From: Ranjan Vishwarupe <ranjanv@cy...>  20020604 10:50:32
Attachments:
Message as HTML

Has anybody tried doing RDP 5.0? I am trying with the same, but I am unable to parse/process the modulus = and exponent of the public key. Can somebody help me with this? thanks and regards, Ranjan 
From: Matt Chapman <matthewc@cs...>  20020604 13:33:08

I had a look at the MCSConnect data blobs in RDP5... here's my interpretation: http://www.cse.unsw.edu.au/~matthewc/rdesktop/rdp5mcsconnectann.txt and there's a few other decodes in the same directory: http://www.cse.unsw.edu.au/~matthewc/rdesktop/ The major difference from RDP4 seems to be that the server sends two X.509 certificates instead of a raw public key structure. The first one is a CA certificate; presumably it's the second one that's we actually use to encrypt stuff. Let me know if you make some progress on this. Matt On Tue, Jun 04, 2002 at 04:20:57PM +0530, Ranjan Vishwarupe wrote: > Has anybody tried doing RDP 5.0? > I am trying with the same, but I am unable to parse/process the modulus and exponent of the public key. Can somebody help me with this? > > thanks and regards, > Ranjan 
From: Ranjan Vishwarupe <ranjanv@cy...>  20020604 16:45:12

Hi Matt, Your findings seem to be accurate. I am also unable to load the RSA public key from the second certificate which seems to be the important one. Besides, I could not figure out, how to separate modulus from exponent. Where can I find what length is for mod and what for exp? Also I am getting 74 bytes given below. What should be modulus and exponent in the below public key? 30 48 02 41 00 bf 7c 73 53 c5 15 f6 4c 95 9b ba f1 36 bc 73 05 d2 d4 c6 d2 71 ad 7d 94 4b 2d 94 b8 d7 6d 24 29 94 d2 2d 04 ec 49 0b 8a 73 17 09 8e f7 4a 03 87 6e c3 b2 92 f6 4d 85 e8 c4 70 37 a5 50 a0 28 f3 02 03 01 00 01 Tried with hardcoding the values. Exponent as 0x10001 Modulus as 7c 73 53 c5 15 f6 4c 95 9b ba f1 36 bc 73 05 d2 d4 c6 d2 71 ad 7d 94 4b 2d 94 b8 d7 6d 24 29 94 d2 2d 04 ec 49 0b 8a 73 17 09 8e f7 4a 03 87 6e c3 b2 92 f6 4d 85 e8 c4 70 37 a5 50 a0 28 f3 02 and also as bf 7c 73 53 c5 15 f6 4c 95 9b ba f1 36 bc 73 05 d2 d4 c6 d2 71 ad 7d 94 4b 2d 94 b8 d7 6d 24 29 94 d2 2d 04 ec 49 0b 8a 73 17 09 8e f7 4a 03 87 6e c3 b2 92 f6 4d 85 e8 c4 70 37 a5 50 a0 28 f3 (this seem to be the right one) But my connection gets dropped. Should there be any other processing done on this data? Would you be able to help me with this? regards, Ranjan  Original Message  From: "Matt Chapman" <matthewc@...> To: "Ranjan Vishwarupe" <ranjanv@...> Cc: <rdesktopdevel@...> Sent: Tuesday, June 04, 2002 7:02 PM Subject: Re: [rdesktopdevel] RDP 5.0 Security > I had a look at the MCSConnect data blobs in RDP5... here's my interpretation: > > http://www.cse.unsw.edu.au/~matthewc/rdesktop/rdp5mcsconnectann.txt > > and there's a few other decodes in the same directory: > > http://www.cse.unsw.edu.au/~matthewc/rdesktop/ > > The major difference from RDP4 seems to be that the server sends two X.509 > certificates instead of a raw public key structure. The first one is a CA > certificate; presumably it's the second one that's we actually use to encrypt > stuff. > > Let me know if you make some progress on this. > > Matt > > > On Tue, Jun 04, 2002 at 04:20:57PM +0530, Ranjan Vishwarupe wrote: > > Has anybody tried doing RDP 5.0? > > I am trying with the same, but I am unable to parse/process the modulus and exponent of the public key. Can somebody help me with this? > > > > thanks and regards, > > Ranjan > 
From: Matt Chapman <matthewc@cs...>  20020605 02:47:17

On Tue, Jun 04, 2002 at 10:15:37PM +0530, Ranjan Vishwarupe wrote: > Hi Matt, > > Your findings seem to be accurate. > I am also unable to load the RSA public key from the second certificate > which seems to be the important one. > Besides, I could not figure out, how to separate modulus from exponent. > Where can I find what length is for mod and what for exp? > Also I am getting 74 bytes given below. > What should be modulus and exponent in the below public key? > > 30 48 02 41 00 bf 7c 73 53 c5 15 f6 4c 95 9b ba > f1 36 bc 73 05 d2 d4 c6 d2 71 ad 7d 94 4b 2d 94 > b8 d7 6d 24 29 94 d2 2d 04 ec 49 0b 8a 73 17 09 > 8e f7 4a 03 87 6e c3 b2 92 f6 4d 85 e8 c4 70 37 > a5 50 a0 28 f3 02 03 01 00 01 This blob is further encoded in ASN.1, like the X.509 certificate. ASN.1 encoding is essentially (type, length, data). 30 = SEQUENCE, 48 = length { # modulus 02 = INTEGER, 41 = length { 00 bf 7c 73 53 c5 15 f6 4c 95 9b ba f1 36 bc 73 05 d2 d4 c6 d2 71 ad 7d 94 4b 2d 94 b8 d7 6d 24 29 94 d2 2d 04 ec 49 0b 8a 73 17 09 8e f7 4a 03 87 6e c3 b2 92 f6 4d 85 e8 c4 70 37 a5 50 a0 28 f3 } # exponent 02 = INTEGER, 03 = length { 01 00 01 } } > Tried with hardcoding the values. > Exponent as 0x10001 > Modulus as ... > bf 7c 73 53 c5 15 f6 4c 95 9b ba > f1 36 bc 73 05 d2 d4 c6 d2 71 ad 7d 94 4b 2d 94 > b8 d7 6d 24 29 94 d2 2d 04 ec 49 0b 8a 73 17 09 > 8e f7 4a 03 87 6e c3 b2 92 f6 4d 85 e8 c4 70 37 > a5 50 a0 28 f3 (this seem to be the right one) Yep, this one is right. Perhaps you're reading in this number in the wrong byte order? ASN.1 encodes integers bigendian (note the 0 at the front) whereas RDP4 is littleendian. Matt 
From: Ranjan Vishwarupe <ranjanv@cy...>  20020606 10:35:01

