xref: /freebsd/lib/libc/rpc/auth_des.c (revision f126890ac5386406dadf7c4cfa9566cbb56537c5)
1 /*-
2  * SPDX-License-Identifier: BSD-3-Clause
3  *
4  * Copyright (c) 2009, Sun Microsystems, Inc.
5  * All rights reserved.
6  *
7  * Redistribution and use in source and binary forms, with or without
8  * modification, are permitted provided that the following conditions are met:
9  * - Redistributions of source code must retain the above copyright notice,
10  *   this list of conditions and the following disclaimer.
11  * - Redistributions in binary form must reproduce the above copyright notice,
12  *   this list of conditions and the following disclaimer in the documentation
13  *   and/or other materials provided with the distribution.
14  * - Neither the name of Sun Microsystems, Inc. nor the names of its
15  *   contributors may be used to endorse or promote products derived
16  *   from this software without specific prior written permission.
17  *
18  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
19  * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
20  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
21  * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
22  * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
23  * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
24  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
25  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
26  * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
27  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
28  * POSSIBILITY OF SUCH DAMAGE.
29  */
30 /*
31  * Copyright (c) 1988 by Sun Microsystems, Inc.
32  */
33 /*
34  * auth_des.c, client-side implementation of DES authentication
35  */
36 
37 #include "namespace.h"
38 #include "reentrant.h"
39 #include <err.h>
40 #include <errno.h>
41 #include <string.h>
42 #include <stdlib.h>
43 #include <unistd.h>
44 #include <rpc/des_crypt.h>
45 #include <syslog.h>
46 #include <rpc/types.h>
47 #include <rpc/auth.h>
48 #include <rpc/auth_des.h>
49 #include <rpc/clnt.h>
50 #include <rpc/xdr.h>
51 #include <sys/socket.h>
52 #undef NIS
53 #include <rpcsvc/nis.h>
54 #include "un-namespace.h"
55 #include "mt_misc.h"
56 
57 #define USEC_PER_SEC		1000000
58 #define RTIME_TIMEOUT		5	/* seconds to wait for sync */
59 
60 #define AUTH_PRIVATE(auth)	(struct ad_private *) auth->ah_private
61 #define ALLOC(object_type)	(object_type *) mem_alloc(sizeof(object_type))
62 #define FREE(ptr, size)		mem_free((char *)(ptr), (int) size)
63 #define ATTEMPT(xdr_op)		if (!(xdr_op)) return (FALSE)
64 
65 extern bool_t xdr_authdes_cred( XDR *, struct authdes_cred *);
66 extern bool_t xdr_authdes_verf( XDR *, struct authdes_verf *);
67 extern int key_encryptsession_pk(char *, netobj *, des_block *);
68 
69 extern bool_t __rpc_get_time_offset(struct timeval *, nis_server *, char *,
70 	char **, char **);
71 
72 /*
73  * DES authenticator operations vector
74  */
75 static void	authdes_nextverf(AUTH *);
76 static bool_t	authdes_marshal(AUTH *, XDR *);
77 static bool_t	authdes_validate(AUTH *, struct opaque_auth *);
78 static bool_t	authdes_refresh(AUTH *, void *);
79 static void	authdes_destroy(AUTH *);
80 
81 static struct auth_ops *authdes_ops(void);
82 
83 /*
84  * This struct is pointed to by the ah_private field of an "AUTH *"
85  */
86 struct ad_private {
87 	char *ad_fullname; 		/* client's full name */
88 	u_int ad_fullnamelen;		/* length of name, rounded up */
89 	char *ad_servername; 		/* server's full name */
90 	u_int ad_servernamelen;		/* length of name, rounded up */
91 	u_int ad_window;	  	/* client specified window */
92 	bool_t ad_dosync;		/* synchronize? */
93 	struct netbuf ad_syncaddr;	/* remote host to synch with */
94 	char *ad_timehost;		/* remote host to synch with */
95 	struct timeval ad_timediff;	/* server's time - client's time */
96 	u_int ad_nickname;		/* server's nickname for client */
97 	struct authdes_cred ad_cred;	/* storage for credential */
98 	struct authdes_verf ad_verf;	/* storage for verifier */
99 	struct timeval ad_timestamp;	/* timestamp sent */
100 	des_block ad_xkey;		/* encrypted conversation key */
101 	u_char ad_pkey[1024];		/* Server's actual public key */
102 	char *ad_netid;			/* Timehost netid */
103 	char *ad_uaddr;			/* Timehost uaddr */
104 	nis_server *ad_nis_srvr;	/* NIS+ server struct */
105 };
106 
107 AUTH *authdes_pk_seccreate(const char *, netobj *, u_int, const char *,
108 	const des_block *, nis_server *);
109 
110 /*
111  * documented version of authdes_seccreate
112  */
113 /*
114 	servername:	network name of server
115 	win:		time to live
116 	timehost:	optional hostname to sync with
117 	ckey:		optional conversation key to use
118 */
119 
120 AUTH *
121 authdes_seccreate(const char *servername, const u_int win,
122 	const char *timehost, const des_block *ckey)
123 {
124 	u_char  pkey_data[1024];
125 	netobj  pkey;
126 	AUTH    *dummy;
127 
128 	if (! getpublickey(servername, (char *) pkey_data)) {
129 		syslog(LOG_ERR,
130 		    "authdes_seccreate: no public key found for %s",
131 		    servername);
132 		return (NULL);
133 	}
134 
135 	pkey.n_bytes = (char *) pkey_data;
136 	pkey.n_len = (u_int)strlen((char *)pkey_data) + 1;
137 	dummy = authdes_pk_seccreate(servername, &pkey, win, timehost,
138 	    ckey, NULL);
139 	return (dummy);
140 }
141 
142 /*
143  * Slightly modified version of authdessec_create which takes the public key
144  * of the server principal as an argument. This spares us a call to
145  * getpublickey() which in the nameserver context can cause a deadlock.
