290 return license_set_state(license, LICENSE_STATE_COMPLETED);
2291 }
2292
2293 switch (dwStateTransition)
2294 {
2295 case ST_TOTAL_ABORT:
2296 license_set_state(license, LICENSE_STATE_ABORTED);
2297 break;
2298 case ST_NO_TRANSITION:
2299 license_set_state(license, LICENSE_STATE_COMPLETED);
2300 break;
2301 case ST_RESET_PHASE_TO_START:
2302 license_set_state(license, LICENSE_STATE_CONFIGURED);
2303 break;
2304 case ST_RESEND_LAST_MESSAGE:
2305 break;
2306 default:
2307 break;
2308 }
2309
2310 return TRUE;
2311}
2312
2320BOOL license_write_new_license_request_packet(const rdpLicense* license, wStream* s)
2321{
2322 WINPR_ASSERT(license);
2323
2324 const rdpCertInfo* info = freerdp_certificate_get_info(license->certificate);
2325 if (!info)
2326 return FALSE;
2327
2328 if (!license_check_stream_capacity(license->log, s, 8 + sizeof(license->ClientRandom),
2329 "License Request"))
2330 return FALSE;
2331
2332 Stream_Write_UINT32(s,
2333 license->PreferredKeyExchangeAlg); /* PreferredKeyExchangeAlg (4 bytes) */
2334 Stream_Write_UINT32(s, license->PlatformId); /* PlatformId (4 bytes) */
2335 Stream_Write(s, license->ClientRandom,
2336 sizeof(license->ClientRandom)); /* ClientRandom (32 bytes) */
2337
2338 if (/* EncryptedPremasterSecret */
2339 !license_write_encrypted_premaster_secret_blob(
2340 license->log, s, license->EncryptedPremasterSecret, info->ModulusLength) ||
2341 /* ClientUserName */
2342 !license_write_binary_blob(s, license->ClientUserName) ||
2343 /* ClientMachineName */
2344 !license_write_binary_blob(s, license->ClientMachineName))
2345 {
2346 return FALSE;
2347 }
2348
2349#ifdef WITH_DEBUG_LICENSE
2350 WLog_Print(license->log, WLOG_DEBUG, "PreferredKeyExchangeAlg: 0x%08" PRIX32 "",
2351 license->PreferredKeyExchangeAlg);
2352 WLog_Print(license->log, WLOG_DEBUG, "ClientRandom:");
2353 winpr_HexLogDump(license->log, WLOG_DEBUG, license->ClientRandom,
2354 sizeof(license->ClientRandom));
2355 WLog_Print(license->log, WLOG_DEBUG, "EncryptedPremasterSecret");
2356 winpr_HexLogDump(license->log, WLOG_DEBUG, license->EncryptedPremasterSecret->data,
2357 license->EncryptedPremasterSecret->length);
2358 WLog_Print(license->log, WLOG_DEBUG, "ClientUserName (%" PRIu16 "): %s",
2359 license->ClientUserName->length, (char*)license->ClientUserName->data);
2360 WLog_Print(license->log, WLOG_DEBUG, "ClientMachineName (%" PRIu16 "): %s",
2361 license->ClientMachineName->length, (char*)license->ClientMachineName->data);
2362#endif
2363 return TRUE;
2364}
2365
2366BOOL license_read_new_license_request_packet(rdpLicense* license, wStream* s)
2367{
2368 UINT32 PreferredKeyExchangeAlg = 0;
2369
2370 WINPR_ASSERT(license);
2371
2372 if (!license_check_stream_length(license->log, s, 8ull + sizeof(license->ClientRandom),
2373 "new license request"))
2374 return FALSE;
2375
2376 Stream_Read_UINT32(s, PreferredKeyExchangeAlg); /* PreferredKeyExchangeAlg (4 bytes) */
2377 if (!license_check_preferred_alg(license, PreferredKeyExchangeAlg, "new license request"))
2378 return FALSE;
2379