> Perhaps you're reading in this number in the wrong byte order? ASN.1 > encodes integers bigendian (note the 0 at the front) whereas RDP4 is > littleendian. I believe that is the reason why RDesktop 4.0 code reverses the data, modulus and exponent before processing and reverses the output after processing in method sec_rsa_encrypt. ( and hence mine also does the same for RDP 4.0, which works! ), Can not the Security Manager of version 4.0 work for 5.0, with the only difference with the way modulus and exponent are extracted? regards, Ranjan  Original Message  From: "Matt Chapman" <matthewc@...> To: "Ranjan Vishwarupe" <ranjanv@...> Cc: <rdesktopdevel@...> Sent: Wednesday, June 05, 2002 8:16 AM Subject: Re: [rdesktopdevel] RDP 5.0 Security > On Tue, Jun 04, 2002 at 10:15:37PM +0530, Ranjan Vishwarupe wrote: > > Hi Matt, > > > > Your findings seem to be accurate. > > I am also unable to load the RSA public key from the second certificate > > which seems to be the important one. > > Besides, I could not figure out, how to separate modulus from exponent. > > Where can I find what length is for mod and what for exp? > > Also I am getting 74 bytes given below. > > What should be modulus and exponent in the below public key? > > > > 30 48 02 41 00 bf 7c 73 53 c5 15 f6 4c 95 9b ba > > f1 36 bc 73 05 d2 d4 c6 d2 71 ad 7d 94 4b 2d 94 > > b8 d7 6d 24 29 94 d2 2d 04 ec 49 0b 8a 73 17 09 > > 8e f7 4a 03 87 6e c3 b2 92 f6 4d 85 e8 c4 70 37 > > a5 50 a0 28 f3 02 03 01 00 01 > > This blob is further encoded in ASN.1, like the X.509 certificate. ASN.1 > encoding is essentially (type, length, data). > > 30 = SEQUENCE, 48 = length > { > # modulus > 02 = INTEGER, 41 = length > { > 00 bf 7c 73 53 c5 15 f6 4c 95 9b ba > f1 36 bc 73 05 d2 d4 c6 d2 71 ad 7d 94 4b 2d 94 > b8 d7 6d 24 29 94 d2 2d 04 ec 49 0b 8a 73 17 09 > 8e f7 4a 03 87 6e c3 b2 92 f6 4d 85 e8 c4 70 37 > a5 50 a0 28 f3 > } > > # exponent > 02 = INTEGER, 03 = length > { > 01 00 01 > } > } > > > Tried with hardcoding the values. > > Exponent as 0x10001 > > Modulus as > ... > > bf 7c 73 53 c5 15 f6 4c 95 9b ba > > f1 36 bc 73 05 d2 d4 c6 d2 71 ad 7d 94 4b 2d 94 > > b8 d7 6d 24 29 94 d2 2d 04 ec 49 0b 8a 73 17 09 > > 8e f7 4a 03 87 6e c3 b2 92 f6 4d 85 e8 c4 70 37 > > a5 50 a0 28 f3 (this seem to be the right one) > > Yep, this one is right. > > Perhaps you're reading in this number in the wrong byte order? ASN.1 > encodes integers bigendian (note the 0 at the front) whereas RDP4 is > littleendian. > > Matt > > 
From: Matt Chapman <matthewc@cs...>  20020606 11:49:19

On Thu, Jun 06, 2002 at 04:04:33PM +0530, Ranjan Vishwarupe wrote: > > > Perhaps you're reading in this number in the wrong byte order? ASN.1 > > encodes integers bigendian (note the 0 at the front) whereas RDP4 is > > littleendian. > > I believe that is the reason why RDesktop 4.0 code reverses the data, > modulus and exponent before processing and reverses the output after > processing in method sec_rsa_encrypt. ( and hence mine also does the same > for RDP 4.0, which works! ), Yes. > Can not the Security Manager of version 4.0 work for 5.0, with the only > difference with the way modulus and exponent are extracted? I don't know  there might be other differences. Have you tried simply not reversing the modulus and exponent? (But still reversing the input and output, I expect.) Matt 
From: Ranjan Vishwarupe <ranjanv@cy...>  20020809 10:30:13

Hi, Is anybody aware of a X.509 parser which can parse ASN. 1 BER encoded certificate. Tried with a few but excpet Microsoft's own parser, no other library could parse it. thanks and regards, Ranjan 