191
void crypto_rsa_encrypt(const uint8* input, int length, uint32 key_length, const uint8* modulus, const uint8* exponent, uint8* output)
193
* Terminal Services Signing Keys.
194
* Yes, Terminal Services Private Key is publicly available.
197
const uint8 tssk_modulus[] =
199
0x3d, 0x3a, 0x5e, 0xbd, 0x72, 0x43, 0x3e, 0xc9,
200
0x4d, 0xbb, 0xc1, 0x1e, 0x4a, 0xba, 0x5f, 0xcb,
201
0x3e, 0x88, 0x20, 0x87, 0xef, 0xf5, 0xc1, 0xe2,
202
0xd7, 0xb7, 0x6b, 0x9a, 0xf2, 0x52, 0x45, 0x95,
203
0xce, 0x63, 0x65, 0x6b, 0x58, 0x3a, 0xfe, 0xef,
204
0x7c, 0xe7, 0xbf, 0xfe, 0x3d, 0xf6, 0x5c, 0x7d,
205
0x6c, 0x5e, 0x06, 0x09, 0x1a, 0xf5, 0x61, 0xbb,
206
0x20, 0x93, 0x09, 0x5f, 0x05, 0x6d, 0xea, 0x87
209
const uint8 tssk_privateExponent[] =
211
0x87, 0xa7, 0x19, 0x32, 0xda, 0x11, 0x87, 0x55,
212
0x58, 0x00, 0x16, 0x16, 0x25, 0x65, 0x68, 0xf8,
213
0x24, 0x3e, 0xe6, 0xfa, 0xe9, 0x67, 0x49, 0x94,
214
0xcf, 0x92, 0xcc, 0x33, 0x99, 0xe8, 0x08, 0x60,
215
0x17, 0x9a, 0x12, 0x9f, 0x24, 0xdd, 0xb1, 0x24,
216
0x99, 0xc7, 0x3a, 0xb8, 0x0a, 0x7b, 0x0d, 0xdd,
217
0x35, 0x07, 0x79, 0x17, 0x0b, 0x51, 0x9b, 0xb3,
218
0xc7, 0x10, 0x01, 0x13, 0xe7, 0x3f, 0xf3, 0x5f
221
const uint8 tssk_exponent[] =
223
0x5b, 0x7b, 0x88, 0xc0
226
static void crypto_rsa_common(const uint8* input, int length, uint32 key_length, const uint8* modulus, const uint8* exponent, int exponent_size, uint8* output)
194
229
int output_length;
197
232
uint8* exponent_reverse;
198
233
BIGNUM mod, exp, x, y;
200
input_reverse = (uint8*) xmalloc(2 * MODULUS_MAX_SIZE + EXPONENT_MAX_SIZE);
201
modulus_reverse = input_reverse + MODULUS_MAX_SIZE;
202
exponent_reverse = modulus_reverse + MODULUS_MAX_SIZE;
235
input_reverse = (uint8*) xmalloc(2 * key_length + exponent_size);
236
modulus_reverse = input_reverse + key_length;
237
exponent_reverse = modulus_reverse + key_length;
204
239
memcpy(modulus_reverse, modulus, key_length);
205
240
crypto_reverse(modulus_reverse, key_length);
206
memcpy(exponent_reverse, exponent, EXPONENT_MAX_SIZE);
207
crypto_reverse(exponent_reverse, EXPONENT_MAX_SIZE);
241
memcpy(exponent_reverse, exponent, exponent_size);
242
crypto_reverse(exponent_reverse, exponent_size);
208
243
memcpy(input_reverse, input, length);
209
244
crypto_reverse(input_reverse, length);
233
268
xfree(input_reverse);
271
static void crypto_rsa_public(const uint8* input, int length, uint32 key_length, const uint8* modulus, const uint8* exponent, uint8* output)
273
crypto_rsa_common(input, length, key_length, modulus, exponent, EXPONENT_MAX_SIZE, output);
276
static void crypto_rsa_private(const uint8* input, int length, uint32 key_length, const uint8* modulus, const uint8* private_exponent, uint8* output)
279
crypto_rsa_common(input, length, key_length, modulus, private_exponent, key_length, output);
282
void crypto_rsa_public_encrypt(const uint8* input, int length, uint32 key_length, const uint8* modulus, const uint8* exponent, uint8* output)
285
crypto_rsa_public(input, length, key_length, modulus, exponent, output);
288
void crypto_rsa_public_decrypt(const uint8* input, int length, uint32 key_length, const uint8* modulus, const uint8* exponent, uint8* output)
291
crypto_rsa_public(input, length, key_length, modulus, exponent, output);
294
void crypto_rsa_private_encrypt(const uint8* input, int length, uint32 key_length, const uint8* modulus, const uint8* private_exponent, uint8* output)
297
crypto_rsa_private(input, length, key_length, modulus, private_exponent, output);
300
void crypto_rsa_private_decrypt(const uint8* input, int length, uint32 key_length, const uint8* modulus, const uint8* private_exponent, uint8* output)
303
crypto_rsa_private(input, length, key_length, modulus, private_exponent, output);
306
void crypto_rsa_decrypt(const uint8* input, int length, uint32 key_length, const uint8* modulus, const uint8* private_exponent, uint8* output)
309
crypto_rsa_common(input, length, key_length, modulus, private_exponent, key_length, output);
236
312
void crypto_reverse(uint8* data, int length)
297
373
return crypto_print_name(X509_get_subject_name(xcert));
376
char* crypto_cert_subject_common_name(X509* xcert, int* length)
380
X509_NAME* subject_name;
381
X509_NAME_ENTRY* entry;
382
ASN1_STRING* entry_data;
384
subject_name = X509_get_subject_name(xcert);
386
if (subject_name == NULL)
389
index = X509_NAME_get_index_by_NID(subject_name, NID_commonName, -1);
394
entry = X509_NAME_get_entry(subject_name, index);
399
entry_data = X509_NAME_ENTRY_get_data(entry);
401
if (entry_data == NULL)
404
*length = ASN1_STRING_to_UTF8(&common_name, entry_data);
409
return (char*) common_name;
412
char** crypto_cert_subject_alt_name(X509* xcert, int* count, int** lengths)
418
int num_subject_alt_names;
419
GENERAL_NAMES* subject_alt_names;
420
GENERAL_NAME* subject_alt_name;
423
subject_alt_names = X509_get_ext_d2i(xcert, NID_subject_alt_name, 0, 0);
425
if (!subject_alt_names)
428
num_subject_alt_names = sk_GENERAL_NAME_num(subject_alt_names);
429
strings = (char**) malloc(sizeof(char*) * num_subject_alt_names);
430
*lengths = (int*) malloc(sizeof(int*) * num_subject_alt_names);
432
for (index = 0; index < num_subject_alt_names; ++index)
434
subject_alt_name = sk_GENERAL_NAME_value(subject_alt_names, index);
436
if (subject_alt_name->type == GEN_DNS)
438
length = ASN1_STRING_to_UTF8(&string, subject_alt_name->d.dNSName);
439
strings[*count] = (char*) string;
440
*lengths[*count] = length;
300
451
char* crypto_cert_issuer(X509* xcert)
302
453
return crypto_print_name(X509_get_issuer_name(xcert));
305
boolean x509_verify_cert(CryptoCert cert, rdpSettings* settings)
456
boolean x509_verify_certificate(CryptoCert cert, char* certificate_store_path)
308
458
X509_STORE_CTX* csc;
309
459
boolean status = false;
310
460
X509_STORE* cert_ctx = NULL;