2380 Stream_Read_UINT32(s, license->PlatformId); /* PlatformId (4 bytes) */
2381 Stream_Read(s, license->ClientRandom,
2382 sizeof(license->ClientRandom)); /* ClientRandom (32 bytes) */
2383
2384 /* EncryptedPremasterSecret */
2385 UINT32 ModulusLength = 0;
2386 if (!license_read_encrypted_premaster_secret_blob(
2387 license->log, s, license->EncryptedPremasterSecret, &ModulusLength))
2388 return FALSE;
2389
2390 const rdpCertInfo* info = freerdp_certificate_get_info(license->certificate);
2391 if (!info)
2392 WLog_Print(license->log, WLOG_WARN,
2393 "Missing license certificate, skipping ModulusLength checks");
2394 else if (ModulusLength != info->ModulusLength)
2395 {
2396 WLog_Print(license->log, WLOG_WARN,
2397 "EncryptedPremasterSecret expected to be %" PRIu32 " bytes, but read %" PRIu32
2398 " bytes",
2399 info->ModulusLength, ModulusLength);
2400 return FALSE;
2401 }
2402
2403 /* ClientUserName */
2404 if (!license_read_binary_blob(license->log, s, license->ClientUserName))
2405 return FALSE;
2406 /* ClientMachineName */
2407 if (!license_read_binary_blob(license->log, s, license->ClientMachineName))
2408 return FALSE;
2409
2410 return TRUE;
2411}
2412
2419BOOL license_answer_license_request(rdpLicense* license)
2420{
2421 UINT16 sec_flags = 0;
2422 wStream* s = NULL;
2423 BYTE* license_data = NULL;
2424 size_t license_size = 0;
2425 BOOL status = 0;
2426 char* username = NULL;
2427
2428 WINPR_ASSERT(license);
2429 WINPR_ASSERT(license->rdp);
2430 WINPR_ASSERT(license->rdp->settings);
2431
2432 if (!license->rdp->settings->OldLicenseBehaviour)
2433 license_data = loadCalFile(license->log, license->rdp->settings,
2434 license->rdp->settings->ClientHostname, &license_size);
2435
2436 if (license_data)
2437 {
2438 LICENSE_BLOB* calBlob = NULL;
2439 BYTE signature[LICENSING_ENCRYPTION_KEY_LENGTH] = { 0 };
2440
2441 DEBUG_LICENSE("Sending Saved License Packet");
2442
2443 WINPR_ASSERT(license->EncryptedHardwareId);
2444 license->EncryptedHardwareId->type = BB_ENCRYPTED_DATA_BLOB;
2445 if (!license_encrypt_and_MAC(license, license->HardwareId, sizeof(license->HardwareId),
2446 license->EncryptedHardwareId, signature, sizeof(signature)))
2447 {
2448 free(license_data);
2449 return FALSE;
2450 }
2451
2452 calBlob = license_new_binary_blob(BB_DATA_BLOB);
2453 if (!calBlob)
2454 {
2455 free(license_data);
2456 return FALSE;
2457 }
2458 calBlob->data = license_data;
2459 WINPR_ASSERT(license_size <= UINT16_MAX);
2460 calBlob->length = (UINT16)license_size;
2461
2462 status = license_send_license_info(license, calBlob, signature, sizeof(signature));
2463 license_free_binary_blob(calBlob);
2464
2465 return status;
2466 }
2467
2468 DEBUG_LICENSE("Sending New License Packet");
2469
2470 s = license_send_stream_init(license, &sec_flags);
2471 if (!s)
2472 return FALSE;
2473 if (license->rdp->settings->Username != NULL)
2474 username = license->rdp->settings->Username;
2475 else
2476 username = "username";
2477
2478 {
2479 WINPR_ASSERT(license->ClientUserName);
2480 const size_t len = strlen(username) + 1;
