search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
tevent: expose tevent_context_init_ops
[Samba/gebeck_regimport.git] / libcli / smb / smb_signing.c
bloba72760b1c33c9fad781653a3ca1c8d0835cf3aae
1 /*
2 Unix SMB/CIFS implementation.
3 SMB Signing Code
4 Copyright (C) Jeremy Allison 2003.
5 Copyright (C) Andrew Bartlett <abartlet@samba.org> 2002-2003
6 Copyright (C) Stefan Metzmacher 2009
7
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
12
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
17
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
20 */
21
22 #include "includes.h"
23 #include "../lib/crypto/md5.h"
24 #include "smb_common.h"
25 #include "smb_signing.h"
26
27 /* Used by the SMB signing functions. */
28
29 struct smb_signing_state {
30 /* is signing localy allowed */
31 bool allowed;
32
33 /* is signing localy desired */
34 bool desired;
35
36 /* is signing localy mandatory */
37 bool mandatory;
38
39 /* is signing negotiated by the peer */
40 bool negotiated;
41
42 bool active; /* Have I ever seen a validly signed packet? */
43
44 /* mac_key.length > 0 means signing is started */
45 DATA_BLOB mac_key;
46
47 /* the next expected seqnum */
48 uint32_t seqnum;
49
50 TALLOC_CTX *mem_ctx;
51 void *(*alloc_fn)(TALLOC_CTX *mem_ctx, size_t len);
52 void (*free_fn)(TALLOC_CTX *mem_ctx, void *ptr);
53 };
54
55 static void smb_signing_reset_info(struct smb_signing_state *si)
56 {
57 si->active = false;
58 si->seqnum = 0;
59
60 if (si->free_fn) {
61 si->free_fn(si->mem_ctx, si->mac_key.data);
62 } else {
63 talloc_free(si->mac_key.data);
64 }
65 si->mac_key.data = NULL;
66 si->mac_key.length = 0;
67 }
68
69 struct smb_signing_state *smb_signing_init_ex(TALLOC_CTX *mem_ctx,
70 bool allowed,
71 bool desired,
72 bool mandatory,
73 void *(*alloc_fn)(TALLOC_CTX *, size_t),
74 void (*free_fn)(TALLOC_CTX *, void *))
75 {
76 struct smb_signing_state *si;
77
78 if (alloc_fn) {
79 void *p = alloc_fn(mem_ctx, sizeof(struct smb_signing_state));
80 if (p == NULL) {
81 return NULL;
82 }
83 memset(p, 0, sizeof(struct smb_signing_state));
84 si = (struct smb_signing_state *)p;
85 si->mem_ctx = mem_ctx;
86 si->alloc_fn = alloc_fn;
87 si->free_fn = free_fn;
88 } else {
89 si = talloc_zero(mem_ctx, struct smb_signing_state);
90 if (si == NULL) {
91 return NULL;
92 }
93 }
94
95 if (mandatory) {
96 desired = true;
97 }
98
99 if (desired) {
100 allowed = true;
101 }
102
103 si->allowed = allowed;
104 si->desired = desired;
105 si->mandatory = mandatory;
106
107 return si;
108 }
109
110 struct smb_signing_state *smb_signing_init(TALLOC_CTX *mem_ctx,
111 bool allowed,
112 bool desired,
113 bool mandatory)
114 {
115 return smb_signing_init_ex(mem_ctx, allowed, desired, mandatory,
116 NULL, NULL);
117 }
118
119 static bool smb_signing_good(struct smb_signing_state *si,
120 bool good, uint32_t seq)
121 {
122 if (good) {
123 if (!si->active) {
124 si->active = true;
125 }
126 return true;
127 }
128
129 if (!si->mandatory && !si->active) {
130 /* Non-mandatory signing - just turn off if this is the first bad packet.. */
131 DEBUG(5, ("smb_signing_good: signing negotiated but not required and peer\n"
132 "isn't sending correct signatures. Turning off.\n"));
133 smb_signing_reset_info(si);
134 return true;
135 }
136
137 /* Mandatory signing or bad packet after signing started - fail and disconnect. */
138 DEBUG(0, ("smb_signing_good: BAD SIG: seq %u\n", (unsigned int)seq));
139 return false;
140 }
141
142 static void smb_signing_md5(const DATA_BLOB *mac_key,
143 const uint8_t *buf, uint32_t seq_number,
144 uint8_t calc_md5_mac[16])
145 {
146 const size_t offset_end_of_sig = (NBT_HDR_SIZE + HDR_SS_FIELD + 8);
147 uint8_t sequence_buf[8];
148 struct MD5Context md5_ctx;
149
150 /*
151 * Firstly put the sequence number into the first 4 bytes.
152 * and zero out the next 4 bytes.
153 *
154 * We do this here, to avoid modifying the packet.
