search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
s3:libsmb/smb_signing: make use of smb_len_nbt()
[Samba/gebeck_regimport.git] / source3 / libsmb / smb_signing.c
blob22503487071fc1ea8229a595bd0f0189f99ab8d4
1 /*
2 Unix SMB/CIFS implementation.
3 SMB Signing Code
4 Copyright (C) Jeremy Allison 2003.
5 Copyright (C) Andrew Bartlett <abartlet@samba.org> 2002-2003
6 Copyright (C) Stefan Metzmacher 2009
7
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
12
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
17
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
20 */
21
22 #include "includes.h"
23 #include "../lib/crypto/md5.h"
24 #include "smb_signing.h"
25
26 /* Used by the SMB signing functions. */
27
28 struct smb_signing_state {
29 /* is signing localy allowed */
30 bool allowed;
31
32 /* is signing localy desired */
33 bool desired;
34
35 /* is signing localy mandatory */
36 bool mandatory;
37
38 /* is signing negotiated by the peer */
39 bool negotiated;
40
41 bool active; /* Have I ever seen a validly signed packet? */
42
43 /* mac_key.length > 0 means signing is started */
44 DATA_BLOB mac_key;
45
46 /* the next expected seqnum */
47 uint32_t seqnum;
48
49 TALLOC_CTX *mem_ctx;
50 void *(*alloc_fn)(TALLOC_CTX *mem_ctx, size_t len);
51 void (*free_fn)(TALLOC_CTX *mem_ctx, void *ptr);
52 };
53
54 static void smb_signing_reset_info(struct smb_signing_state *si)
55 {
56 si->active = false;
57 si->seqnum = 0;
58
59 if (si->free_fn) {
60 si->free_fn(si->mem_ctx, si->mac_key.data);
61 } else {
62 talloc_free(si->mac_key.data);
63 }
64 si->mac_key.data = NULL;
65 si->mac_key.length = 0;
66 }
67
68 struct smb_signing_state *smb_signing_init_ex(TALLOC_CTX *mem_ctx,
69 bool allowed,
70 bool desired,
71 bool mandatory,
72 void *(*alloc_fn)(TALLOC_CTX *, size_t),
73 void (*free_fn)(TALLOC_CTX *, void *))
74 {
75 struct smb_signing_state *si;
76
77 if (alloc_fn) {
78 void *p = alloc_fn(mem_ctx, sizeof(struct smb_signing_state));
79 if (p == NULL) {
80 return NULL;
81 }
82 memset(p, 0, sizeof(struct smb_signing_state));
83 si = (struct smb_signing_state *)p;
84 si->mem_ctx = mem_ctx;
85 si->alloc_fn = alloc_fn;
86 si->free_fn = free_fn;
87 } else {
88 si = talloc_zero(mem_ctx, struct smb_signing_state);
89 if (si == NULL) {
90 return NULL;
91 }
92 }
93
94 if (mandatory) {
95 desired = true;
96 }
97
98 if (desired) {
99 allowed = true;
100 }
101
102 si->allowed = allowed;
103 si->desired = desired;
104 si->mandatory = mandatory;
105
106 return si;
107 }
108
109 struct smb_signing_state *smb_signing_init(TALLOC_CTX *mem_ctx,
110 bool allowed,
111 bool desired,
112 bool mandatory)
113 {
114 return smb_signing_init_ex(mem_ctx, allowed, desired, mandatory,
115 NULL, NULL);
116 }
117
118 static bool smb_signing_good(struct smb_signing_state *si,
119 bool good, uint32_t seq)
120 {
121 if (good) {
122 if (!si->active) {
123 si->active = true;
124 }
125 return true;
126 }
127
128 if (!si->mandatory && !si->active) {
129 /* Non-mandatory signing - just turn off if this is the first bad packet.. */
130 DEBUG(5, ("smb_signing_good: signing negotiated but not required and peer\n"
131 "isn't sending correct signatures. Turning off.\n"));
132 smb_signing_reset_info(si);
133 return true;
134 }
135
136 /* Mandatory signing or bad packet after signing started - fail and disconnect. */
137 DEBUG(0, ("smb_signing_good: BAD SIG: seq %u\n", (unsigned int)seq));
138 return false;
139 }
140
141 static void smb_signing_md5(const DATA_BLOB *mac_key,
142 const uint8_t *buf, uint32_t seq_number,
143 uint8_t calc_md5_mac[16])
144 {
145 const size_t offset_end_of_sig = (NBT_HDR_SIZE + HDR_SS_FIELD + 8);
146 uint8_t sequence_buf[8];
147 struct MD5Context md5_ctx;
148
149 /*
150 * Firstly put the sequence number into the first 4 bytes.
151 * and zero out the next 4 bytes.
152 *
153 * We do this here, to avoid modifying the packet.
