source4/libcli/raw/smb_signing.c

   1 /*
   2    Unix SMB/CIFS implementation.
   3    SMB Signing Code
   4    Copyright (C) Jeremy Allison 2002.
   5    Copyright (C) Andrew Bartlett <abartlet@samba.org> 2002-2003
   6    Copyright (C) James J Myers <myersjj@samba.org> 2003
   7
   8    This program is free software; you can redistribute it and/or modify
   9    it under the terms of the GNU General Public License as published by
  10    the Free Software Foundation; either version 2 of the License, or
  11    (at your option) any later version.
  12
  13    This program is distributed in the hope that it will be useful,
  14    but WITHOUT ANY WARRANTY; without even the implied warranty of
  15    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  16    GNU General Public License for more details.
  17
  18    You should have received a copy of the GNU General Public License
  19    along with this program; if not, write to the Free Software
  20    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
  21 */
  22
  23 #include "includes.h"
  24
  25 struct smb_basic_signing_context {
  26         DATA_BLOB mac_key;
  27         uint32_t next_seq_num;
  28 };
  29
  30 /***********************************************************
  31  SMB signing - Common code before we set a new signing implementation
  32 ************************************************************/
  33 static BOOL set_smb_signing_common(struct cli_transport *transport)
  34 {
  35         if (!(transport->negotiate.sec_mode &
  36               (NEGOTIATE_SECURITY_SIGNATURES_REQUIRED|NEGOTIATE_SECURITY_SIGNATURES_ENABLED))) {
  37                 return False;
  38         }
  39
  40         if (transport->negotiate.sign_info.doing_signing) {
  41                 return False;
  42         }
  43
  44         if (transport->negotiate.sign_info.free_signing_context)
  45                 transport->negotiate.sign_info.free_signing_context(transport);
  46
  47         /* These calls are INCOMPATIBLE with SMB signing */
  48         transport->negotiate.readbraw_supported = False;
  49         transport->negotiate.writebraw_supported = False;
  50
  51         return True;
  52 }
  53
  54 /***********************************************************
  55  SMB signing - Common code for 'real' implementations
  56 ************************************************************/
  57 static BOOL set_smb_signing_real_common(struct cli_transport *transport)
  58 {
  59         if (transport->negotiate.sec_mode & NEGOTIATE_SECURITY_SIGNATURES_REQUIRED) {
  60                 DEBUG(5, ("Mandatory SMB signing enabled!\n"));
  61                 transport->negotiate.sign_info.doing_signing = True;
  62         }
  63
  64         DEBUG(5, ("SMB signing enabled!\n"));
  65
  66         return True;
  67 }
  68
  69 static void mark_packet_signed(struct cli_request *req)
  70 {
  71         uint16_t flags2;
  72         flags2 = SVAL(req->out.hdr, HDR_FLG2);
  73         flags2 |= FLAGS2_SMB_SECURITY_SIGNATURES;
  74         SSVAL(req->out.hdr, HDR_FLG2, flags2);
  75 }
  76
  77 static BOOL signing_good(struct cli_request *req, BOOL good)
  78 {
  79         if (good && !req->transport->negotiate.sign_info.doing_signing) {
  80                 req->transport->negotiate.sign_info.doing_signing = True;
  81         }
  82
  83         if (!good) {
  84                 if (req->transport->negotiate.sign_info.doing_signing) {
  85                         DEBUG(1, ("SMB signature check failed!\n"));
  86                         return False;
  87                 } else {
  88                         DEBUG(3, ("Server did not sign reply correctly\n"));
  89                         cli_transport_free_signing_context(req->transport);
  90                         return False;
  91                 }
  92         }
  93         return True;
  94 }
  95
  96 /***********************************************************
  97  SMB signing - Simple implementation - calculate a MAC to send.
  98 ************************************************************/
  99 static void cli_request_simple_sign_outgoing_message(struct cli_request *req)
 100 {
 101         uint8_t calc_md5_mac[16];
 102         struct MD5Context md5_ctx;
 103         struct smb_basic_signing_context *data = req->transport->negotiate.sign_info.signing_context;
 104
 105 #if 0
 106         /* enable this when packet signing is preventing you working out why valgrind
 107            says that data is uninitialised */
 108         file_save("pkt.dat", req->out.buffer, req->out.size);
 109 #endif
 110
 111         req->seq_num = data->next_seq_num;
 112
 113         /* some requests (eg. NTcancel) are one way, and the sequence number
 114            should be increased by 1 not 2 */
 115         if (req->one_way_request) {
 116                 data->next_seq_num += 1;
 117         } else {
 118                 data->next_seq_num += 2;
 119         }
 120
 121         /*
 122          * Firstly put the sequence number into the first 4 bytes.
