]>
Commit | Line | Data |
---|---|---|
800d775e UD |
1 | #if defined(LIBC_SCCS) && !defined(lint) |
2 | static char sccsid[] = "@(#)auth_des.c 2.2 88/07/29 4.0 RPCSRC; from 1.9 88/02/08 SMI"; | |
3 | #endif | |
4 | /* | |
5 | * Sun RPC is a product of Sun Microsystems, Inc. and is provided for | |
6 | * unrestricted use provided that this legend is included on all tape | |
7 | * media and as a part of the software program in whole or part. Users | |
8 | * may copy or modify Sun RPC without charge, but are not authorized | |
9 | * to license or distribute it to anyone else except as part of a product or | |
10 | * program developed by the user. | |
11 | * | |
12 | * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE | |
13 | * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR | |
14 | * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE. | |
15 | * | |
16 | * Sun RPC is provided with no support and without any obligation on the | |
17 | * part of Sun Microsystems, Inc. to assist in its use, correction, | |
18 | * modification or enhancement. | |
19 | * | |
20 | * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE | |
21 | * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC | |
22 | * OR ANY PART THEREOF. | |
23 | * | |
24 | * In no event will Sun Microsystems, Inc. be liable for any lost revenue | |
25 | * or profits or other special, indirect and consequential damages, even if | |
26 | * Sun has been advised of the possibility of such damages. | |
27 | * | |
28 | * Sun Microsystems, Inc. | |
29 | * 2550 Garcia Avenue | |
30 | * Mountain View, California 94043 | |
31 | */ | |
32 | /* | |
33 | * Copyright (c) 1988 by Sun Microsystems, Inc. | |
34 | */ | |
35 | /* | |
36 | * auth_des.c, client-side implementation of DES authentication | |
37 | */ | |
38 | ||
39 | #include <string.h> | |
40 | #include <rpc/des_crypt.h> | |
41 | #include <rpc/types.h> | |
42 | #include <rpc/auth.h> | |
43 | #include <rpc/auth_des.h> | |
44 | #include <rpc/xdr.h> | |
45 | #include <netinet/in.h> /* XXX: just to get htonl() and ntohl() */ | |
46 | #include <sys/socket.h> | |
47 | ||
48 | #define MILLION 1000000L | |
49 | #define RTIME_TIMEOUT 5 /* seconds to wait for sync */ | |
50 | ||
51 | #define AUTH_PRIVATE(auth) (struct ad_private *) auth->ah_private | |
52 | #define ALLOC(object_type) (object_type *) mem_alloc(sizeof(object_type)) | |
53 | #define FREE(ptr, size) mem_free((char *)(ptr), (int) size) | |
54 | #define ATTEMPT(xdr_op) if (!(xdr_op)) return (FALSE) | |
55 | ||
56 | #define debug(msg) /* printf("%s\n", msg) */ | |
57 | ||
58 | extern int rtime (struct sockaddr_in *, struct timeval *, struct timeval *); | |
59 | extern bool_t xdr_authdes_cred (XDR *, struct authdes_cred *); | |
60 | extern bool_t xdr_authdes_verf (XDR *, struct authdes_verf *); | |
61 | ||
62 | /* | |
63 | * DES authenticator operations vector | |
64 | */ | |
800d775e UD |
65 | static void authdes_nextverf (AUTH *); |
66 | static bool_t authdes_marshal (AUTH *, XDR *); | |
67 | static bool_t authdes_validate (AUTH *, struct opaque_auth *); | |
68 | static bool_t authdes_refresh (AUTH *); | |
69 | static void authdes_destroy (AUTH *); | |
dfd2257a UD |
70 | static bool_t synchronize (struct sockaddr *, struct timeval *) |