154 */
155
156 DEBUG(10,("smb_signing_md5: sequence number %u\n", seq_number ));
157
158 SIVAL(sequence_buf, 0, seq_number);
159 SIVAL(sequence_buf, 4, 0);
160
161 /* Calculate the 16 byte MAC - but don't alter the data in the
162 incoming packet.
163
164 This makes for a bit of fussing about, but it's not too bad.
165 */
166 MD5Init(&md5_ctx);
167
168 /* intialise with the key */
169 MD5Update(&md5_ctx, mac_key->data, mac_key->length);
170
171 /* copy in the first bit of the SMB header */
172 MD5Update(&md5_ctx, buf + NBT_HDR_SIZE, HDR_SS_FIELD);
173
174 /* copy in the sequence number, instead of the signature */
175 MD5Update(&md5_ctx, sequence_buf, sizeof(sequence_buf));
176
177 /* copy in the rest of the packet in, skipping the signature */
178 MD5Update(&md5_ctx, buf + offset_end_of_sig,
179 smb_len_nbt(buf) - (offset_end_of_sig - 4));
180
181 /* calculate the MD5 sig */
182 MD5Final(calc_md5_mac, &md5_ctx);
183 }
184
185 uint32_t smb_signing_next_seqnum(struct smb_signing_state *si, bool oneway)
186 {
187 uint32_t seqnum;
188
189 if (si->mac_key.length == 0) {
190 return 0;
191 }
192
193 seqnum = si->seqnum;
194 if (oneway) {
195 si->seqnum += 1;
196 } else {
197 si->seqnum += 2;
198 }
199
200 return seqnum;
201 }
202
203 void smb_signing_cancel_reply(struct smb_signing_state *si, bool oneway)
204 {
205 if (si->mac_key.length == 0) {
206 return;
207 }
208
209 if (oneway) {
210 si->seqnum -= 1;
211 } else {
212 si->seqnum -= 2;
213 }
214 }
215
216 void smb_signing_sign_pdu(struct smb_signing_state *si,
217 uint8_t *outbuf, uint32_t seqnum)
218 {
219 uint8_t calc_md5_mac[16];
220 uint8_t com;
221 uint8_t flags;
222
223 if (si->mac_key.length == 0) {
224 if (!si->negotiated) {
225 return;
226 }
227 }
228
229 /* JRA Paranioa test - we should be able to get rid of this... */
230 if (smb_len_nbt(outbuf) < (HDR_SS_FIELD + 8)) {
231 DEBUG(1,("smb_signing_sign_pdu: Logic error. "
232 "Can't check signature on short packet! smb_len = %u\n",
233 smb_len_nbt(outbuf)));
234 abort();
235 }
236
237 com = SVAL(outbuf,smb_com);
238 flags = SVAL(outbuf,smb_flg);
239
240 if (!(flags & FLAG_REPLY)) {
241 uint16_t flags2 = SVAL(outbuf,smb_flg2);
242 /*
243 * If this is a request, specify what is
244 * supported or required by the client
245 */
246 if (si->negotiated && si->desired) {
247 flags2 |= FLAGS2_SMB_SECURITY_SIGNATURES;
248 }
249 if (si->negotiated && si->mandatory) {
250 flags2 |= FLAGS2_SMB_SECURITY_SIGNATURES_REQUIRED;
251 }
252 SSVAL(outbuf, smb_flg2, flags2);
253 }
254
255 if (si->mac_key.length == 0) {
256 /* I wonder what BSRSPYL stands for - but this is what MS
257 actually sends! */
258 if (com == SMBsesssetupX) {
259 memcpy(calc_md5_mac, "BSRSPYL ", 8);
260 } else {
261 memset(calc_md5_mac, 0, 8);
262 }
263 } else {
264 smb_signing_md5(&si->mac_key, outbuf,
265 seqnum, calc_md5_mac);
266 }
267
268 DEBUG(10, ("smb_signing_sign_pdu: sent SMB signature of\n"));
269 dump_data(10, calc_md5_mac, 8);
270
271 memcpy(&outbuf[NBT_HDR_SIZE+HDR_SS_FIELD], calc_md5_mac, 8);
272
273 /* outbuf[NBT_HDR_SIZE+HDR_SS_FIELD+2]=0;
274 Uncomment this to test if the remote server actually verifies signatures...*/
275 }
276
277 bool smb_signing_check_pdu(struct smb_signing_state *si,
278 const uint8_t *inbuf, uint32_t seqnum)
279 {
280 bool good;
281 uint8_t calc_md5_mac[16];
282 const uint8_t *reply_sent_mac;
283
284 if (si->mac_key.length == 0) {
285 return true;
286 }
287
288 if (smb_len_nbt(inbuf) < (HDR_SS_FIELD + 8)) {
289 DEBUG(1,("smb_signing_check_pdu: Can't check signature "
290 "on short packet! smb_len = %u\n",
291 smb_len_nbt(inbuf)));
292 return false;
293 }
294
295 smb_signing_md5(&si->mac_key, inbuf,
