source4/libcli/raw/smb_signing.c

   1 /*
   2    Unix SMB/CIFS implementation.
   3    SMB Signing Code
   4    Copyright (C) Jeremy Allison 2002.
   5    Copyright (C) Andrew Bartlett <abartlet@samba.org> 2002-2003
   6    Copyright (C) James J Myers <myersjj@samba.org> 2003
   7
   8    This program is free software; you can redistribute it and/or modify
   9    it under the terms of the GNU General Public License as published by
  10    the Free Software Foundation; either version 2 of the License, or
  11    (at your option) any later version.
  12
  13    This program is distributed in the hope that it will be useful,
  14    but WITHOUT ANY WARRANTY; without even the implied warranty of
  15    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  16    GNU General Public License for more details.
  17
  18    You should have received a copy of the GNU General Public License
  19    along with this program; if not, write to the Free Software
  20    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
  21 */
  22
  23 #include "includes.h"
  24 static BOOL smbcli_set_signing_off(struct smb_signing_context *sign_info);
  25
  26 /***********************************************************
  27  SMB signing - Common code before we set a new signing implementation
  28 ************************************************************/
  29 static BOOL set_smb_signing_common(struct smbcli_transport *transport)
  30 {
  31         if (!(transport->negotiate.sec_mode &
  32               (NEGOTIATE_SECURITY_SIGNATURES_REQUIRED|NEGOTIATE_SECURITY_SIGNATURES_ENABLED))) {
  33                 return False;
  34         }
  35
  36         if (transport->negotiate.sign_info.doing_signing) {
  37                 return False;
  38         }
  39
  40         if (!transport->negotiate.sign_info.allow_smb_signing) {
  41                 return False;
  42         }
  43
  44         /* These calls are INCOMPATIBLE with SMB signing */
  45         transport->negotiate.readbraw_supported = False;
  46         transport->negotiate.writebraw_supported = False;
  47
  48         return True;
  49 }
  50
  51 static void mark_packet_signed(struct request_buffer *out)
  52 {
  53         uint16_t flags2;
  54         flags2 = SVAL(out->hdr, HDR_FLG2);
  55         flags2 |= FLAGS2_SMB_SECURITY_SIGNATURES;
  56         SSVAL(out->hdr, HDR_FLG2, flags2);
  57 }
  58
  59 static BOOL signing_good(struct smb_signing_context *sign_info,
  60                          unsigned int seq, BOOL good)
  61 {
  62         if (good) {
  63                 if (!sign_info->doing_signing) {
  64                         sign_info->doing_signing = True;
  65                 }
  66                 if (!sign_info->seen_valid) {
  67                         sign_info->seen_valid = True;
  68                 }
  69         } else {
  70                 if (!sign_info->seen_valid) {
  71                         /* If we have never seen a good packet, just turn it off */
  72                         DEBUG(5, ("signing_good: signing negotiated but not required and peer\n"
  73                                   "isn't sending correct signatures. Turning off.\n"));
  74                         smbcli_set_signing_off(sign_info);
  75                         return True;
  76                 } else {
  77                         /* bad packet after signing started - fail and disconnect. */
  78                         DEBUG(0, ("signing_good: BAD SIG: seq %u\n", seq));
  79                         return False;
  80                 }
  81         }
  82         return True;
  83 }
  84
  85 void sign_outgoing_message(struct request_buffer *out, DATA_BLOB *mac_key, uint_t seq_num)
  86 {
  87         uint8_t calc_md5_mac[16];
  88         struct MD5Context md5_ctx;
  89         /*
  90          * Firstly put the sequence number into the first 4 bytes.
  91          * and zero out the next 4 bytes.
  92          */
  93         SIVAL(out->hdr, HDR_SS_FIELD, seq_num);
  94         SIVAL(out->hdr, HDR_SS_FIELD + 4, 0);
  95
  96         /* mark the packet as signed - BEFORE we sign it...*/
  97         mark_packet_signed(out);
  98
  99         /* Calculate the 16 byte MAC and place first 8 bytes into the field. */
 100         MD5Init(&md5_ctx);
 101         MD5Update(&md5_ctx, mac_key->data,
 102                   mac_key->length);
 103         MD5Update(&md5_ctx,
 104                   out->buffer + NBT_HDR_SIZE,
 105                   out->size - NBT_HDR_SIZE);
 106         MD5Final(calc_md5_mac, &md5_ctx);
 107
 108         memcpy(&out->hdr[HDR_SS_FIELD], calc_md5_mac, 8);
 109
 110         DEBUG(5, ("sign_outgoing_message: SENT SIG (seq: %d): sent SMB signature of\n",
 111                   seq_num));
 112         dump_data(5, calc_md5_mac, 8);
 113 /*      req->out.hdr[HDR_SS_FIELD+2]=0;
 114         Uncomment this to test if the remote server actually verifies signitures...*/
 115 }
 116
 117 BOOL check_signed_incoming_message(struct request_buffer *in, DATA_BLOB *mac_key, uint_t seq_num)
 118 {
 119         BOOL good;
 120         uint8_t calc_md5_mac[16];
 121         uint8_t *server_sent_mac;
 122         uint8_t sequence_buf[8];
 123         struct MD5Context md5_ctx;
 124         const size_t offset_end_of_sig = (HDR_SS_FIELD + 8);
 125         int i;
 126         const int sign_range = 0;
 127
 128         /* room enough for the signature? */
 129         if (in->size < NBT_HDR_SIZE + HDR_SS_FIELD + 8) {
 130                 return False;
 131         }
 132
 133         /* its quite bogus to be guessing sequence numbers, but very useful
 134            when debugging signing implementations */
 135         for (i = 0-sign_range; i <= 0+sign_range; i++) {
 136                 /*
 137                  * Firstly put the sequence number into the first 4 bytes.