2481 WINPR_ASSERT(len <= UINT16_MAX);
2482
2483 license->ClientUserName->data = (BYTE*)username;
2484 license->ClientUserName->length = (UINT16)len;
2485 }
2486
2487 {
2488 WINPR_ASSERT(license->ClientMachineName);
2489 const size_t len = strlen(license->rdp->settings->ClientHostname) + 1;
2490 WINPR_ASSERT(len <= UINT16_MAX);
2491
2492 license->ClientMachineName->data = (BYTE*)license->rdp->settings->ClientHostname;
2493 license->ClientMachineName->length = (UINT16)len;
2494 }
2495 status = license_write_new_license_request_packet(license, s);
2496
2497 WINPR_ASSERT(license->ClientUserName);
2498 license->ClientUserName->data = NULL;
2499 license->ClientUserName->length = 0;
2500
2501 WINPR_ASSERT(license->ClientMachineName);
2502 license->ClientMachineName->data = NULL;
2503 license->ClientMachineName->length = 0;
2504
2505 if (!status)
2506 {
2507 Stream_Release(s);
2508 return FALSE;
2509 }
2510
2511 return license_send(license, s, NEW_LICENSE_REQUEST, sec_flags);
2512}
2513
2520BOOL license_send_platform_challenge_response(rdpLicense* license)
2521{
2522 wStream* challengeRespData = NULL;
2523 BYTE* buffer = NULL;
2524 BOOL status = 0;
2525
2526 WINPR_ASSERT(license);
2527 WINPR_ASSERT(license->PlatformChallenge);
2528 WINPR_ASSERT(license->MacSaltKey);
2529 WINPR_ASSERT(license->EncryptedPlatformChallenge);
2530 WINPR_ASSERT(license->EncryptedHardwareId);
2531
2532 DEBUG_LICENSE("Sending Platform Challenge Response Packet");
2533
2534 license->EncryptedPlatformChallenge->type = BB_DATA_BLOB;
2535
2536 /* prepare the PLATFORM_CHALLENGE_RESPONSE_DATA */
2537 challengeRespData = Stream_New(NULL, 8 + license->PlatformChallenge->length);
2538 if (!challengeRespData)
2539 return FALSE;
2540 Stream_Write_UINT16(challengeRespData, PLATFORM_CHALLENGE_RESPONSE_VERSION); /* wVersion */
2541 Stream_Write_UINT16(challengeRespData, license->ClientType); /* wClientType */
2542 Stream_Write_UINT16(challengeRespData, license->LicenseDetailLevel); /* wLicenseDetailLevel */
2543 Stream_Write_UINT16(challengeRespData, license->PlatformChallenge->length); /* cbChallenge */
2544 Stream_Write(challengeRespData, license->PlatformChallenge->data,
2545 license->PlatformChallenge->length); /* pbChallenge */
2546 Stream_SealLength(challengeRespData);
2547
2548 /* compute MAC of PLATFORM_CHALLENGE_RESPONSE_DATA + HWID */
2549 const size_t length = Stream_Length(challengeRespData) + sizeof(license->HardwareId);
2550 buffer = (BYTE*)malloc(length);
2551 if (!buffer)
2552 {
2553 Stream_Free(challengeRespData, TRUE);
2554 return FALSE;
2555 }
2556
2557 CopyMemory(buffer, Stream_Buffer(challengeRespData), Stream_Length(challengeRespData));
2558 CopyMemory(&buffer[Stream_Length(challengeRespData)], license->HardwareId,
2559 sizeof(license->HardwareId));
2560 status = security_mac_data(license->MacSaltKey, sizeof(license->MacSaltKey), buffer, length,
2561 license->MACData, sizeof(license->MACData));
2562 free(buffer);
2563
2564 if (!status)
2565 {
2566 Stream_Free(challengeRespData, TRUE);
2567 return FALSE;
