1 /*	$NetBSD: rd_safe.c,v 1.1.1.1 2011/04/13 18:15:37 elric Exp $	*/
2 
3 /*
4  * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan
5  * (Royal Institute of Technology, Stockholm, Sweden).
6  * All rights reserved.
7  *
8  * Redistribution and use in source and binary forms, with or without
9  * modification, are permitted provided that the following conditions
10  * are met:
11  *
12  * 1. Redistributions of source code must retain the above copyright
13  *    notice, this list of conditions and the following disclaimer.
14  *
15  * 2. Redistributions in binary form must reproduce the above copyright
16  *    notice, this list of conditions and the following disclaimer in the
17  *    documentation and/or other materials provided with the distribution.
18  *
19  * 3. Neither the name of the Institute nor the names of its contributors
20  *    may be used to endorse or promote products derived from this software
21  *    without specific prior written permission.
22  *
23  * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
24  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
25  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
26  * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
27  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
28  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
29  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
30  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
31  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
32  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
33  * SUCH DAMAGE.
34  */
35 
36 #include "krb5_locl.h"
37 
38 static krb5_error_code
39 verify_checksum(krb5_context context,
40 		krb5_auth_context auth_context,
41 		KRB_SAFE *safe)
42 {
43     krb5_error_code ret;
44     u_char *buf;
45     size_t buf_size;
46     size_t len;
47     Checksum c;
48     krb5_crypto crypto;
49     krb5_keyblock *key;
50 
51     c = safe->cksum;
52     safe->cksum.cksumtype       = 0;
53     safe->cksum.checksum.data   = NULL;
54     safe->cksum.checksum.length = 0;
55 
56     ASN1_MALLOC_ENCODE(KRB_SAFE, buf, buf_size, safe, &len, ret);
57     if(ret)
58 	return ret;
59     if(buf_size != len)
60 	krb5_abortx(context, "internal error in ASN.1 encoder");
61 
62     if (auth_context->remote_subkey)
63 	key = auth_context->remote_subkey;
64     else if (auth_context->local_subkey)
65 	key = auth_context->local_subkey;
66     else
67 	key = auth_context->keyblock;
68 
69     ret = krb5_crypto_init(context, key, 0, &crypto);
70     if (ret)
71 	goto out;
72     ret = krb5_verify_checksum (context,
73 				crypto,
74 				KRB5_KU_KRB_SAFE_CKSUM,
75 				buf + buf_size - len,
76 				len,
77 				&c);
78     krb5_crypto_destroy(context, crypto);
79 out:
80     safe->cksum = c;
81     free (buf);
82     return ret;
83 }
84 
85 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
86 krb5_rd_safe(krb5_context context,
87 	     krb5_auth_context auth_context,
88 	     const krb5_data *inbuf,
89 	     krb5_data *outbuf,
90 	     krb5_replay_data *outdata)
91 {
92     krb5_error_code ret;
93     KRB_SAFE safe;
94     size_t len;
95 
96     krb5_data_zero(outbuf);
97 
98     if ((auth_context->flags &
99 	 (KRB5_AUTH_CONTEXT_RET_TIME | KRB5_AUTH_CONTEXT_RET_SEQUENCE)))
100     {
101 	if (outdata == NULL) {
102 	    krb5_set_error_message(context, KRB5_RC_REQUIRED,
103 				   N_("rd_safe: need outdata "
104 				      "to return data", ""));
105 	    return KRB5_RC_REQUIRED; /* XXX better error, MIT returns this */
106 	}