155 */
156
157 DEBUG(10,("smb_signing_md5: sequence number %u\n", seq_number ));
158
159 SIVAL(sequence_buf, 0, seq_number);
160 SIVAL(sequence_buf, 4, 0);
161
162 /* Calculate the 16 byte MAC - but don't alter the data in the
163 incoming packet.
164
165 This makes for a bit of fussing about, but it's not too bad.
166 */
167 MD5Init(&md5_ctx);
168
169 /* intialise with the key */
170 MD5Update(&md5_ctx, mac_key->data, mac_key->length);
171
172 /* copy in the first bit of the SMB header */
173 MD5Update(&md5_ctx, buf + NBT_HDR_SIZE, HDR_SS_FIELD);
174
175 /* copy in the sequence number, instead of the signature */
176 MD5Update(&md5_ctx, sequence_buf, sizeof(sequence_buf));
177
178 /* copy in the rest of the packet in, skipping the signature */
179 MD5Update(&md5_ctx, buf + offset_end_of_sig,
180 smb_len_nbt(buf) - (offset_end_of_sig - 4));
181
182 /* calculate the MD5 sig */
183 MD5Final(calc_md5_mac, &md5_ctx);
184 }
185
186 uint32_t smb_signing_next_seqnum(struct smb_signing_state *si, bool oneway)
187 {
188 uint32_t seqnum;
189
190 if (si->mac_key.length == 0) {
191 return 0;
192 }
193
194 seqnum = si->seqnum;
195 if (oneway) {
196 si->seqnum += 1;
197 } else {
198 si->seqnum += 2;
199 }
200
201 return seqnum;
202 }
203
204 void smb_signing_cancel_reply(struct smb_signing_state *si, bool oneway)
205 {
206 if (si->mac_key.length == 0) {
207 return;
208 }
209
210 if (oneway) {
211 si->seqnum -= 1;
212 } else {
213 si->seqnum -= 2;
214 }
215 }
216
217 void smb_signing_sign_pdu(struct smb_signing_state *si,
218 uint8_t *outbuf, uint32_t seqnum)
219 {
220 uint8_t calc_md5_mac[16];
221 uint8_t com;
222 uint8_t flags;
223
224 if (si->mac_key.length == 0) {
225 if (!si->negotiated) {
226 return;
227 }
228 }
229
230 /* JRA Paranioa test - we should be able to get rid of this... */
231 if (smb_len_nbt(outbuf) < (HDR_SS_FIELD + 8)) {
232 DEBUG(1,("smb_signing_sign_pdu: Logic error. "
233 "Can't check signature on short packet! smb_len = %u\n",
234 smb_len_nbt(outbuf)));
235 abort();
236 }
237
238 com = SVAL(outbuf,NBT_HDR_SIZE+HDR_COM);
239 flags = SVAL(outbuf,NBT_HDR_SIZE+HDR_FLG);
240
241 if (!(flags & FLAG_REPLY)) {
242 uint16_t flags2 = SVAL(outbuf,NBT_HDR_SIZE+HDR_FLG2);
243 /*
244 * If this is a request, specify what is
245 * supported or required by the client
246 */
247 if (si->negotiated && si->desired) {
248 flags2 |= FLAGS2_SMB_SECURITY_SIGNATURES;
249 }
250 if (si->negotiated && si->mandatory) {
251 flags2 |= FLAGS2_SMB_SECURITY_SIGNATURES_REQUIRED;
252 }
253 SSVAL(outbuf, NBT_HDR_SIZE+HDR_FLG2, flags2);
254 }
255
256 if (si->mac_key.length == 0) {
257 /* I wonder what BSRSPYL stands for - but this is what MS
258 actually sends! */
259 if (com == SMBsesssetupX) {
260 memcpy(calc_md5_mac, "BSRSPYL ", 8);
261 } else {
262 memset(calc_md5_mac, 0, 8);
263 }
264 } else {
265 smb_signing_md5(&si->mac_key, outbuf,
266 seqnum, calc_md5_mac);
267 }
268
269 DEBUG(10, ("smb_signing_sign_pdu: sent SMB signature of\n"));
270 dump_data(10, calc_md5_mac, 8);
271
272 memcpy(&outbuf[NBT_HDR_SIZE+HDR_SS_FIELD], calc_md5_mac, 8);
273
274 /* outbuf[NBT_HDR_SIZE+HDR_SS_FIELD+2]=0;
275 Uncomment this to test if the remote server actually verifies signatures...*/
276 }
277
278 bool smb_signing_check_pdu(struct smb_signing_state *si,
279 const uint8_t *inbuf, uint32_t seqnum)
280 {
281 bool good;
282 uint8_t calc_md5_mac[16];
283 const uint8_t *reply_sent_mac;
284
285 if (si->mac_key.length == 0) {
286 return true;
287 }
288
289 if (smb_len_nbt(inbuf) < (HDR_SS_FIELD + 8)) {
290 DEBUG(1,("smb_signing_check_pdu: Can't check signature "
291 "on short packet! smb_len = %u\n",
292 smb_len_nbt(inbuf)));
293 return false;
294 }
295
296 smb_signing_md5(&si->mac_key, inbuf,