2568 }
2569
2570 license->EncryptedHardwareId->type = BB_ENCRYPTED_DATA_BLOB;
2571 if (!license_rc4_with_licenseKey(license, license->HardwareId, sizeof(license->HardwareId),
2572 license->EncryptedHardwareId))
2573 {
2574 Stream_Free(challengeRespData, TRUE);
2575 return FALSE;
2576 }
2577
2578 status = license_rc4_with_licenseKey(license, Stream_Buffer(challengeRespData),
2579 Stream_Length(challengeRespData),
2580 license->EncryptedPlatformChallengeResponse);
2581 Stream_Free(challengeRespData, TRUE);
2582 if (!status)
2583 return FALSE;
2584
2585#ifdef WITH_DEBUG_LICENSE
2586 WLog_Print(license->log, WLOG_DEBUG, "LicensingEncryptionKey:");
2587 winpr_HexLogDump(license->log, WLOG_DEBUG, license->LicensingEncryptionKey, 16);
2588 WLog_Print(license->log, WLOG_DEBUG, "HardwareId:");
2589 winpr_HexLogDump(license->log, WLOG_DEBUG, license->HardwareId, sizeof(license->HardwareId));
2590 WLog_Print(license->log, WLOG_DEBUG, "EncryptedHardwareId:");
2591 winpr_HexLogDump(license->log, WLOG_DEBUG, license->EncryptedHardwareId->data,
2592 license->EncryptedHardwareId->length);
2593#endif
2594 UINT16 sec_flags = 0;
2595 wStream* s = license_send_stream_init(license, &sec_flags);
2596 if (!s)
2597 return FALSE;
2598
2599 if (license_write_client_platform_challenge_response(license, s))
2600 return license_send(license, s, PLATFORM_CHALLENGE_RESPONSE, sec_flags);
2601
2602 Stream_Release(s);
2603 return FALSE;
2604}
2605
2606BOOL license_read_platform_challenge_response(WINPR_ATTR_UNUSED rdpLicense* license)
2607{
2608 WINPR_ASSERT(license);
2609 WINPR_ASSERT(license->PlatformChallenge);
2610 WINPR_ASSERT(license->MacSaltKey);
2611 WINPR_ASSERT(license->EncryptedPlatformChallenge);
2612 WINPR_ASSERT(license->EncryptedHardwareId);
2613
2614 DEBUG_LICENSE("Receiving Platform Challenge Response Packet");
2615
2616#if defined(WITH_LICENSE_DECRYPT_CHALLENGE_RESPONSE)
2617 BOOL rc = FALSE;
2618 LICENSE_BLOB* dblob = license_new_binary_blob(BB_ANY_BLOB);
2619 if (!dblob)
2620 return FALSE;
2621
2622 wStream sbuffer = { 0 };
2623 UINT16 wVersion = 0;
2624 UINT16 cbChallenge = 0;
2625 const BYTE* pbChallenge = NULL;
2626 LICENSE_BLOB* blob = license->EncryptedPlatformChallengeResponse;
2627
2628 if (!license_rc4_with_licenseKey(license, blob->data, blob->length, dblob))
2629 goto fail;
2630
2631 wStream* s = Stream_StaticConstInit(&sbuffer, dblob->data, dblob->length);
2632 if (!license_check_stream_length(s, 8, "PLATFORM_CHALLENGE_RESPONSE_DATA"))
2633 goto fail;
2634
2635 Stream_Read_UINT16(s, wVersion);
2636 if (wVersion != PLATFORM_CHALLENGE_RESPONSE_VERSION)
2637 {
2638 WLog_Print(license->log, WLOG_WARN,
2639 "Invalid PLATFORM_CHALLENGE_RESPONSE_DATA::wVersion 0x%04" PRIx16
2640 ", expected 0x04" PRIx16,
2641 wVersion, PLATFORM_CHALLENGE_RESPONSE_VERSION);
2642 goto fail;
2643 }
2644 Stream_Read_UINT16(s, license->ClientType);
2645 Stream_Read_UINT16(s, license->LicenseDetailLevel);
2646 Stream_Read_UINT16(s, cbChallenge);
2647
2648 if (!license_check_stream_length(s, cbChallenge,
