xref: /freebsd/crypto/heimdal/lib/krb5/rd_safe.c (revision 5f4c09dd85bff675e0ca63c55ea3c517e0fddfcc)
1 /*
2  * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan
3  * (Royal Institute of Technology, Stockholm, Sweden).
4  * All rights reserved.
5  *
6  * Redistribution and use in source and binary forms, with or without
7  * modification, are permitted provided that the following conditions
8  * are met:
9  *
10  * 1. Redistributions of source code must retain the above copyright
11  *    notice, this list of conditions and the following disclaimer.
12  *
13  * 2. Redistributions in binary form must reproduce the above copyright
14  *    notice, this list of conditions and the following disclaimer in the
15  *    documentation and/or other materials provided with the distribution.
16  *
17  * 3. Neither the name of the Institute nor the names of its contributors
18  *    may be used to endorse or promote products derived from this software
19  *    without specific prior written permission.
20  *
21  * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24  * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31  * SUCH DAMAGE.
32  */
33 
34 #include "krb5_locl.h"
35 
36 static krb5_error_code
37 verify_checksum(krb5_context context,
38 		krb5_auth_context auth_context,
39 		KRB_SAFE *safe)
40 {
41     krb5_error_code ret;
42     u_char *buf;
43     size_t buf_size;
44     size_t len = 0;
45     Checksum c;
46     krb5_crypto crypto;
47     krb5_keyblock *key;
48 
49     c = safe->cksum;
50     safe->cksum.cksumtype       = 0;
51     safe->cksum.checksum.data   = NULL;
52     safe->cksum.checksum.length = 0;
53 
54     ASN1_MALLOC_ENCODE(KRB_SAFE, buf, buf_size, safe, &len, ret);
55     if(ret)
56 	return ret;
57     if(buf_size != len)
58 	krb5_abortx(context, "internal error in ASN.1 encoder");
59 
60     if (auth_context->remote_subkey)
61 	key = auth_context->remote_subkey;
62     else if (auth_context->local_subkey)
63 	key = auth_context->local_subkey;
64     else
65 	key = auth_context->keyblock;
66 
67     ret = krb5_crypto_init(context, key, 0, &crypto);
68     if (ret)
69 	goto out;
70     ret = krb5_verify_checksum (context,
71 				crypto,
72 				KRB5_KU_KRB_SAFE_CKSUM,
73 				buf + buf_size - len,
74 				len,
75 				&c);
76     krb5_crypto_destroy(context, crypto);
77 out:
78     safe->cksum = c;
79     free (buf);
80     return ret;
81 }
82 
83 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
84 krb5_rd_safe(krb5_context context,
85 	     krb5_auth_context auth_context,
86 	     const krb5_data *inbuf,
87 	     krb5_data *outbuf,
88 	     krb5_replay_data *outdata)
89 {
90     krb5_error_code ret;
91     KRB_SAFE safe;
92     size_t len;
93 
94     krb5_data_zero(outbuf);
95 
96     if ((auth_context->flags &
97 	 (KRB5_AUTH_CONTEXT_RET_TIME | KRB5_AUTH_CONTEXT_RET_SEQUENCE)))
98     {
99 	if (outdata == NULL) {
100 	    krb5_set_error_message(context, KRB5_RC_REQUIRED,
101 				   N_("rd_safe: need outdata "
102 				      "to return data", ""));
103 	    return KRB5_RC_REQUIRED; /* XXX better error, MIT returns this */
104 	}
105 	/* if these fields are not present in the safe-part, silently
106            return zero */
107 	memset(outdata, 0, sizeof(*outdata));
108     }
109 
110     ret = decode_KRB_SAFE (inbuf->data, inbuf->length, &safe, &len);