107 	/* if these fields are not present in the safe-part, silently
108            return zero */
109 	memset(outdata, 0, sizeof(*outdata));
110     }
111 
112     ret = decode_KRB_SAFE (inbuf->data, inbuf->length, &safe, &len);
113     if (ret)
114 	return ret;
115     if (safe.pvno != 5) {
116 	ret = KRB5KRB_AP_ERR_BADVERSION;
117 	krb5_clear_error_message (context);
118 	goto failure;
119     }
120     if (safe.msg_type != krb_safe) {
121 	ret = KRB5KRB_AP_ERR_MSG_TYPE;
122 	krb5_clear_error_message (context);
123 	goto failure;
124     }
125     if (!krb5_checksum_is_keyed(context, safe.cksum.cksumtype)
126 	|| !krb5_checksum_is_collision_proof(context, safe.cksum.cksumtype)) {
127 	ret = KRB5KRB_AP_ERR_INAPP_CKSUM;
128 	krb5_clear_error_message (context);
129 	goto failure;
130     }
131 
132     /* check sender address */
133 
134     if (safe.safe_body.s_address
135 	&& auth_context->remote_address
136 	&& !krb5_address_compare (context,
137 				  auth_context->remote_address,
138 				  safe.safe_body.s_address)) {
139 	ret = KRB5KRB_AP_ERR_BADADDR;
140 	krb5_clear_error_message (context);
141 	goto failure;
142     }
143 
144     /* check receiver address */
145 
146     if (safe.safe_body.r_address
147 	&& auth_context->local_address
148 	&& !krb5_address_compare (context,
149 				  auth_context->local_address,
150 				  safe.safe_body.r_address)) {
151 	ret = KRB5KRB_AP_ERR_BADADDR;
152 	krb5_clear_error_message (context);
153 	goto failure;
154     }
155 
156     /* check timestamp */
157     if (auth_context->flags & KRB5_AUTH_CONTEXT_DO_TIME) {
158 	krb5_timestamp sec;
159 
160 	krb5_timeofday (context, &sec);
161 
162 	if (safe.safe_body.timestamp == NULL ||
163 	    safe.safe_body.usec      == NULL ||
164 	    abs(*safe.safe_body.timestamp - sec) > context->max_skew) {
165 	    ret = KRB5KRB_AP_ERR_SKEW;
166 	    krb5_clear_error_message (context);
167 	    goto failure;
168 	}
169     }
170     /* XXX - check replay cache */
171 
172     /* check sequence number. since MIT krb5 cannot generate a sequence
173        number of zero but instead generates no sequence number, we accept that
174     */
175 
176     if (auth_context->flags & KRB5_AUTH_CONTEXT_DO_SEQUENCE) {
177 	if ((safe.safe_body.seq_number == NULL
178 	     && auth_context->remote_seqnumber != 0)
179 	    || (safe.safe_body.seq_number != NULL
180 		&& *safe.safe_body.seq_number !=
181 		auth_context->remote_seqnumber)) {
182 	    ret = KRB5KRB_AP_ERR_BADORDER;
183 	    krb5_clear_error_message (context);
184 	    goto failure;
185 	}
186 	auth_context->remote_seqnumber++;
187     }
188 
189     ret = verify_checksum (context, auth_context, &safe);
190     if (ret)
191 	goto failure;
192 
193     outbuf->length = safe.safe_body.user_data.length;
194     outbuf->data   = malloc(outbuf->length);
195     if (outbuf->data == NULL && outbuf->length != 0) {
196 	ret = ENOMEM;
197 	krb5_set_error_message(context, ret, N_("malloc: out of memory", ""));
198 	krb5_data_zero(outbuf);
199 	goto failure;
200     }
201     memcpy (outbuf->data, safe.safe_body.user_data.data, outbuf->length);
202 
203     if ((auth_context->flags &
204 	 (KRB5_AUTH_CONTEXT_RET_TIME | KRB5_AUTH_CONTEXT_RET_SEQUENCE))) {
205 
206 	if(safe.safe_body.timestamp)
207 	    outdata->timestamp = *safe.safe_body.timestamp;
208 	if(safe.safe_body.usec)
209 	    outdata->usec = *safe.safe_body.usec;
210 	if(safe.safe_body.seq_number)
211 	    outdata->seq = *safe.safe_body.seq_number;
212     }
213 
214   failure:
215     free_KRB_SAFE (&safe);
216     return ret;
217 }
218