 138                  * and zero out the next 4 bytes.
 139                  */
 140                 SIVAL(sequence_buf, 0, seq_num + i);
 141                 SIVAL(sequence_buf, 4, 0);
 142
 143                 /* get a copy of the server-sent mac */
 144                 server_sent_mac = &in->hdr[HDR_SS_FIELD];
 145
 146                 /* Calculate the 16 byte MAC and place first 8 bytes into the field. */
 147                 MD5Init(&md5_ctx);
 148                 MD5Update(&md5_ctx, mac_key->data,
 149                           mac_key->length);
 150                 MD5Update(&md5_ctx, in->hdr, HDR_SS_FIELD);
 151                 MD5Update(&md5_ctx, sequence_buf, sizeof(sequence_buf));
 152
 153                 MD5Update(&md5_ctx, in->hdr + offset_end_of_sig,
 154                           in->size - NBT_HDR_SIZE - (offset_end_of_sig));
 155                 MD5Final(calc_md5_mac, &md5_ctx);
 156
 157                 good = (memcmp(server_sent_mac, calc_md5_mac, 8) == 0);
 158
 159                 if (good) break;
 160         }
 161
 162         if (good && i != 0) {
 163                 DEBUG(0,("SIGNING OFFSET %d (should be %d)\n", i, seq_num));
 164         }
 165
 166         if (!good) {
 167                 DEBUG(5, ("check_signed_incoming_message: BAD SIG (seq: %d): wanted SMB signature of\n", seq_num + i));
 168                 dump_data(5, calc_md5_mac, 8);
 169
 170                 DEBUG(5, ("check_signed_incoming_message: BAD SIG (seq: %d): got SMB signature of\n", seq_num + i));
 171                 dump_data(5, server_sent_mac, 8);
 172         } else {
 173                 DEBUG(15, ("check_signed_incoming_message: GOOD SIG (seq: %d): got SMB signature of\n", seq_num + i));
 174                 dump_data(5, server_sent_mac, 8);
 175         }
 176         return good;
 177 }
 178
 179 /***********************************************************
 180  SMB signing - Simple implementation - calculate a MAC to send.
 181 ************************************************************/
 182 void smbcli_request_calculate_sign_mac(struct smbcli_request *req)
 183 {
 184 #if 0
 185         /* enable this when packet signing is preventing you working out why valgrind
 186            says that data is uninitialised */
 187         file_save("pkt.dat", req->out.buffer, req->out.size);
 188 #endif
 189
 190         switch (req->transport->negotiate.sign_info.signing_state) {
 191         case SMB_SIGNING_ENGINE_OFF:
 192                 break;
 193
 194         case SMB_SIGNING_ENGINE_BSRSPYL:
 195                 /* mark the packet as signed - BEFORE we sign it...*/
 196                 mark_packet_signed(&req->out);
 197
 198                 /* I wonder what BSRSPYL stands for - but this is what MS
 199                    actually sends! */
 200                 memcpy((req->out.hdr + HDR_SS_FIELD), "BSRSPYL ", 8);
 201                 break;
 202
 203         case SMB_SIGNING_ENGINE_ON:
 204
 205                 req->seq_num = req->transport->negotiate.sign_info.next_seq_num;
 206
 207                 /* some requests (eg. NTcancel) are one way, and the sequence number
 208                    should be increased by 1 not 2 */
 209                 if (req->sign_single_increment) {
 210                         req->transport->negotiate.sign_info.next_seq_num += 1;
 211                 } else {
 212                         req->transport->negotiate.sign_info.next_seq_num += 2;
 213                 }
 214
 215                 sign_outgoing_message(&req->out,
 216                                       &req->transport->negotiate.sign_info.mac_key,
 217                                       req->seq_num);
 218                 break;
 219         }
 220         return;
 221 }
 222
 223
 224 /**
 225  SMB signing - NULL implementation
 226
 227  @note Used as an initialisation only - it will not correctly
 228        shut down a real signing mechanism
 229 */
 230 static BOOL smbcli_set_signing_off(struct smb_signing_context *sign_info)
 231 {
 232         sign_info->doing_signing = False;
 233         data_blob_free(&sign_info->mac_key);
 234         sign_info->signing_state = SMB_SIGNING_ENGINE_OFF;
 235         return True;