71 | internal_function; | |
800d775e UD |
72 | |
73 | static struct auth_ops authdes_ops = | |
74 | { | |
75 | authdes_nextverf, | |
76 | authdes_marshal, | |
77 | authdes_validate, | |
78 | authdes_refresh, | |
79 | authdes_destroy | |
80 | }; | |
81 | ||
82 | ||
83 | /* | |
84 | * This struct is pointed to by the ah_private field of an "AUTH *" | |
85 | */ | |
86 | struct ad_private | |
87 | { | |
88 | char *ad_fullname; /* client's full name */ | |
89 | u_int ad_fullnamelen; /* length of name, rounded up */ | |
90 | char *ad_servername; /* server's full name */ | |
91 | u_int ad_servernamelen; /* length of name, rounded up */ | |
92 | u_int ad_window; /* client specified window */ | |
93 | bool_t ad_dosync; /* synchronize? */ | |
94 | struct sockaddr ad_syncaddr; /* remote host to synch with */ | |
95 | struct timeval ad_timediff; /* server's time - client's time */ | |
96 | u_long ad_nickname; /* server's nickname for client */ | |
97 | struct authdes_cred ad_cred; /* storage for credential */ | |
98 | struct authdes_verf ad_verf; /* storage for verifier */ | |
99 | struct timeval ad_timestamp; /* timestamp sent */ | |
100 | des_block ad_xkey; /* encrypted conversation key */ | |
101 | u_char ad_pkey[1024]; /* Servers actual public key */ | |
102 | }; | |
103 | ||
104 | ||
105 | /* | |
106 | * Create the client des authentication object | |
107 | */ | |
108 | AUTH * | |
9a0a462c | 109 | authdes_create (const char *servername, u_int window, |
26a60f90 | 110 | struct sockaddr *syncaddr, des_block *ckey) |
800d775e UD |
111 | /* servername - network name of server */ |
112 | /* window - time to live */ | |
113 | /* syncaddr - optional addr of host to sync with */ | |
114 | /* ckey - optional conversation key to use */ | |
115 | { | |
116 | u_char pkey_data[1024]; | |
117 | netobj pkey; | |
118 | ||
119 | if (!getpublickey (servername, pkey_data)) | |
120 | return (NULL); | |
121 | ||
122 | pkey.n_bytes = (char *) pkey_data; | |
123 | pkey.n_len = strlen ((char *) pkey_data) + 1; | |
124 | return authdes_pk_create (servername, &pkey, window, syncaddr, ckey); | |
125 | } | |
126 | ||
127 | AUTH * | |
26a60f90 UD |
128 | authdes_pk_create (const char *servername, netobj *pkey, u_int window, |
129 | struct sockaddr *syncaddr, des_block *ckey) | |
800d775e UD |
130 | { |
131 | AUTH *auth; | |
132 | struct ad_private *ad; | |
133 | char namebuf[MAXNETNAMELEN + 1]; | |
134 | ||
135 | /* | |
136 | * Allocate everything now | |
137 | */ | |
138 | auth = ALLOC (AUTH); | |
139 | ad = ALLOC (struct ad_private); | |
dfd2257a | 140 | memset (ad, 0, sizeof (struct ad_private)); |
800d775e UD |
141 | memcpy (ad->ad_pkey, pkey->n_bytes, pkey->n_len); |
142 | if (!getnetname (namebuf)) | |
143 | goto failed; | |
144 | ad->ad_fullnamelen = RNDUP (strlen (namebuf)); | |
145 | ad->ad_fullname = mem_alloc (ad->ad_fullnamelen + 1); | |
146 | ||
147 | ad->ad_servernamelen = strlen (servername); | |
148 | ad->ad_servername = mem_alloc (ad->ad_servernamelen + 1); | |
149 | ||
150 | if (auth == NULL || ad == NULL || ad->ad_fullname == NULL || | |
151 | ad->ad_servername == NULL) | |
152 | { | |
153 | debug ("authdes_create: out of memory"); | |
154 | goto failed; | |
155 | } | |
156 | ||