2649 "PLATFORM_CHALLENGE_RESPONSE_DATA::pbChallenge"))
2650 goto fail;
2651
2652 pbChallenge = Stream_Pointer(s);
2653 if (!license_read_binary_blob_data(license->PlatformChallengeResponse, BB_DATA_BLOB,
2654 pbChallenge, cbChallenge))
2655 goto fail;
2656 if (!Stream_SafeSeek(s, cbChallenge))
2657 goto fail;
2658
2659 rc = TRUE;
2660fail:
2661 license_free_binary_blob(dblob);
2662 return rc;
2663#else
2664 return TRUE;
2665#endif
2666}
2667
2668BOOL license_write_client_platform_challenge_response(rdpLicense* license, wStream* s)
2669{
2670 WINPR_ASSERT(license);
2671
2672 if (!license_write_binary_blob(s, license->EncryptedPlatformChallengeResponse))
2673 return FALSE;
2674 if (!license_write_binary_blob(s, license->EncryptedHardwareId))
2675 return FALSE;
2676 if (!license_check_stream_capacity(license->log, s, sizeof(license->MACData),
2677 "CLIENT_PLATFORM_CHALLENGE_RESPONSE::MACData"))
2678 return FALSE;
2679 Stream_Write(s, license->MACData, sizeof(license->MACData));
2680 return TRUE;
2681}
2682
2683BOOL license_read_client_platform_challenge_response(rdpLicense* license, wStream* s)
2684{
2685 WINPR_ASSERT(license);
2686
2687 if (!license_read_binary_blob(license->log, s, license->EncryptedPlatformChallengeResponse))
2688 return FALSE;
2689 if (!license_read_binary_blob(license->log, s, license->EncryptedHardwareId))
2690 return FALSE;
2691 if (!license_check_stream_length(license->log, s, sizeof(license->MACData),
2692 "CLIENT_PLATFORM_CHALLENGE_RESPONSE::MACData"))
2693 return FALSE;
2694 Stream_Read(s, license->MACData, sizeof(license->MACData));
2695 return license_read_platform_challenge_response(license);
2696}
2697
2707BOOL license_send_valid_client_error_packet(rdpRdp* rdp)
2708{
2709 WINPR_ASSERT(rdp);
2710 rdpLicense* license = rdp->license;
2711 WINPR_ASSERT(license);
2712
2713 license->state = LICENSE_STATE_COMPLETED;
2714 license->type = LICENSE_TYPE_NONE;
2715 return license_send_error_alert(license, STATUS_VALID_CLIENT, ST_NO_TRANSITION,
2716 license->ErrorInfo);
2717}
2718
2725rdpLicense* license_new(rdpRdp* rdp)
2726{
2727 WINPR_ASSERT(rdp);
2728
2729 rdpLicense* license = (rdpLicense*)calloc(1, sizeof(rdpLicense));
2730 if (!license)
2731 return NULL;
2732 license->log = WLog_Get(LICENSE_TAG);
2733 WINPR_ASSERT(license->log);
2734
2735 license->PlatformId = PLATFORMID;
2736 license->ClientType = OTHER_PLATFORM_CHALLENGE_TYPE;
2737 license->LicenseDetailLevel = LICENSE_DETAIL_DETAIL;
2738 license->PreferredKeyExchangeAlg = KEY_EXCHANGE_ALG_RSA;
2739 license->rdp = rdp;
2740
2741 license_set_state(license, LICENSE_STATE_INITIAL);
2742 if (!(license->certificate = freerdp_certificate_new()))
2743 goto out_error;
2744 if (!(license->ProductInfo = license_new_product_info()))
2745 goto out_error;
2746 if (!(license->ErrorInfo = license_new_binary_blob(BB_ERROR_BLOB)))
2747 goto out_error;
2748 if (!(license->LicenseInfo = license_new_binary_blob(BB_DATA_BLOB)))
2749 goto out_error;
2750 if (!(license->KeyExchangeList = license_new_binary_blob(BB_KEY_EXCHG_ALG_BLOB)))