296 seqnum, calc_md5_mac);
297
298 reply_sent_mac = &inbuf[NBT_HDR_SIZE+HDR_SS_FIELD];
299 good = (memcmp(reply_sent_mac, calc_md5_mac, 8) == 0);
300
301 if (!good) {
302 int i;
303 const int sign_range = 5;
304
305 DEBUG(5, ("smb_signing_check_pdu: BAD SIG: wanted SMB signature of\n"));
306 dump_data(5, calc_md5_mac, 8);
307
308 DEBUG(5, ("smb_signing_check_pdu: BAD SIG: got SMB signature of\n"));
309 dump_data(5, reply_sent_mac, 8);
310
311 for (i = -sign_range; i < sign_range; i++) {
312 smb_signing_md5(&si->mac_key, inbuf,
313 seqnum+i, calc_md5_mac);
314 if (memcmp(reply_sent_mac, calc_md5_mac, 8) == 0) {
315 DEBUG(0,("smb_signing_check_pdu: "
316 "out of seq. seq num %u matches. "
317 "We were expecting seq %u\n",
318 (unsigned int)seqnum+i,
319 (unsigned int)seqnum));
320 break;
321 }
322 }
323 } else {
324 DEBUG(10, ("smb_signing_check_pdu: seq %u: "
325 "got good SMB signature of\n",
326 (unsigned int)seqnum));
327 dump_data(10, reply_sent_mac, 8);
328 }
329
330 return smb_signing_good(si, good, seqnum);
331 }
332
333 bool smb_signing_activate(struct smb_signing_state *si,
334 const DATA_BLOB user_session_key,
335 const DATA_BLOB response)
336 {
337 size_t len;
338 off_t ofs;
339
340 if (!user_session_key.length) {
341 return false;
342 }
343
344 if (!si->negotiated) {
345 return false;
346 }
347
348 if (si->active) {
349 return false;
350 }
351
352 if (si->mac_key.length > 0) {
353 return false;
354 }
355
356 smb_signing_reset_info(si);
357
358 len = response.length + user_session_key.length;
359 if (si->alloc_fn) {
360 si->mac_key.data = (uint8_t *)si->alloc_fn(si->mem_ctx, len);
361 if (si->mac_key.data == NULL) {
362 return false;
363 }
364 } else {
365 si->mac_key.data = (uint8_t *)talloc_size(si, len);
366 if (si->mac_key.data == NULL) {
367 return false;
368 }
369 }
370 si->mac_key.length = len;
371
372 ofs = 0;
373 memcpy(&si->mac_key.data[ofs], user_session_key.data, user_session_key.length);
374
375 DEBUG(10, ("smb_signing_activate: user_session_key\n"));
376 dump_data(10, user_session_key.data, user_session_key.length);
377
378 if (response.length) {
379 ofs = user_session_key.length;
380 memcpy(&si->mac_key.data[ofs], response.data, response.length);
381 DEBUG(10, ("smb_signing_activate: response_data\n"));
382 dump_data(10, response.data, response.length);
383 } else {
384 DEBUG(10, ("smb_signing_activate: NULL response_data\n"));
385 }
386
387 dump_data_pw("smb_signing_activate: mac key is:\n",
388 si->mac_key.data, si->mac_key.length);
389
390 /* Initialise the sequence number */
391 si->seqnum = 2;
392
393 return true;
394 }
395
396 bool smb_signing_is_active(struct smb_signing_state *si)
397 {
398 return si->active;
399 }
400
401 bool smb_signing_is_allowed(struct smb_signing_state *si)
402 {
403 return si->allowed;
404 }
405
406 bool smb_signing_is_mandatory(struct smb_signing_state *si)
407 {
408 return si->mandatory;
409 }
410
411 bool smb_signing_set_negotiated(struct smb_signing_state *si,
412 bool allowed, bool mandatory)
413 {
414 if (si->active) {
415 return true;
416 }
417
418 if (!si->allowed && mandatory) {
419 return false;
420 }
421
422 if (si->mandatory && !allowed) {
423 return false;
424 }
425
426 if (si->mandatory) {
427 si->negotiated = true;
428 return true;
429 }
430
431 if (mandatory) {
432 si->negotiated = true;
433 return true;
434 }
435
436 if (!si->desired) {
437 si->negotiated = false;
438 return true;
439 }
440
441 if (si->desired && allowed) {
442 si->negotiated = true;
443 return true;
444 }
445
446 si->negotiated = false;
447 return true;
448 }
449
450 bool smb_signing_is_negotiated(struct smb_signing_state *si)
451 {
452 return si->negotiated;
453 }
reg import