credssp: work in progress

author: speidy <speidy@gmail.com> 2016-04-14 00:35:55 +0300
committer: speidy <speidy@gmail.com> 2016-04-14 00:35:55 +0300
commit: 575c06297bd8385d323344fe1425daafe7346cf7 (patch)
tree: cb48bb8c98d3f538b6b306500f8b37169f346233
parent: c9759d682d097d886d6f0a9f3ceddf3b490cb0b7 (diff)
3 files changed, 27 insertions, 32 deletions
diff --git a/libfreerdp-core/ber.c b/libfreerdp-core/ber.c
index ea03135..6b83e6b 100644
--- a/libfreerdp-core/ber.c
+++ b/libfreerdp-core/ber.c
@@ -42,8 +42,7 @@ int ber_read_length(STREAM* s, int* length)
 		{
 			stream_read_uint8(s, *length);
 		}
-
-		if (byte == 2)
+		else if (byte == 2)
 		{
 			stream_read_uint16_be(s, *length);
 		}
@@ -77,7 +76,7 @@ int ber_write_length(STREAM* s, int length)
 	if (length > 0x7F)
 	{
 		stream_write_uint8(s, 0x80 ^ 1);
-		stream_write_uint16_be(s, length);
+		stream_write_uint8(s, length);
 		return 2;
 	}
 	stream_write_uint8(s, length);
@@ -93,13 +92,13 @@ int _ber_sizeof_length(int length)
 	return 1;
 }
 
-int ber_get_content_length(int length)
-{
-	if (length - 1 > 0x7F)
-		return length - 4;
-	else
-		return length - 2;
-}
+//int ber_get_content_length(int length)
+//{
+//	if (length - 1 > 0x7F)
+//		return length - 4;
+//	else
+//		return length - 2;
+//}
 
 /**
  * Read BER Universal tag.
@@ -349,9 +348,7 @@ int ber_write_octet_string(STREAM* s, const uint8* oct_str, int length)
 
 	size += ber_write_universal_tag(s, BER_TAG_OCTET_STRING, false);
 	size += ber_write_length(s, length);
-
 	stream_write(s, oct_str, length);
-
 	size += length;
 	return size;
 
@@ -476,22 +473,24 @@ tbool ber_read_integer(STREAM* s, uint32* value)
 
 int ber_write_integer(STREAM* s, uint32 value)
 {
-	ber_write_universal_tag(s, BER_TAG_INTEGER, false);
 
 	if (value < 0x80)
 	{
+		ber_write_universal_tag(s, BER_TAG_INTEGER, false);
 		ber_write_length(s, 1);
 		stream_write_uint8(s, value);
 		return 3;
 	}
 	else if (value < 0x8000)
 	{
+		ber_write_universal_tag(s, BER_TAG_INTEGER, false);
 		ber_write_length(s, 2);
 		stream_write_uint16_be(s, value);
 		return 4;
 	}
 	else if (value < 0x800000)
 	{
+		ber_write_universal_tag(s, BER_TAG_INTEGER, false);
 		ber_write_length(s, 3);
 		stream_write_uint8(s, (value >> 16));
 		stream_write_uint16_be(s, (value & 0xFFFF));
@@ -499,6 +498,7 @@ int ber_write_integer(STREAM* s, uint32 value)
 	}
 	else if (value < 0x80000000)
 	{
+		ber_write_universal_tag(s, BER_TAG_INTEGER, false);
 		ber_write_length(s, 4);
 		stream_write_uint32_be(s, value);
 		return 6;
diff --git a/libfreerdp-core/credssp.c b/libfreerdp-core/credssp.c
index 913c527..d74f3f5 100644
--- a/libfreerdp-core/credssp.c
+++ b/libfreerdp-core/credssp.c
@@ -332,22 +332,11 @@ void credssp_encrypt_ts_credentials(rdpCredssp* credssp, rdpBlob* d)
 
 int credssp_sizeof_ts_password_creds(rdpCredssp* credssp)
 {
-	int length;
-	int ts_password_creds_length = 0;
+	int length = 0;
 
-	length = ber_sizeof_octet_string(credssp->ntlmssp->domain.length * 2);
-	length += ber_sizeof_contextual_tag(length);
-	ts_password_creds_length += length;
-
-	length = ber_sizeof_octet_string(credssp->ntlmssp->username.length * 2);
-	length += ber_sizeof_contextual_tag(length);
-	ts_password_creds_length += length;
-
-	length = ber_sizeof_octet_string(credssp->ntlmssp->password.length * 2);
-	length += ber_sizeof_contextual_tag(length);
-	ts_password_creds_length += length;
-
-	length = ber_sizeof_sequence(ts_password_creds_length);
+	length += ber_sizeof_sequence_octet_string(credssp->ntlmssp->domain.length * 2);
+	length += ber_sizeof_sequence_octet_string(credssp->ntlmssp->username.length * 2);
+	length += ber_sizeof_sequence_octet_string(credssp->ntlmssp->password.length * 2);
 