157 | /* | |
158 | * Set up private data | |
159 | */ | |
160 | bcopy (namebuf, ad->ad_fullname, ad->ad_fullnamelen + 1); | |
161 | bcopy (servername, ad->ad_servername, ad->ad_servernamelen + 1); | |
9a0a462c | 162 | ad->ad_timediff.tv_sec = ad->ad_timediff.tv_usec = 0; |
800d775e UD |
163 | if (syncaddr != NULL) |
164 | { | |
165 | ad->ad_syncaddr = *syncaddr; | |
166 | ad->ad_dosync = TRUE; | |
167 | } | |
168 | else | |
169 | ad->ad_dosync = FALSE; | |
170 | ||
171 | ad->ad_window = window; | |
172 | if (ckey == NULL) | |
173 | { | |
174 | if (key_gendes (&auth->ah_key) < 0) | |
175 | { | |
176 | debug ("authdes_create: unable to gen conversation key"); | |
177 | return (NULL); | |
178 | } | |
179 | } | |
180 | else | |
181 | auth->ah_key = *ckey; | |
182 | ||
183 | /* | |
184 | * Set up auth handle | |
185 | */ | |
186 | auth->ah_cred.oa_flavor = AUTH_DES; | |
187 | auth->ah_verf.oa_flavor = AUTH_DES; | |
188 | auth->ah_ops = &authdes_ops; | |
189 | auth->ah_private = (caddr_t) ad; | |
190 | ||
191 | if (!authdes_refresh (auth)) | |
192 | goto failed; | |
193 | ||
194 | return (auth); | |
195 | ||
196 | failed: | |
197 | if (auth != NULL) | |
198 | FREE (auth, sizeof (AUTH)); | |
199 | if (ad != NULL) | |
9a0a462c | 200 | { |
9a0a462c UD |
201 | if (ad->ad_fullname != NULL) |
202 | FREE (ad->ad_fullname, ad->ad_fullnamelen + 1); | |
203 | if (ad->ad_servername != NULL) | |
204 | FREE (ad->ad_servername, ad->ad_servernamelen + 1); | |
dfd2257a | 205 | FREE (ad, sizeof (struct ad_private)); |
9a0a462c | 206 | } |
800d775e UD |
207 | return (NULL); |
208 | } | |
209 | ||
210 | /* | |
211 | * Implement the five authentication operations | |
212 | */ | |
213 | ||
214 | ||
215 | /* | |
216 | * 1. Next Verifier | |
217 | */ | |
218 | /*ARGSUSED */ | |
219 | static void | |
220 | authdes_nextverf (AUTH * auth) | |
221 | { | |
222 | /* what the heck am I supposed to do??? */ | |
223 | } | |
224 | ||
225 | ||
226 | ||
227 | /* | |
228 | * 2. Marshal | |
229 | */ | |
230 | static bool_t | |
231 | authdes_marshal (AUTH * auth, XDR * xdrs) | |
232 | { | |
233 | struct ad_private *ad = AUTH_PRIVATE (auth); | |
234 | struct authdes_cred *cred = &ad->ad_cred; | |
235 | struct authdes_verf *verf = &ad->ad_verf; | |
236 | des_block cryptbuf[2]; | |
237 | des_block ivec; | |
238 | int status; | |
239 | int len; | |
240 | register long *ixdr; | |
241 | ||
242 | /* | |
243 | * Figure out the "time", accounting for any time difference | |
244 | * with the server if necessary. | |
245 | */ | |
246 | gettimeofday (&ad->ad_timestamp, (struct timezone *) NULL); | |
247 | ad->ad_timestamp.tv_sec += ad->ad_timediff.tv_sec; | |
248 | ad->ad_timestamp.tv_usec += ad->ad_timediff.tv_usec; | |
249 | if (ad->ad_timestamp.tv_usec >= MILLION) | |
250 | { | |
251 | ad->ad_timestamp.tv_usec -= MILLION; | |
252 | ad->ad_timestamp.tv_sec += 1; | |
253 | } | |
254 | ||
255 | /* | |
256 | * XDR the timestamp and possibly some other things, then | |
257 | * encrypt them. | |
258 | */ | |
259 | ixdr = (long *) cryptbuf; | |
260 | IXDR_PUT_LONG (ixdr, ad->ad_timestamp.tv_sec); | |
261 | IXDR_PUT_LONG (ixdr, ad->ad_timestamp.tv_usec); | |
262 | if (ad->ad_cred.adc_namekind == ADN_FULLNAME) | |
263 | { | |