 236 }
 237
 238 /**
 239  SMB signing - TEMP implementation - setup the MAC key.
 240
 241 */
 242 BOOL smbcli_temp_set_signing(struct smbcli_transport *transport)
 243 {
 244         if (!set_smb_signing_common(transport)) {
 245                 return False;
 246         }
 247         smbcli_set_signing_off(&transport->negotiate.sign_info);
 248
 249         transport->negotiate.sign_info.mac_key = data_blob(NULL, 0);
 250         transport->negotiate.sign_info.signing_state = SMB_SIGNING_ENGINE_BSRSPYL;
 251
 252         return True;
 253 }
 254
 255 /***********************************************************
 256  SMB signing - Simple implementation - check a MAC sent by server.
 257 ************************************************************/
 258 /**
 259  * Check a packet supplied by the server.
 260  * @return False if we had an established signing connection
 261  *         which had a back checksum, True otherwise
 262  */
 263 BOOL smbcli_request_check_sign_mac(struct smbcli_request *req)
 264 {
 265         BOOL good;
 266
 267         switch (req->transport->negotiate.sign_info.signing_state)
 268         {
 269         case SMB_SIGNING_ENGINE_OFF:
 270                 return True;
 271         case SMB_SIGNING_ENGINE_BSRSPYL:
 272         case SMB_SIGNING_ENGINE_ON:
 273         {
 274                 if (req->in.size < (HDR_SS_FIELD + 8)) {
 275                         return False;
 276                 } else {
 277                         good = check_signed_incoming_message(&req->in,
 278                                                              &req->transport->negotiate.sign_info.mac_key,
 279                                                              req->seq_num+1);
 280
 281                         return signing_good(&req->transport->negotiate.sign_info,
 282                                             req->seq_num+1, good);
 283                 }
 284         }
 285         }
 286         return False;
 287 }
 288
 289
 290 /***********************************************************
 291  SMB signing - Simple implementation - setup the MAC key.
 292 ************************************************************/
 293 static BOOL smbcli_simple_set_signing(struct smb_signing_context *sign_info,
 294                                       const DATA_BLOB user_session_key,
 295                                       const DATA_BLOB response)
 296 {
 297         if (sign_info->mandatory_signing) {
 298                 DEBUG(5, ("Mandatory SMB signing enabled!\n"));
 299         }
 300
 301         DEBUG(5, ("SMB signing enabled!\n"));
 302
 303         sign_info->mac_key = data_blob(NULL, response.length + user_session_key.length);
 304
 305         memcpy(&sign_info->mac_key.data[0], user_session_key.data, user_session_key.length);
 306
 307         if (response.length) {
 308                 memcpy(&sign_info->mac_key.data[user_session_key.length],response.data, response.length);
 309         }
 310
 311         dump_data_pw("Started Signing with key:\n", sign_info->mac_key.data, sign_info->mac_key.length);
 312
 313         /* Initialise the sequence number */
 314         sign_info->next_seq_num = 0;
 315
 316         sign_info->signing_state = SMB_SIGNING_ENGINE_ON;
 317
 318         return True;
 319 }
 320
 321
 322 /***********************************************************
 323  SMB signing - Simple implementation - setup the MAC key.
 324 ************************************************************/
 325 BOOL smbcli_transport_simple_set_signing(struct smbcli_transport *transport,
 326                                          const DATA_BLOB user_session_key,
 327                                          const DATA_BLOB response)
 328 {
 329         if (!set_smb_signing_common(transport)) {
 330                 return False;
 331         }
 332
 333         return smbcli_simple_set_signing(&transport->negotiate.sign_info,
 334                                          user_session_key,
 335                                          response);
 336 }
 337
 338
 339 BOOL smbcli_init_signing(struct smbcli_transport *transport)
 340 {
 341         transport->negotiate.sign_info.mac_key = data_blob(NULL, 0);
 342         if (!smbcli_set_signing_off(&transport->negotiate.sign_info)) {
 343                 return False;
 344         }
 345
 346         switch (lp_client_signing()) {
 347         case SMB_SIGNING_OFF:
 348                 transport->negotiate.sign_info.allow_smb_signing = False;
 349                 break;
 350         case SMB_SIGNING_SUPPORTED:
 351                 transport->negotiate.sign_info.allow_smb_signing = True;
 352                 break;
 353         case SMB_SIGNING_REQUIRED:
 354                 transport->negotiate.sign_info.allow_smb_signing = True;
 355                 transport->negotiate.sign_info.mandatory_signing = True;
 356                 break;
 357         }
 358         return True;
 359 }