 	return length;
 }
@@ -509,7 +498,7 @@ void credssp_send(rdpCredssp* credssp, rdpBlob* negoToken, rdpBlob* authInfo, rd
 		length -= ber_write_contextual_tag(s, 1, ber_sizeof_sequence(ber_sizeof_sequence(ber_sizeof_sequence_octet_string(credssp->negoToken.length))), true); /* NegoData */
 		length -= ber_write_sequence_tag(s, ber_sizeof_sequence(ber_sizeof_sequence_octet_string(credssp->negoToken.length))); /* SEQUENCE OF NegoDataItem */
 		length -= ber_write_sequence_tag(s, ber_sizeof_sequence_octet_string(credssp->negoToken.length)); /* NegoDataItem */
-		length -= ber_write_octet_string(s, negoToken->data, negoToken->length); /* OCTET STRING */
+		length -= ber_write_sequence_octet_string(s, 0, negoToken->data, negoToken->length); /* OCTET STRING */
 	}
 
 	/* [2] authInfo (OCTET STRING) */
@@ -549,6 +538,7 @@ int credssp_recv(rdpCredssp* credssp, rdpBlob* negoToken, rdpBlob* authInfo, rdp
 	s = stream_new(2048);
 	status = tls_read(credssp->tls, s->data, stream_get_left(s));
 
+
 	if (status < 0)
 		return -1;
 
@@ -558,12 +548,13 @@ int credssp_recv(rdpCredssp* credssp, rdpBlob* negoToken, rdpBlob* authInfo, rdp
 	ber_read_integer(s, &version);
 
 	/* [1] negoTokens (NegoData) */
+
 	if (ber_read_contextual_tag(s, 1, &length, true) != false)
 	{
 		ber_read_sequence_tag(s, &length); /* SEQUENCE OF NegoDataItem */
 		ber_read_sequence_tag(s, &length); /* NegoDataItem */
 		ber_read_contextual_tag(s, 0, &length, true); /* [0] negoToken */
-		ber_read_octet_string(s, &length); /* OCTET STRING */
+		ber_read_octet_string_tag(s, &length); /* OCTET STRING */
 		freerdp_blob_alloc(negoToken, length);
 		stream_read(s, negoToken->data, length);
 	}
@@ -571,7 +562,7 @@ int credssp_recv(rdpCredssp* credssp, rdpBlob* negoToken, rdpBlob* authInfo, rdp
 	/* [2] authInfo (OCTET STRING) */
 	if (ber_read_contextual_tag(s, 2, &length, true) != false)
 	{
-		ber_read_octet_string(s, &length); /* OCTET STRING */
+		ber_read_octet_string_tag(s, &length); /* OCTET STRING */
 		freerdp_blob_alloc(authInfo, length);
 		stream_read(s, authInfo->data, length);
 	}
@@ -579,7 +570,7 @@ int credssp_recv(rdpCredssp* credssp, rdpBlob* negoToken, rdpBlob* authInfo, rdp
 	/* [3] pubKeyAuth (OCTET STRING) */
 	if (ber_read_contextual_tag(s, 3, &length, true) != false)
 	{
-		ber_read_octet_string(s, &length); /* OCTET STRING */
+		ber_read_octet_string_tag(s, &length); /* OCTET STRING */
 		freerdp_blob_alloc(pubKeyAuth, length);
 		stream_read(s, pubKeyAuth->data, length);
 	}
diff --git a/libfreerdp-core/ntlmssp.c b/libfreerdp-core/ntlmssp.c
index 0069cb4..8c92913 100644
--- a/libfreerdp-core/ntlmssp.c
+++ b/libfreerdp-core/ntlmssp.c
@@ -1198,8 +1198,10 @@ void ntlmssp_encrypt_message(NTLMSSP* ntlmssp, rdpBlob* msg, rdpBlob* encrypted_
 		/* Allocate space for encrypted message */
 		freerdp_blob_alloc(encrypted_msg, msg->length);
 
+		printf("rc4 %d % d %d %d\n", ntlmssp->send_rc4_seal, msg->length, msg->data, encrypted_msg->data);
 		/* Encrypt message using with RC4 */
 		crypto_rc4(ntlmssp->send_rc4_seal, msg->length, msg->data, encrypted_msg->data);
+		printf("rc4 done\n");
 	}
 
 	/* RC4-encrypt first 8 bytes of digest */
@@ -1816,7 +1818,9 @@ int ntlmssp_recv(NTLMSSP* ntlmssp, STREAM* s)
 	stream_read_uint32(s, messageType);
 
 	if (messageType == 2 && ntlmssp->state == NTLMSSP_STATE_CHALLENGE)
+	{
 		ntlmssp_recv_challenge_message(ntlmssp, s);
+	}
 
 	return 1;
 }
author	speidy <speidy@gmail.com>	2016-04-14 00:35:55 +0300
committer	speidy <speidy@gmail.com>	2016-04-14 00:35:55 +0300
commit	575c06297bd8385d323344fe1425daafe7346cf7 (patch)
tree	cb48bb8c98d3f538b6b306500f8b37169f346233
parent	c9759d682d097d886d6f0a9f3ceddf3b490cb0b7 (diff)