264 | IXDR_PUT_U_LONG (ixdr, ad->ad_window); | |
265 | IXDR_PUT_U_LONG (ixdr, ad->ad_window - 1); | |
266 | ivec.key.high = ivec.key.low = 0; | |
267 | status = cbc_crypt ((char *) &auth->ah_key, (char *) cryptbuf, | |
268 | 2 * sizeof (des_block), DES_ENCRYPT | DES_HW, (char *) &ivec); | |
269 | } | |
270 | else | |
271 | { | |
272 | status = ecb_crypt ((char *) &auth->ah_key, (char *) cryptbuf, | |
273 | sizeof (des_block), DES_ENCRYPT | DES_HW); | |
274 | } | |
275 | if (DES_FAILED (status)) | |
276 | { | |
277 | debug ("authdes_marshal: DES encryption failure"); | |
278 | return (FALSE); | |
279 | } | |
280 | ad->ad_verf.adv_xtimestamp = cryptbuf[0]; | |
281 | if (ad->ad_cred.adc_namekind == ADN_FULLNAME) | |
282 | { | |
283 | ad->ad_cred.adc_fullname.window = cryptbuf[1].key.high; | |
284 | ad->ad_verf.adv_winverf = cryptbuf[1].key.low; | |
285 | } | |
286 | else | |
287 | { | |
288 | ad->ad_cred.adc_nickname = ad->ad_nickname; | |
289 | ad->ad_verf.adv_winverf = 0; | |
290 | } | |
291 | ||
292 | /* | |
293 | * Serialize the credential and verifier into opaque | |
294 | * authentication data. | |
295 | */ | |
296 | if (ad->ad_cred.adc_namekind == ADN_FULLNAME) | |
297 | { | |
298 | len = ((1 + 1 + 2 + 1) * BYTES_PER_XDR_UNIT + ad->ad_fullnamelen); | |
299 | } | |
300 | else | |
301 | { | |
302 | len = (1 + 1) * BYTES_PER_XDR_UNIT; | |
303 | } | |
304 | ||
305 | if ((ixdr = xdr_inline (xdrs, 2 * BYTES_PER_XDR_UNIT)) != NULL) | |
306 | { | |
307 | IXDR_PUT_LONG (ixdr, AUTH_DES); | |
308 | IXDR_PUT_LONG (ixdr, len); | |
309 | } | |
310 | else | |
311 | { | |
312 | ATTEMPT (xdr_putlong (xdrs, (long *)&auth->ah_cred.oa_flavor)); | |
313 | ATTEMPT (xdr_putlong (xdrs, (long *)&len)); | |
314 | } | |
315 | ATTEMPT (xdr_authdes_cred (xdrs, cred)); | |
316 | ||
317 | len = (2 + 1) * BYTES_PER_XDR_UNIT; | |
318 | if ((ixdr = xdr_inline (xdrs, 2 * BYTES_PER_XDR_UNIT)) != NULL) | |
319 | { | |
320 | IXDR_PUT_LONG (ixdr, AUTH_DES); | |
321 | IXDR_PUT_LONG (ixdr, len); | |
322 | } | |
323 | else | |
324 | { | |
325 | ATTEMPT (xdr_putlong (xdrs, (long *)&auth->ah_verf.oa_flavor)); | |
326 | ATTEMPT (xdr_putlong (xdrs, (long *)&len)); | |
327 | } | |
328 | ATTEMPT (xdr_authdes_verf (xdrs, verf)); | |
329 | return (TRUE); | |
330 | } | |
331 | ||
332 | ||
333 | /* | |
334 | * 3. Validate | |
335 | */ | |
336 | static bool_t | |
337 | authdes_validate (AUTH * auth, struct opaque_auth *rverf) | |
338 | { | |
339 | struct ad_private *ad = AUTH_PRIVATE (auth); | |
340 | struct authdes_verf verf; | |
341 | int status; | |
342 | register u_long *ixdr; | |
343 | ||
344 | if (rverf->oa_length != (2 + 1) * BYTES_PER_XDR_UNIT) | |
345 | return (FALSE); | |
346 | ||
347 | ixdr = (u_long *) rverf->oa_base; | |
348 | verf.adv_xtimestamp.key.high = (u_long) * ixdr++; | |
349 | verf.adv_xtimestamp.key.low = (u_long) * ixdr++; | |
350 | verf.adv_int_u = (u_long) * ixdr++; /* nickname not XDR'd ! */ | |
351 | ||
352 | /* | |
353 | * Decrypt the timestamp | |
354 | */ | |
355 | status = ecb_crypt ((char *) &auth->ah_key, (char *) &verf.adv_xtimestamp, | |
356 | sizeof (des_block), DES_DECRYPT | DES_HW); | |
357 | ||
358 | if (DES_FAILED (status)) | |
359 | { | |
360 | debug ("authdes_validate: DES decryption failure"); | |
