add credssp grammar

bin/rdpy-rdpclient.py

@@ -30,7 +30,7 @@ from rdpy.core.error import RDPSecurityNegoFail
 from rdpy.core import rss
 
 import rdpy.core.log as log
-log._LOG_LEVEL = log.Level.INFO
+log._LOG_LEVEL = log.Level.DEBUG
 
 
 class RDPClientQtRecorder(RDPClientQt):

rdpy/protocol/rdp/credssp.py

@@ -0,0 +1,92 @@
+#
+# Copyright (c) 2014-2015 Sylvain Peyrefitte
+#
+# This file is part of rdpy.
+#
+# rdpy is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+#
+
+"""
+@summary: Credential Security Support Provider
+@see: https://msdn.microsoft.com/en-us/library/cc226764.aspx
+"""
+
+from pyasn1.type import namedtype, univ
+from pyasn1.codec.ber import decoder
+
+class NegoData(univ.SequenceOf):
+    """
+    @summary: contain spnego ntlm of kerberos data
+    @see: https://msdn.microsoft.com/en-us/library/cc226781.aspx
+    """
+    componentType = univ.OctetString()
+
+class TSRequest(univ.Sequence):
+    """
+    @summary: main structure
+    @see: https://msdn.microsoft.com/en-us/library/cc226780.aspx
+    """
+    componentType = namedtype.NamedTypes(
+        namedtype.NamedType('version', univ.Integer()),
+        namedtype.OptionalNamedType('negoTokens', NegoData()),
+        namedtype.OptionalNamedType('authInfo', univ.OctetString()),
+        namedtype.OptionalNamedType('pubKeyAuth', univ.OctetString()),
+        namedtype.OptionalNamedType('errorCode', univ.Integer())
+        )
+
+class TSCredentials(univ.Sequence):
+    """
+    @summary: contain user information
+    @see: https://msdn.microsoft.com/en-us/library/cc226782.aspx
+    """
+    componentType = namedtype.NamedTypes(
+        namedtype.NamedType('credType', univ.Integer()),
+        namedtype.NamedType('credentials', univ.OctetString())
+        )
+    
+class TSPasswordCreds(univ.Sequence):
+    """
+    @summary: contain username and password
+    @see: https://msdn.microsoft.com/en-us/library/cc226783.aspx
+    """
+    componentType = namedtype.NamedTypes(
+        namedtype.NamedType('domainName', univ.OctetString()),
+        namedtype.NamedType('userName', univ.OctetString()),
+        namedtype.NamedType('password', univ.OctetString())
+        )
+
+class TSCspDataDetail(univ.Sequence):
+    """
+    @summary: smart card credentials
+    @see: https://msdn.microsoft.com/en-us/library/cc226785.aspx
+    """
+    componentType = namedtype.NamedTypes(
+        namedtype.NamedType('keySpec', univ.Integer()),
+        namedtype.OptionalNamedType('cardName', univ.OctetString()),
+        namedtype.OptionalNamedType('readerName', univ.OctetString()),
+        namedtype.OptionalNamedType('containerName', univ.OctetString()),
+        namedtype.OptionalNamedType('cspName', univ.OctetString())
+        )
+
+class TSSmartCardCreds(univ.Sequence):
+    """
+    @summary: smart card credentials
+    @see: https://msdn.microsoft.com/en-us/library/cc226784.aspx
+    """
+    componentType = namedtype.NamedTypes(
+        namedtype.NamedType('pin', univ.OctetString()),
+        namedtype.NamedType('cspData', TSCspDataDetail()),
+        namedtype.OptionalNamedType('userHint', univ.OctetString()),
+        namedtype.OptionalNamedType('domainHint', univ.OctetString())
+        )

rdpy/protocol/rdp/tpkt.py

@@ -204,7 +204,21 @@ class TPKT(RawLayer, IFastPathSender):
         
     def sendFastPath(self, secFlag, fastPathS):
         """
-        @param fastPathS: type transform to stream and send as fastpath
+        @param fastPathS: {Type | Tuple} type transform to stream and send as fastpath
         @param secFlag: {integer} Security flag for fastpath packet
         """
-        RawLayer.send(self, (UInt8(Action.FASTPATH_ACTION_FASTPATH | ((secFlag & 0x3) << 6)), UInt16Be((sizeof(fastPathS) + 3) | 0x8000), fastPathS))
+        RawLayer.send(self, (UInt8(Action.FASTPATH_ACTION_FASTPATH | ((secFlag & 0x3) << 6)), UInt16Be((sizeof(fastPathS) + 3) | 0x8000), fastPathS))
+    
+    def startTLS(self, sslContext):
+        """
+        @summary: start TLS protocol
+        @param sslContext: {ssl.ClientContextFactory | ssl.DefaultOpenSSLContextFactory} context use for TLS protocol
+        """
+        self.transport.startTLS(sslContext)
+       
+    def startNLA(self, sslContext):
+        """
+        @summary: use to start NLA (NTLM over SSL) protocol
+        @param sslContext: {ssl.ClientContextFactory | ssl.DefaultOpenSSLContextFactory} context use for NLA protocol
+        """
+        self.transport.startTLS(sslContext)

rdpy/protocol/rdp/x224.py

@@ -210,7 +210,7 @@ class Client(X224Layer):
         if self._selectedProtocol == Protocols.PROTOCOL_SSL:
             log.debug("*" * 10 + " select SSL layer " + "*" * 10)
             #_transport is TPKT and transport is TCP layer of twisted
-            self._transport.transport.startTLS(ClientTLSContext())
+            self._transport.startTLS(ClientTLSContext())
         
         #now i'm ready to receive data
         self.setNextState(self.recvData)
@@ -289,7 +289,7 @@ class Server(X224Layer):
         if self._selectedProtocol == Protocols.PROTOCOL_SSL:
             log.debug("*" * 10 + " select SSL layer " + "*" * 10)
             #_transport is TPKT and transport is TCP layer of twisted
-            self._transport.transport.startTLS(ServerTLSContext(self._serverPrivateKeyFileName, self._serverCertificateFileName))
+            self._transport.startTLS(ServerTLSContext(self._serverPrivateKeyFileName, self._serverCertificateFileName))
             
         #connection is done send to presentation
         self.setNextState(self.recvData)