146  */
147 AUTH *
148 authdes_pk_seccreate(const char *servername, netobj *pkey, u_int window,
149 	const char *timehost, const des_block *ckey, nis_server *srvr)
150 {
151 	AUTH *auth;
152 	struct ad_private *ad;
153 	char namebuf[MAXNETNAMELEN+1];
154 
155 	/*
156 	 * Allocate everything now
157 	 */
158 	auth = ALLOC(AUTH);
159 	if (auth == NULL) {
160 		syslog(LOG_ERR, "authdes_pk_seccreate: out of memory");
161 		return (NULL);
162 	}
163 	ad = ALLOC(struct ad_private);
164 	if (ad == NULL) {
165 		syslog(LOG_ERR, "authdes_pk_seccreate: out of memory");
166 		goto failed;
167 	}
168 	ad->ad_fullname = ad->ad_servername = NULL; /* Sanity reasons */
169 	ad->ad_timehost = NULL;
170 	ad->ad_netid = NULL;
171 	ad->ad_uaddr = NULL;
172 	ad->ad_nis_srvr = NULL;
173 	ad->ad_timediff.tv_sec = 0;
174 	ad->ad_timediff.tv_usec = 0;
175 	memcpy(ad->ad_pkey, pkey->n_bytes, pkey->n_len);
176 	if (!getnetname(namebuf))
177 		goto failed;
178 	ad->ad_fullnamelen = RNDUP((u_int) strlen(namebuf));
179 	ad->ad_fullname = (char *)mem_alloc(ad->ad_fullnamelen + 1);
180 	ad->ad_servernamelen = strlen(servername);
181 	ad->ad_servername = (char *)mem_alloc(ad->ad_servernamelen + 1);
182 
183 	if (ad->ad_fullname == NULL || ad->ad_servername == NULL) {
184 		syslog(LOG_ERR, "authdes_seccreate: out of memory");
185 		goto failed;
186 	}
187 	if (timehost != NULL) {
188 		ad->ad_timehost = (char *)mem_alloc(strlen(timehost) + 1);
189 		if (ad->ad_timehost == NULL) {
190 			syslog(LOG_ERR, "authdes_seccreate: out of memory");
191 			goto failed;
192 		}
193 		memcpy(ad->ad_timehost, timehost, strlen(timehost) + 1);
194 		ad->ad_dosync = TRUE;
195 	} else if (srvr != NULL) {
196 		ad->ad_nis_srvr = srvr;	/* transient */
197 		ad->ad_dosync = TRUE;
198 	} else {
199 		ad->ad_dosync = FALSE;
200 	}
201 	memcpy(ad->ad_fullname, namebuf, ad->ad_fullnamelen + 1);
202 	memcpy(ad->ad_servername, servername, ad->ad_servernamelen + 1);
203 	ad->ad_window = window;
204 	if (ckey == NULL) {
205 		if (key_gendes(&auth->ah_key) < 0) {
206 			syslog(LOG_ERR,
207 	    "authdes_seccreate: keyserv(1m) is unable to generate session key");
208 			goto failed;
209 		}
210 	} else {
211 		auth->ah_key = *ckey;
212 	}
213 
214 	/*
215 	 * Set up auth handle
216 	 */
217 	auth->ah_cred.oa_flavor = AUTH_DES;
218 	auth->ah_verf.oa_flavor = AUTH_DES;
219 	auth->ah_ops = authdes_ops();
220 	auth->ah_private = (caddr_t)ad;
221 
222 	if (!authdes_refresh(auth, NULL)) {
223 		goto failed;
224 	}
225 	ad->ad_nis_srvr = NULL; /* not needed any longer */
226 	return (auth);
227 
228 failed:
229 	if (auth)
230 		FREE(auth, sizeof (AUTH));
231 	if (ad) {
232 		if (ad->ad_fullname)
233 			FREE(ad->ad_fullname, ad->ad_fullnamelen + 1);
234 		if (ad->ad_servername)
235 			FREE(ad->ad_servername, ad->ad_servernamelen + 1);
236 		if (ad->ad_timehost)
237 			FREE(ad->ad_timehost, strlen(ad->ad_timehost) + 1);
238 		if (ad->ad_netid)
239 			FREE(ad->ad_netid, strlen(ad->ad_netid) + 1);
240 		if (ad->ad_uaddr)
241 			FREE(ad->ad_uaddr, strlen(ad->ad_uaddr) + 1);
242 		FREE(ad, sizeof (struct ad_private));
243 	}
244 	return (NULL);
245 }
246 
247 /*
248  * Implement the five authentication operations
249  */
250 
251 
252 /*
253  * 1. Next Verifier
254  */
255 /*ARGSUSED*/
256 static void
257 authdes_nextverf(AUTH *auth __unused)
258 {
259 	/* what the heck am I supposed to do??? */
260 }
261 
262 
263 /*
264  * 2. Marshal
265  */
266 static bool_t
267 authdes_marshal(AUTH *auth, XDR *xdrs)
268 {
269 /* LINTED pointer alignment */
270 	struct ad_private *ad = AUTH_PRIVATE(auth);
271 	struct authdes_cred *cred = &ad->ad_cred;
272 	struct authdes_verf *verf = &ad->ad_verf;
273 	des_block cryptbuf[2];
274 	des_block ivec;
275 	int status;
276 	int len;
277 	rpc_inline_t *ixdr;
278 
279 	/*
280 	 * Figure out the "time", accounting for any time difference
281 	 * with the server if necessary.