2751 goto out_error;
2752 if (!(license->ServerCertificate = license_new_binary_blob(BB_CERTIFICATE_BLOB)))
2753 goto out_error;
2754 if (!(license->ClientUserName = license_new_binary_blob(BB_CLIENT_USER_NAME_BLOB)))
2755 goto out_error;
2756 if (!(license->ClientMachineName = license_new_binary_blob(BB_CLIENT_MACHINE_NAME_BLOB)))
2757 goto out_error;
2758 if (!(license->PlatformChallenge = license_new_binary_blob(BB_ANY_BLOB)))
2759 goto out_error;
2760 if (!(license->PlatformChallengeResponse = license_new_binary_blob(BB_ANY_BLOB)))
2761 goto out_error;
2762 if (!(license->EncryptedPlatformChallenge = license_new_binary_blob(BB_ANY_BLOB)))
2763 goto out_error;
2764 if (!(license->EncryptedPlatformChallengeResponse =
2765 license_new_binary_blob(BB_ENCRYPTED_DATA_BLOB)))
2766 goto out_error;
2767 if (!(license->EncryptedPremasterSecret = license_new_binary_blob(BB_ANY_BLOB)))
2768 goto out_error;
2769 if (!(license->EncryptedHardwareId = license_new_binary_blob(BB_ENCRYPTED_DATA_BLOB)))
2770 goto out_error;
2771 if (!(license->EncryptedLicenseInfo = license_new_binary_blob(BB_ENCRYPTED_DATA_BLOB)))
2772 goto out_error;
2773 if (!(license->ScopeList = license_new_scope_list()))
2774 goto out_error;
2775
2776 license_generate_randoms(license);
2777
2778 return license;
2779
2780out_error:
2781 WINPR_PRAGMA_DIAG_PUSH
2782 WINPR_PRAGMA_DIAG_IGNORED_MISMATCHED_DEALLOC
2783 license_free(license);
2784 WINPR_PRAGMA_DIAG_POP
2785 return NULL;
2786}
2787
2793void license_free(rdpLicense* license)
2794{
2795 if (license)
2796 {
2797 freerdp_certificate_free(license->certificate);
2798 license_free_product_info(license->ProductInfo);
2799 license_free_binary_blob(license->ErrorInfo);
2800 license_free_binary_blob(license->LicenseInfo);
2801 license_free_binary_blob(license->KeyExchangeList);
2802 license_free_binary_blob(license->ServerCertificate);
2803 license_free_binary_blob(license->ClientUserName);
2804 license_free_binary_blob(license->ClientMachineName);
2805 license_free_binary_blob(license->PlatformChallenge);
2806 license_free_binary_blob(license->PlatformChallengeResponse);
2807 license_free_binary_blob(license->EncryptedPlatformChallenge);
2808 license_free_binary_blob(license->EncryptedPlatformChallengeResponse);
2809 license_free_binary_blob(license->EncryptedPremasterSecret);
2810 license_free_binary_blob(license->EncryptedHardwareId);
2811 license_free_binary_blob(license->EncryptedLicenseInfo);
2812 license_free_scope_list(license->ScopeList);
2813 free(license);
2814 }
2815}
2816
2817LICENSE_STATE license_get_state(const rdpLicense* license)
2818{
2819 WINPR_ASSERT(license);
2820 return license->state;
2821}
2822
2823LICENSE_TYPE license_get_type(const rdpLicense* license)
2824{
2825 WINPR_ASSERT(license);
2826 return license->type;
2827}
2828
2829BOOL license_set_state(rdpLicense* license, LICENSE_STATE state)
2830{
2831 WINPR_ASSERT(license);
2832 license->state = state;
2833 switch (state)
2834 {
2835 case LICENSE_STATE_COMPLETED:
2836 break;
2837 case LICENSE_STATE_ABORTED:
2838 default:
2839 license->type = LICENSE_TYPE_INVALID;
2840 break;
2841 }
2842
2843 return TRUE;
2844}
2845
2846const char* license_get_state_string(LICENSE_STATE state)
2847{
2848 switch (state)
2849 {
2850 case LICENSE_STATE_INITIAL:
2851 return "LICENSE_STATE_INITIAL";
2852 case LICENSE_STATE_CONFIGURED:
2853 return "LICENSE_STATE_CONFIGURED";
2854 case LICENSE_STATE_REQUEST:
2855 return "LICENSE_STATE_REQUEST";
2856 case LICENSE_STATE_NEW_REQUEST:
2857 return "LICENSE_STATE_NEW_REQUEST";
2858 case LICENSE_STATE_PLATFORM_CHALLENGE:
2859 return "LICENSE_STATE_PLATFORM_CHALLENGE";
2860 case LICENSE_STATE_PLATFORM_CHALLENGE_RESPONSE:
2861 return "LICENSE_STATE_PLATFORM_CHALLENGE_RESPONSE";
2862 case LICENSE_STATE_COMPLETED:
2863 return "LICENSE_STATE_COMPLETED";
2864 case LICENSE_STATE_ABORTED:
2865 return "LICENSE_STATE_ABORTED";
2866 default:
2867 return "LICENSE_STATE_UNKNOWN";
2868 }
2869}
2870
2871BOOL license_server_send_request(rdpLicense* license)
2872{
2873 if (!license_ensure_state(license, LICENSE_STATE_CONFIGURED, LICENSE_REQUEST))
2874 return FALSE;
2875 if (!license_send_license_request_packet(license))
2876 return FALSE;
2877 return license_set_state(license, LICENSE_STATE_REQUEST);
2878}
2879
2880static BOOL license_set_string(wLog* log, const char* what, const char* value, BYTE** bdst,
2881 UINT32* dstLen)
2882{
2883 WINPR_ASSERT(what);
2884 WINPR_ASSERT(value);
2885 WINPR_ASSERT(bdst);
2886 WINPR_ASSERT(dstLen);
2887
2888 union
2889 {
2890 WCHAR** w;
2891 BYTE** b;
2892 } cnv;
2893 cnv.b = bdst;
2894
2895 size_t len = 0;
2896 *cnv.w = ConvertUtf8ToWCharAlloc(value, &len);
2897 if (!*cnv.w || (len > UINT32_MAX / sizeof(WCHAR)))
2898 {
2899 WLog_Print(log, WLOG_ERROR, "license->ProductInfo: %s == %p || %" PRIu32 " > UINT32_MAX",
2900 what, *cnv.w, len);
2901 return FALSE;
2902 }
2903 *dstLen = (UINT32)(len * sizeof(WCHAR));
2904 return TRUE;
2905}
2906
2907BOOL license_server_configure(rdpLicense* license)
2908{
2909 wStream* s = NULL;
2910 UINT32 algs[] = { KEY_EXCHANGE_ALG_RSA };
2911
2912 WINPR_ASSERT(license);
2913 WINPR_ASSERT(license->rdp);
2914
2915 const rdpSettings* settings = license->rdp->settings;
2916
2917 const char* CompanyName =
2918 freerdp_settings_get_string(settings, FreeRDP_ServerLicenseCompanyName);
2919
2920 const char* ProductName =
2921 freerdp_settings_get_string(settings, FreeRDP_ServerLicenseProductName);
2922 const UINT32 ProductVersion =
2923 freerdp_settings_get_uint32(settings, FreeRDP_ServerLicenseProductVersion);
2924 const UINT32 issuerCount =
2925 freerdp_settings_get_uint32(settings, FreeRDP_ServerLicenseProductIssuersCount);
2926
2927 const void* ptr = freerdp_settings_get_pointer(settings, FreeRDP_ServerLicenseProductIssuers);
2928 const char** issuers = WINPR_REINTERPRET_CAST(ptr, const void*, const char**);
2929
2930 WINPR_ASSERT(CompanyName);
2931 WINPR_ASSERT(ProductName);
2932 WINPR_ASSERT(ProductVersion > 0);
2933 WINPR_ASSERT(issuers || (issuerCount == 0));
2934
2935 if (!license_ensure_state(license, LICENSE_STATE_INITIAL, LICENSE_REQUEST))