361 | return (FALSE); | |
362 | } | |
363 | ||
364 | /* | |
365 | * xdr the decrypted timestamp | |
366 | */ | |
367 | ixdr = (u_long *) verf.adv_xtimestamp.c; | |
368 | verf.adv_timestamp.tv_sec = IXDR_GET_LONG (ixdr) + 1; | |
369 | verf.adv_timestamp.tv_usec = IXDR_GET_LONG (ixdr); | |
370 | ||
371 | /* | |
372 | * validate | |
373 | */ | |
374 | if (bcmp ((char *) &ad->ad_timestamp, (char *) &verf.adv_timestamp, | |
375 | sizeof (struct timeval)) != 0) | |
376 | { | |
377 | debug ("authdes_validate: verifier mismatch\n"); | |
378 | return (FALSE); | |
379 | } | |
380 | ||
381 | /* | |
382 | * We have a nickname now, let's use it | |
383 | */ | |
384 | ad->ad_nickname = verf.adv_nickname; | |
385 | ad->ad_cred.adc_namekind = ADN_NICKNAME; | |
386 | return (TRUE); | |
387 | } | |
388 | ||
389 | /* | |
390 | * 4. Refresh | |
391 | */ | |
392 | static bool_t | |
393 | authdes_refresh (AUTH * auth) | |
394 | { | |
395 | netobj pkey; | |
396 | struct ad_private *ad = AUTH_PRIVATE (auth); | |
397 | struct authdes_cred *cred = &ad->ad_cred; | |
398 | ||
399 | if (ad->ad_dosync && | |
400 | !synchronize (&ad->ad_syncaddr, &ad->ad_timediff)) | |
401 | { | |
402 | /* | |
403 | * Hope the clocks are synced! | |
404 | */ | |
405 | ad->ad_timediff.tv_sec = ad->ad_timediff.tv_usec = 0; | |
406 | debug ("authdes_refresh: unable to synchronize with server"); | |
407 | } | |
408 | ad->ad_xkey = auth->ah_key; | |
409 | pkey.n_bytes = (char *) (ad->ad_pkey); | |
410 | pkey.n_len = strlen ((char *) ad->ad_pkey) + 1; | |
411 | if (key_encryptsession_pk (ad->ad_servername, &pkey, &ad->ad_xkey) < 0) | |
412 | { | |
413 | debug ("authdes_create: unable to encrypt conversation key"); | |
414 | return (FALSE); | |
415 | } | |
416 | cred->adc_fullname.key = ad->ad_xkey; | |
417 | cred->adc_namekind = ADN_FULLNAME; | |
418 | cred->adc_fullname.name = ad->ad_fullname; | |
419 | return (TRUE); | |
420 | } | |
421 | ||
422 | /* | |
423 | * 5. Destroy | |
424 | */ | |
425 | static void | |
426 | authdes_destroy (AUTH * auth) | |
427 | { | |
428 | struct ad_private *ad = AUTH_PRIVATE (auth); | |
429 | ||
430 | FREE (ad->ad_fullname, ad->ad_fullnamelen + 1); | |
431 | FREE (ad->ad_servername, ad->ad_servernamelen + 1); | |
432 | FREE (ad, sizeof (struct ad_private)); | |
433 | FREE (auth, sizeof (AUTH)); | |
434 | } | |
435 | ||
436 | /* | |
437 | * Synchronize with the server at the given address, that is, | |
438 | * adjust timep to reflect the delta between our clocks | |
439 | */ | |
440 | static bool_t | |
dfd2257a | 441 | internal_function |
800d775e UD |
442 | synchronize (struct sockaddr *syncaddr, struct timeval *timep) |
443 | { | |
444 | struct timeval mytime; | |
445 | struct timeval timeout; | |
446 | ||
447 | timeout.tv_sec = RTIME_TIMEOUT; | |
448 | timeout.tv_usec = 0; | |
449 | if (rtime ((struct sockaddr_in *) syncaddr, timep, &timeout) < 0) | |
450 | return (FALSE); | |
451 | ||
452 | gettimeofday (&mytime, (struct timezone *) NULL); | |
453 | timep->tv_sec -= mytime.tv_sec; | |
454 | if (mytime.tv_usec > timep->tv_usec) | |
455 | { | |
456 | timep->tv_sec -= 1; | |
457 | timep->tv_usec += MILLION; | |
458 | } | |
459 | timep->tv_usec -= mytime.tv_usec; | |
460 | return (TRUE); | |
461 | } |