2 Unix SMB/CIFS implementation.
4 Copyright (C) Jeremy Allison 2003.
5 Copyright (C) Andrew Bartlett <abartlet@samba.org> 2002-2003
6 Copyright (C) Stefan Metzmacher 2009
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
24 /* Used by the SMB signing functions. */
26 struct smb_signing_state
{
27 /* is signing localy allowed */
30 /* is signing localy mandatory */
33 /* is signing negotiated by the peer */
36 /* send BSRSPYL signatures */
39 bool active
; /* Have I ever seen a validly signed packet? */
41 /* mac_key.length > 0 means signing is started */
44 /* the next expected seqnum */
48 void *(*alloc_fn
)(TALLOC_CTX
*mem_ctx
, size_t len
);
49 void (*free_fn
)(TALLOC_CTX
*mem_ctx
, void *ptr
);
52 static void smb_signing_reset_info(struct smb_signing_state
*si
)
59 si
->free_fn(si
->mem_ctx
, si
->mac_key
.data
);
61 talloc_free(si
->mac_key
.data
);
63 si
->mac_key
.data
= NULL
;
64 si
->mac_key
.length
= 0;
67 struct smb_signing_state
*smb_signing_init_ex(TALLOC_CTX
*mem_ctx
,
70 void *(*alloc_fn
)(TALLOC_CTX
*, size_t),
71 void (*free_fn
)(TALLOC_CTX
*, void *))
73 struct smb_signing_state
*si
;
76 void *p
= alloc_fn(mem_ctx
, sizeof(struct smb_signing_state
));
80 memset(p
, 0, sizeof(struct smb_signing_state
));
81 si
= (struct smb_signing_state
*)p
;
82 si
->mem_ctx
= mem_ctx
;
83 si
->alloc_fn
= alloc_fn
;
84 si
->free_fn
= free_fn
;
86 si
= talloc_zero(mem_ctx
, struct smb_signing_state
);
96 si
->allowed
= allowed
;
97 si
->mandatory
= mandatory
;
102 struct smb_signing_state
*smb_signing_init(TALLOC_CTX
*mem_ctx
,
106 return smb_signing_init_ex(mem_ctx
, allowed
, mandatory
, NULL
, NULL
);
109 static bool smb_signing_good(struct smb_signing_state
*si
,
110 bool good
, uint32_t seq
)
119 if (!si
->mandatory
&& !si
->active
) {
120 /* Non-mandatory signing - just turn off if this is the first bad packet.. */
121 DEBUG(5, ("smb_signing_good: signing negotiated but not required and peer\n"
122 "isn't sending correct signatures. Turning off.\n"));
123 smb_signing_reset_info(si
);
127 /* Mandatory signing or bad packet after signing started - fail and disconnect. */
128 DEBUG(0, ("smb_signing_good: BAD SIG: seq %u\n", (unsigned int)seq
));
132 static void smb_signing_md5(const DATA_BLOB
*mac_key
,
133 const uint8_t *buf
, uint32_t seq_number
,
134 uint8_t calc_md5_mac
[16])
136 const size_t offset_end_of_sig
= (smb_ss_field
+ 8);
137 uint8_t sequence_buf
[8];
138 struct MD5Context md5_ctx
;
141 * Firstly put the sequence number into the first 4 bytes.
142 * and zero out the next 4 bytes.
144 * We do this here, to avoid modifying the packet.
147 DEBUG(10,("smb_signing_md5: sequence number %u\n", seq_number
));
149 SIVAL(sequence_buf
, 0, seq_number
);
150 SIVAL(sequence_buf
, 4, 0);