2936 return FALSE;
2937
2938 license->ProductInfo->dwVersion = ProductVersion;
2939 if (!license_set_string(license->log, "pbCompanyName", CompanyName,
2940 &license->ProductInfo->pbCompanyName,
2941 &license->ProductInfo->cbCompanyName))
2942 return FALSE;
2943
2944 if (!license_set_string(license->log, "pbProductId", ProductName,
2945 &license->ProductInfo->pbProductId, &license->ProductInfo->cbProductId))
2946 return FALSE;
2947
2948 if (!license_read_binary_blob_data(license->log, license->KeyExchangeList,
2949 BB_KEY_EXCHG_ALG_BLOB, algs, sizeof(algs)))
2950 return FALSE;
2951
2952 if (!freerdp_certificate_read_server_cert(license->certificate, settings->ServerCertificate,
2953 settings->ServerCertificateLength))
2954 return FALSE;
2955
2956 s = Stream_New(NULL, 1024);
2957 if (!s)
2958 return FALSE;
2959 else
2960 {
2961 BOOL r = FALSE;
2962 SSIZE_T res =
2963 freerdp_certificate_write_server_cert(license->certificate, CERT_CHAIN_VERSION_2, s);
2964 if (res >= 0)
2965 r = license_read_binary_blob_data(license->log, license->ServerCertificate,
2966 BB_CERTIFICATE_BLOB, Stream_Buffer(s),
2967 Stream_GetPosition(s));
2968
2969 Stream_Free(s, TRUE);
2970 if (!r)
2971 return FALSE;
2972 }
2973
2974 if (!license_scope_list_resize(license->ScopeList, issuerCount))
2975 return FALSE;
2976 for (size_t x = 0; x < issuerCount; x++)
2977 {
2978 LICENSE_BLOB* blob = license->ScopeList->array[x];
2979 const char* name = issuers[x];
2980 const size_t length = strnlen(name, UINT16_MAX) + 1;
2981 if ((length == 0) || (length > UINT16_MAX))
2982 {
2983 WLog_Print(license->log, WLOG_WARN,
2984 "%s: Invalid issuer at position %" PRIuz ": length 0 < %" PRIuz
2985 " <= %" PRIu16 " ['%s']",
2986 x, length, UINT16_MAX, name);
2987 return FALSE;
2988 }
2989 if (!license_read_binary_blob_data(license->log, blob, BB_SCOPE_BLOB, name, length))
2990 return FALSE;
2991 }
2992
2993 return license_set_state(license, LICENSE_STATE_CONFIGURED);
2994}
2995
2996rdpLicense* license_get(rdpContext* context)
2997{
2998 WINPR_ASSERT(context);
2999 WINPR_ASSERT(context->rdp);
3000 return context->rdp->license;
3001}
freerdp_settings_get_uint32
FREERDP_API UINT32 freerdp_settings_get_uint32(const rdpSettings *settings, FreeRDP_Settings_Keys_UInt32 id)
Returns a UINT32 settings value.
freerdp_settings_get_bool
FREERDP_API BOOL freerdp_settings_get_bool(const rdpSettings *settings, FreeRDP_Settings_Keys_Bool id)
Returns a boolean settings value.
freerdp_settings_get_pointer
FREERDP_API const void * freerdp_settings_get_pointer(const rdpSettings *settings, FreeRDP_Settings_Keys_Pointer id)
Returns a immutable pointer settings value.
Definition common/settings.c:1332
freerdp_settings_get_string
FREERDP_API const char * freerdp_settings_get_string(const rdpSettings *settings, FreeRDP_Settings_Keys_String id)
Returns a immutable string settings value.
LICENSE_BLOB
Definition libfreerdp/core/license.h:47
LICENSE_PRODUCT_INFO
Definition libfreerdp/core/license.h:38
SCOPE_LIST
Definition libfreerdp/core/license.h:54