morgan/FreeRDP
1
0
Fork 0
mirror of https://github.com/morgan9e/FreeRDP synced 2026-04-15 08:54:38 +09:00
Code Issues Packages Projects Releases Wiki Activity

Lock remaining occurances of security_encrypt/security_decrypt variables

Browse Source
This commit is contained in:
akallabeth
2020-05-29 09:30:25 +02:00
committed by akallabeth
parent a381dd1a27
commit 6490106600
1 changed files with 10 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
libfreerdp/core/security.c
View File

@@ -394,6 +394,8 @@ BOOL security_salted_mac_signature(rdpRdp* rdp, const BYTE* data, UINT32 length,
BYTE md5_digest[WINPR_MD5_DIGEST_LENGTH];
BYTE sha1_digest[WINPR_SHA1_DIGEST_LENGTH];
BOOL result = FALSE;
EnterCriticalSection(&rdp->critical);
security_UINT32_le(length_le, length); /* length must be little-endian */
if (encryption)
@@ -456,6 +458,7 @@ BOOL security_salted_mac_signature(rdpRdp* rdp, const BYTE* data, UINT32 length,
memcpy(output, md5_digest, 8);
result = TRUE;
out:
LeaveCriticalSection(&rdp->critical);
winpr_Digest_Free(sha1);
winpr_Digest_Free(md5);
return result;
@@ -636,12 +639,14 @@ BOOL security_establish_keys(const BYTE* client_random, rdpRdp* rdp)
rdp->rc4_key_len = 16;
}
EnterCriticalSection(&rdp->critical);
memcpy(rdp->decrypt_update_key, rdp->decrypt_key, 16);
memcpy(rdp->encrypt_update_key, rdp->encrypt_key, 16);
rdp->decrypt_use_count = 0;
rdp->decrypt_checksum_use_count = 0;
rdp->encrypt_use_count = 0;
rdp->encrypt_checksum_use_count = 0;
LeaveCriticalSection(&rdp->critical);
return TRUE;
}
@@ -777,7 +782,9 @@ BOOL security_hmac_signature(const BYTE* data, size_t length, BYTE* output, rdpR
BYTE use_count_le[4];
WINPR_HMAC_CTX* hmac;
BOOL result = FALSE;
EnterCriticalSection(&rdp->critical);
security_UINT32_le(use_count_le, rdp->encrypt_use_count);
LeaveCriticalSection(&rdp->critical);
if (!(hmac = winpr_HMAC_New()))
return FALSE;
@@ -836,7 +843,9 @@ BOOL security_fips_check_signature(const BYTE* data, size_t length, const BYTE*
BYTE use_count_le[4];
WINPR_HMAC_CTX* hmac;
BOOL result = FALSE;
security_UINT32_le(use_count_le, rdp->decrypt_use_count);
EnterCriticalSection(&rdp->critical);
security_UINT32_le(use_count_le, rdp->decrypt_use_count++);
LeaveCriticalSection(&rdp->critical);
if (!(hmac = winpr_HMAC_New()))
return FALSE;
@@ -853,8 +862,6 @@ BOOL security_fips_check_signature(const BYTE* data, size_t length, const BYTE*
if (!winpr_HMAC_Final(hmac, buf, WINPR_SHA1_DIGEST_LENGTH))
goto out;
rdp->decrypt_use_count++;
if (!memcmp(sig, buf, 8))
result = TRUE;