111     if (ret)
112 	return ret;
113     if (safe.pvno != 5) {
114 	ret = KRB5KRB_AP_ERR_BADVERSION;
115 	krb5_clear_error_message (context);
116 	goto failure;
117     }
118     if (safe.msg_type != krb_safe) {
119 	ret = KRB5KRB_AP_ERR_MSG_TYPE;
120 	krb5_clear_error_message (context);
121 	goto failure;
122     }
123     if (!krb5_checksum_is_keyed(context, safe.cksum.cksumtype)
124 	|| !krb5_checksum_is_collision_proof(context, safe.cksum.cksumtype)) {
125 	ret = KRB5KRB_AP_ERR_INAPP_CKSUM;
126 	krb5_clear_error_message (context);
127 	goto failure;
128     }
129 
130     /* check sender address */
131 
132     if (safe.safe_body.s_address
133 	&& auth_context->remote_address
134 	&& !krb5_address_compare (context,
135 				  auth_context->remote_address,
136 				  safe.safe_body.s_address)) {
137 	ret = KRB5KRB_AP_ERR_BADADDR;
138 	krb5_clear_error_message (context);
139 	goto failure;
140     }
141 
142     /* check receiver address */
143 
144     if (safe.safe_body.r_address
145 	&& auth_context->local_address
146 	&& !krb5_address_compare (context,
147 				  auth_context->local_address,
148 				  safe.safe_body.r_address)) {
149 	ret = KRB5KRB_AP_ERR_BADADDR;
150 	krb5_clear_error_message (context);
151 	goto failure;
152     }
153 
154     /* check timestamp */
155     if (auth_context->flags & KRB5_AUTH_CONTEXT_DO_TIME) {
156 	krb5_timestamp sec;
157 
158 	krb5_timeofday (context, &sec);
159 
160 	if (safe.safe_body.timestamp == NULL ||
161 	    safe.safe_body.usec      == NULL ||
162 	    abs(*safe.safe_body.timestamp - sec) > context->max_skew) {
163 	    ret = KRB5KRB_AP_ERR_SKEW;
164 	    krb5_clear_error_message (context);
165 	    goto failure;
166 	}
167     }
168     /* XXX - check replay cache */
169 
170     /* check sequence number. since MIT krb5 cannot generate a sequence
171        number of zero but instead generates no sequence number, we accept that
172     */
173 
174     if (auth_context->flags & KRB5_AUTH_CONTEXT_DO_SEQUENCE) {
175 	if ((safe.safe_body.seq_number == NULL
176 	     && auth_context->remote_seqnumber != 0)
177 	    || (safe.safe_body.seq_number != NULL
178 		&& *safe.safe_body.seq_number !=
179 		auth_context->remote_seqnumber)) {
180 	    ret = KRB5KRB_AP_ERR_BADORDER;
181 	    krb5_clear_error_message (context);
182 	    goto failure;
183 	}
184 	auth_context->remote_seqnumber++;
185     }
186 
187     ret = verify_checksum (context, auth_context, &safe);
188     if (ret)
189 	goto failure;
190 
191     outbuf->length = safe.safe_body.user_data.length;
192     outbuf->data   = malloc(outbuf->length);
193     if (outbuf->data == NULL && outbuf->length != 0) {
194 	ret = ENOMEM;
195 	krb5_set_error_message(context, ret, N_("malloc: out of memory", ""));
196 	krb5_data_zero(outbuf);
197 	goto failure;
198     }
199     memcpy (outbuf->data, safe.safe_body.user_data.data, outbuf->length);
200 
201     if ((auth_context->flags &
202 	 (KRB5_AUTH_CONTEXT_RET_TIME | KRB5_AUTH_CONTEXT_RET_SEQUENCE))) {
203 
204 	if(safe.safe_body.timestamp)
205 	    outdata->timestamp = *safe.safe_body.timestamp;
206 	if(safe.safe_body.usec)
207 	    outdata->usec = *safe.safe_body.usec;
208 	if(safe.safe_body.seq_number)
209 	    outdata->seq = *safe.safe_body.seq_number;
210     }
211 
212   failure:
213     free_KRB_SAFE (&safe);
214     return ret;
215 }
216