 123          * and zero out the next 4 bytes.
 124          */
 125         SIVAL(req->out.hdr, HDR_SS_FIELD, req->seq_num);
 126         SIVAL(req->out.hdr, HDR_SS_FIELD + 4, 0);
 127
 128         /* mark the packet as signed - BEFORE we sign it...*/
 129         mark_packet_signed(req);
 130
 131         /* Calculate the 16 byte MAC and place first 8 bytes into the field. */
 132         MD5Init(&md5_ctx);
 133         MD5Update(&md5_ctx, data->mac_key.data,
 134                   data->mac_key.length);
 135         MD5Update(&md5_ctx,
 136                   req->out.buffer + NBT_HDR_SIZE,
 137                   req->out.size - NBT_HDR_SIZE);
 138         MD5Final(calc_md5_mac, &md5_ctx);
 139
 140         memcpy(&req->out.hdr[HDR_SS_FIELD], calc_md5_mac, 8);
 141
 142 /*      req->out.hdr[HDR_SS_FIELD+2]=0;
 143         Uncomment this to test if the remote server actually verifies signitures...*/
 144 }
 145
 146
 147 /***********************************************************
 148  SMB signing - Simple implementation - check a MAC sent by server.
 149 ************************************************************/
 150 static BOOL cli_request_simple_check_incoming_message(struct cli_request *req)
 151 {
 152         BOOL good;
 153         uint8_t calc_md5_mac[16];
 154         uint8_t server_sent_mac[8];
 155         uint8_t sequence_buf[8];
 156         struct MD5Context md5_ctx;
 157         struct smb_basic_signing_context *data = req->transport->negotiate.sign_info.signing_context;
 158         const size_t offset_end_of_sig = (HDR_SS_FIELD + 8);
 159         int i;
 160         const int sign_range = 0;
 161
 162         /* its quite bogus to be guessing sequence numbers, but very useful
 163            when debugging signing implementations */
 164         for (i = 1-sign_range; i <= 1+sign_range; i++) {
 165                 /*
 166                  * Firstly put the sequence number into the first 4 bytes.
 167                  * and zero out the next 4 bytes.
 168                  */
 169                 SIVAL(sequence_buf, 0, req->seq_num+i);
 170                 SIVAL(sequence_buf, 4, 0);
 171
 172                 /* get a copy of the server-sent mac */
 173                 memcpy(server_sent_mac, &req->in.hdr[HDR_SS_FIELD], sizeof(server_sent_mac));
 174
 175                 /* Calculate the 16 byte MAC and place first 8 bytes into the field. */
 176                 MD5Init(&md5_ctx);
 177                 MD5Update(&md5_ctx, data->mac_key.data,
 178                           data->mac_key.length);
 179                 MD5Update(&md5_ctx, req->in.hdr, HDR_SS_FIELD);
 180                 MD5Update(&md5_ctx, sequence_buf, sizeof(sequence_buf));
 181
 182                 MD5Update(&md5_ctx, req->in.hdr + offset_end_of_sig,
 183                           req->in.size - NBT_HDR_SIZE - (offset_end_of_sig));
 184                 MD5Final(calc_md5_mac, &md5_ctx);
 185
 186                 good = (memcmp(server_sent_mac, calc_md5_mac, 8) == 0);
 187                 if (good) break;
 188         }
 189
 190         if (good && i != 1) {
 191                 DEBUG(0,("SIGNING OFFSET %d (should be %d)\n", i, req->seq_num+1));
 192         }
 193
 194         if (!good) {
 195                 DEBUG(5, ("cli_request_simple_check_incoming_message: BAD SIG: wanted SMB signature of\n"));
 196                 dump_data(5, calc_md5_mac, 8);
 197
 198                 DEBUG(5, ("cli_request_simple_check_incoming_message: BAD SIG: got SMB signature of\n"));
 199                 dump_data(5, server_sent_mac, 8);
 200         }
 201         return signing_good(req, good);
 202 }
 203
 204
 205 /***********************************************************
 206  SMB signing - Simple implementation - free signing context
 207 ************************************************************/
 208 static void cli_transport_simple_free_signing_context(struct cli_transport *transport)
 209 {
 210         struct smb_basic_signing_context *data = transport->negotiate.sign_info.signing_context;
 211
 212         data_blob_free(&data->mac_key);
 213         SAFE_FREE(transport->negotiate.sign_info.signing_context);
 214
 215         return;