297 seqnum, calc_md5_mac);
298
299 reply_sent_mac = &inbuf[NBT_HDR_SIZE+HDR_SS_FIELD];
300 good = (memcmp(reply_sent_mac, calc_md5_mac, 8) == 0);
301
302 if (!good) {
303 int i;
304 const int sign_range = 5;
305
306 DEBUG(5, ("smb_signing_check_pdu: BAD SIG: wanted SMB signature of\n"));
307 dump_data(5, calc_md5_mac, 8);
308
309 DEBUG(5, ("smb_signing_check_pdu: BAD SIG: got SMB signature of\n"));
310 dump_data(5, reply_sent_mac, 8);
311
312 for (i = -sign_range; i < sign_range; i++) {
313 smb_signing_md5(&si->mac_key, inbuf,
314 seqnum+i, calc_md5_mac);
315 if (memcmp(reply_sent_mac, calc_md5_mac, 8) == 0) {
316 DEBUG(0,("smb_signing_check_pdu: "
317 "out of seq. seq num %u matches. "
318 "We were expecting seq %u\n",
319 (unsigned int)seqnum+i,
320 (unsigned int)seqnum));
321 break;
322 }
323 }
324 } else {
325 DEBUG(10, ("smb_signing_check_pdu: seq %u: "
326 "got good SMB signature of\n",
327 (unsigned int)seqnum));
328 dump_data(10, reply_sent_mac, 8);
329 }
330
331 return smb_signing_good(si, good, seqnum);
332 }
333
334 bool smb_signing_activate(struct smb_signing_state *si,
335 const DATA_BLOB user_session_key,
336 const DATA_BLOB response)
337 {
338 size_t len;
339 off_t ofs;
340
341 if (!user_session_key.length) {
342 return false;
343 }
344
345 if (!si->negotiated) {
346 return false;
347 }
348
349 if (si->active) {
350 return false;
351 }
352
353 if (si->mac_key.length > 0) {
354 return false;
355 }
356
357 smb_signing_reset_info(si);
358
359 len = response.length + user_session_key.length;
360 if (si->alloc_fn) {
361 si->mac_key.data = (uint8_t *)si->alloc_fn(si->mem_ctx, len);
362 if (si->mac_key.data == NULL) {
363 return false;
364 }
365 } else {
366 si->mac_key.data = (uint8_t *)talloc_size(si, len);
367 if (si->mac_key.data == NULL) {
368 return false;
369 }
370 }
371 si->mac_key.length = len;
372
373 ofs = 0;
374 memcpy(&si->mac_key.data[ofs], user_session_key.data, user_session_key.length);
375
376 DEBUG(10, ("smb_signing_activate: user_session_key\n"));
377 dump_data(10, user_session_key.data, user_session_key.length);
378
379 if (response.length) {
380 ofs = user_session_key.length;
381 memcpy(&si->mac_key.data[ofs], response.data, response.length);
382 DEBUG(10, ("smb_signing_activate: response_data\n"));
383 dump_data(10, response.data, response.length);
384 } else {
385 DEBUG(10, ("smb_signing_activate: NULL response_data\n"));
386 }
387
388 dump_data_pw("smb_signing_activate: mac key is:\n",
389 si->mac_key.data, si->mac_key.length);
390
391 /* Initialise the sequence number */
392 si->seqnum = 2;
393
394 return true;
395 }
396
397 bool smb_signing_is_active(struct smb_signing_state *si)
398 {
399 return si->active;
400 }
401
402 bool smb_signing_is_allowed(struct smb_signing_state *si)
403 {
404 return si->allowed;
405 }
406
407 bool smb_signing_is_mandatory(struct smb_signing_state *si)
408 {
409 return si->mandatory;
410 }
411
412 bool smb_signing_set_negotiated(struct smb_signing_state *si,
413 bool allowed, bool mandatory)
414 {
415 if (si->active) {
416 return true;
417 }
418
419 if (!si->allowed && mandatory) {
420 return false;
421 }
422
423 if (si->mandatory && !allowed) {
424 return false;
425 }
426
427 if (si->mandatory) {
428 si->negotiated = true;
429 return true;
430 }
431
432 if (mandatory) {
433 si->negotiated = true;
434 return true;
435 }
436
437 if (!si->desired) {
438 si->negotiated = false;
439 return true;
440 }
441
442 if (si->desired && allowed) {
443 si->negotiated = true;
444 return true;
445 }
446
447 si->negotiated = false;
448 return true;
449 }
450
451 bool smb_signing_is_negotiated(struct smb_signing_state *si)
452 {
453 return si->negotiated;
454 }
reg import