152 /* Calculate the 16 byte MAC - but don't alter the data in the
155 This makes for a bit of fussing about, but it's not too bad.
159 /* intialise with the key */
160 MD5Update(&md5_ctx
, mac_key
->data
, mac_key
->length
);
162 /* copy in the first bit of the SMB header */
163 MD5Update(&md5_ctx
, buf
+ 4, smb_ss_field
- 4);
165 /* copy in the sequence number, instead of the signature */
166 MD5Update(&md5_ctx
, sequence_buf
, sizeof(sequence_buf
));
168 /* copy in the rest of the packet in, skipping the signature */
169 MD5Update(&md5_ctx
, buf
+ offset_end_of_sig
,
170 smb_len(buf
) - (offset_end_of_sig
- 4));
172 /* calculate the MD5 sig */
173 MD5Final(calc_md5_mac
, &md5_ctx
);
176 uint32_t smb_signing_next_seqnum(struct smb_signing_state
*si
, bool oneway
)
180 if (si
->mac_key
.length
== 0) {
194 void smb_signing_cancel_reply(struct smb_signing_state
*si
, bool oneway
)
196 if (si
->mac_key
.length
== 0) {
207 void smb_signing_sign_pdu(struct smb_signing_state
*si
,
208 uint8_t *outbuf
, uint32_t seqnum
)
210 uint8_t calc_md5_mac
[16];
213 if (si
->mac_key
.length
== 0) {
219 /* JRA Paranioa test - we should be able to get rid of this... */
220 if (smb_len(outbuf
) < (smb_ss_field
+ 8 - 4)) {
221 DEBUG(1,("smb_signing_sign_pdu: Logic error. "
222 "Can't check signature on short packet! smb_len = %u\n",
227 /* mark the packet as signed - BEFORE we sign it...*/
228 flags2
= SVAL(outbuf
,smb_flg2
);
229 flags2
|= FLAGS2_SMB_SECURITY_SIGNATURES
;
230 SSVAL(outbuf
, smb_flg2
, flags2
);
233 /* I wonder what BSRSPYL stands for - but this is what MS
235 memcpy(calc_md5_mac
, "BSRSPYL ", 8);
237 smb_signing_md5(&si
->mac_key
, outbuf
,
238 seqnum
, calc_md5_mac
);
241 DEBUG(10, ("smb_signing_sign_pdu: sent SMB signature of\n"));
242 dump_data(10, calc_md5_mac
, 8);
244 memcpy(&outbuf
[smb_ss_field
], calc_md5_mac
, 8);
246 /* outbuf[smb_ss_field+2]=0;
247 Uncomment this to test if the remote server actually verifies signatures...*/
250 bool smb_signing_check_pdu(struct smb_signing_state
*si
,
251 const uint8_t *inbuf
, uint32_t seqnum
)
254 uint8_t calc_md5_mac
[16];
255 const uint8_t *reply_sent_mac
;
257 if (si
->mac_key
.length
== 0) {
261 if (smb_len(inbuf
) < (smb_ss_field
+ 8 - 4)) {
262 DEBUG(1,("smb_signing_check_pdu: Can't check signature "
263 "on short packet! smb_len = %u\n",
268 smb_signing_md5(&si
->mac_key
, inbuf
,
269 seqnum
, calc_md5_mac
);
271 reply_sent_mac
= &inbuf
[smb_ss_field
];
272 good
= (memcmp(reply_sent_mac
, calc_md5_mac
, 8) == 0);
276 const int sign_range
= 5;
278 DEBUG(5, ("smb_signing_check_pdu: BAD SIG: wanted SMB signature of\n"));
279 dump_data(5, calc_md5_mac
, 8);
281 DEBUG(5, ("smb_signing_check_pdu: BAD SIG: got SMB signature of\n"));
282 dump_data(5, reply_sent_mac
, 8);
284 for (i
= -sign_range
; i
< sign_range
; i
++) {
285 smb_signing_md5(&si
->mac_key
, inbuf
,
286 seqnum
+i
, calc_md5_mac
);
287 if (memcmp(reply_sent_mac
, calc_md5_mac
, 8) == 0) {
288 DEBUG(0,("smb_signing_check_pdu: "
289 "out of seq. seq num %u matches. "
290 "We were expecting seq %u\n",
291 (unsigned int)seqnum
+i
,
292 (unsigned int)seqnum
));
297 DEBUG(10, ("smb_signing_check_pdu: seq %u: "
298 "got good SMB signature of\n",
299 (unsigned int)seqnum
));
300 dump_data(10, reply_sent_mac
, 8);
303 return smb_signing_good(si
, good
, seqnum
);
306 bool smb_signing_set_bsrspyl(struct smb_signing_state
*si
)
308 if (!si
->negotiated
) {
321 bool smb_signing_activate(struct smb_signing_state
*si
,
322 const DATA_BLOB user_session_key
,
323 const DATA_BLOB response
)
328 if (!user_session_key
.length
) {
332 if (!si
->negotiated
) {
340 if (si
->mac_key
.length
> 0) {
344 smb_signing_reset_info(si
);
346 len
= response
.length
+ user_session_key
.length
;
348 si
->mac_key
.data
= (uint8_t *)si
->alloc_fn(si
->mem_ctx
, len
);
349 if (si
->mac_key
.data
== NULL
) {
353 si
->mac_key
.data
= (uint8_t *)talloc_size(si
, len
);
354 if (si
->mac_key
.data
== NULL
) {
358 si
->mac_key
.length
= len
;
361 memcpy(&si
->mac_key
.data
[ofs
], user_session_key
.data
, user_session_key
.length
);
363 DEBUG(10, ("smb_signing_activate: user_session_key\n"));
364 dump_data(10, user_session_key
.data
, user_session_key
.length
);
366 if (response
.length
) {
367 ofs
= user_session_key
.length
;
368 memcpy(&si
->mac_key
.data
[ofs
], response
.data
, response
.length
);
369 DEBUG(10, ("smb_signing_activate: response_data\n"));
370 dump_data(10, response
.data
, response
.length
);
372 DEBUG(10, ("smb_signing_activate: NULL response_data\n"));
375 dump_data_pw("smb_signing_activate: mac key is:\n",
376 si
->mac_key
.data
, si
->mac_key
.length
);
378 /* Initialise the sequence number */
384 bool smb_signing_is_active(struct smb_signing_state
*si
)
389 bool smb_signing_is_allowed(struct smb_signing_state
*si
)
394 bool smb_signing_is_mandatory(struct smb_signing_state
*si
)
396 return si
->mandatory
;
399 bool smb_signing_set_negotiated(struct smb_signing_state
*si
)
405 si
->negotiated
= true;
410 bool smb_signing_is_negotiated(struct smb_signing_state
*si
)
412 return si
->negotiated
;