 216 }
 217
 218
 219 /***********************************************************
 220  SMB signing - Simple implementation - setup the MAC key.
 221 ************************************************************/
 222 BOOL cli_transport_simple_set_signing(struct cli_transport *transport,
 223                                       const DATA_BLOB user_session_key,
 224                                       const DATA_BLOB response)
 225 {
 226         struct smb_basic_signing_context *data;
 227
 228         if (!set_smb_signing_common(transport)) {
 229                 return False;
 230         }
 231
 232         if (!set_smb_signing_real_common(transport)) {
 233                 return False;
 234         }
 235
 236         data = smb_xmalloc(sizeof(*data));
 237         transport->negotiate.sign_info.signing_context = data;
 238
 239         data->mac_key = data_blob(NULL, response.length + user_session_key.length);
 240
 241         memcpy(&data->mac_key.data[0], user_session_key.data, user_session_key.length);
 242
 243         if (response.length) {
 244                 memcpy(&data->mac_key.data[user_session_key.length],response.data, response.length);
 245         }
 246
 247         /* Initialise the sequence number */
 248         data->next_seq_num = 0;
 249
 250         transport->negotiate.sign_info.sign_outgoing_message = cli_request_simple_sign_outgoing_message;
 251         transport->negotiate.sign_info.check_incoming_message = cli_request_simple_check_incoming_message;
 252         transport->negotiate.sign_info.free_signing_context = cli_transport_simple_free_signing_context;
 253
 254         return True;
 255 }
 256
 257
 258 /***********************************************************
 259  SMB signing - NULL implementation - calculate a MAC to send.
 260 ************************************************************/
 261 static void cli_request_null_sign_outgoing_message(struct cli_request *req)
 262 {
 263         /* we can't zero out the sig, as we might be trying to send a
 264            transport request - which is NBT-level, not SMB level and doesn't
 265            have the field */
 266 }
 267
 268
 269 /***********************************************************
 270  SMB signing - NULL implementation - check a MAC sent by server.
 271 ************************************************************/
 272 static BOOL cli_request_null_check_incoming_message(struct cli_request *req)
 273 {
 274         return True;
 275 }
 276
 277
 278 /***********************************************************
 279  SMB signing - NULL implementation - free signing context
 280 ************************************************************/
 281 static void cli_null_free_signing_context(struct cli_transport *transport)
 282 {
 283 }
 284
 285 /**
 286  SMB signing - NULL implementation - setup the MAC key.
 287
 288  @note Used as an initialisation only - it will not correctly
 289        shut down a real signing mechanism
 290 */
 291 BOOL cli_null_set_signing(struct cli_transport *transport)
 292 {
 293         transport->negotiate.sign_info.signing_context = NULL;
 294
 295         transport->negotiate.sign_info.sign_outgoing_message = cli_request_null_sign_outgoing_message;
 296         transport->negotiate.sign_info.check_incoming_message = cli_request_null_check_incoming_message;
 297         transport->negotiate.sign_info.free_signing_context = cli_null_free_signing_context;
 298
 299         return True;
 300 }
 301
 302
 303 /**
 304  * Free the signing context
 305  */
 306 void cli_transport_free_signing_context(struct cli_transport *transport)
 307 {
 308         if (transport->negotiate.sign_info.free_signing_context) {
 309                 transport->negotiate.sign_info.free_signing_context(transport);
 310         }
 311
 312         cli_null_set_signing(transport);
 313 }
 314
 315
 316 /**
 317  * Sign a packet with the current mechanism
 318  */
 319 void cli_request_calculate_sign_mac(struct cli_request *req)
 320 {
 321         req->transport->negotiate.sign_info.sign_outgoing_message(req);
 322 }
 323
 324
 325 /**
 326  * Check a packet with the current mechanism
 327  * @return False if we had an established signing connection
 328  *         which had a back checksum, True otherwise
 329  */
 330 BOOL cli_request_check_sign_mac(struct cli_request *req)
 331 {
 332         BOOL good;
 333
 334         if (req->in.size < (HDR_SS_FIELD + 8)) {
 335                 good = False;
 336         } else {
 337                 good = req->transport->negotiate.sign_info.check_incoming_message(req);
 338         }
 339
 340         if (!good && req->transport->negotiate.sign_info.doing_signing) {
 341                 return False;
 342         }
 343
 344         return True;
 345 }