282 	 */
283 	(void)gettimeofday(&ad->ad_timestamp, NULL);
284 	ad->ad_timestamp.tv_sec += ad->ad_timediff.tv_sec;
285 	ad->ad_timestamp.tv_usec += ad->ad_timediff.tv_usec;
286 	while (ad->ad_timestamp.tv_usec >= USEC_PER_SEC) {
287 		ad->ad_timestamp.tv_usec -= USEC_PER_SEC;
288 		ad->ad_timestamp.tv_sec++;
289 	}
290 
291 	/*
292 	 * XDR the timestamp and possibly some other things, then
293 	 * encrypt them.
294 	 */
295 	ixdr = (rpc_inline_t *)cryptbuf;
296 	IXDR_PUT_INT32(ixdr, ad->ad_timestamp.tv_sec);
297 	IXDR_PUT_INT32(ixdr, ad->ad_timestamp.tv_usec);
298 	if (ad->ad_cred.adc_namekind == ADN_FULLNAME) {
299 		IXDR_PUT_U_INT32(ixdr, ad->ad_window);
300 		IXDR_PUT_U_INT32(ixdr, ad->ad_window - 1);
301 		ivec.key.high = ivec.key.low = 0;
302 		status = cbc_crypt((char *)&auth->ah_key, (char *)cryptbuf,
303 			(u_int) 2 * sizeof (des_block),
304 			DES_ENCRYPT | DES_HW, (char *)&ivec);
305 	} else {
306 		status = ecb_crypt((char *)&auth->ah_key, (char *)cryptbuf,
307 			(u_int) sizeof (des_block),
308 			DES_ENCRYPT | DES_HW);
309 	}
310 	if (DES_FAILED(status)) {
311 		syslog(LOG_ERR, "authdes_marshal: DES encryption failure");
312 		return (FALSE);
313 	}
314 	ad->ad_verf.adv_xtimestamp = cryptbuf[0];
315 	if (ad->ad_cred.adc_namekind == ADN_FULLNAME) {
316 		ad->ad_cred.adc_fullname.window = cryptbuf[1].key.high;
317 		ad->ad_verf.adv_winverf = cryptbuf[1].key.low;
318 	} else {
319 		ad->ad_cred.adc_nickname = ad->ad_nickname;
320 		ad->ad_verf.adv_winverf = 0;
321 	}
322 
323 	/*
324 	 * Serialize the credential and verifier into opaque
325 	 * authentication data.
326 	 */
327 	if (ad->ad_cred.adc_namekind == ADN_FULLNAME) {
328 		len = ((1 + 1 + 2 + 1)*BYTES_PER_XDR_UNIT + ad->ad_fullnamelen);
329 	} else {
330 		len = (1 + 1)*BYTES_PER_XDR_UNIT;
331 	}
332 
333 	if ((ixdr = xdr_inline(xdrs, 2*BYTES_PER_XDR_UNIT))) {
334 		IXDR_PUT_INT32(ixdr, AUTH_DES);
335 		IXDR_PUT_INT32(ixdr, len);
336 	} else {
337 		ATTEMPT(xdr_putint32(xdrs, (int *)&auth->ah_cred.oa_flavor));
338 		ATTEMPT(xdr_putint32(xdrs, &len));
339 	}
340 	ATTEMPT(xdr_authdes_cred(xdrs, cred));
341 
342 	len = (2 + 1)*BYTES_PER_XDR_UNIT;
343 	if ((ixdr = xdr_inline(xdrs, 2*BYTES_PER_XDR_UNIT))) {
344 		IXDR_PUT_INT32(ixdr, AUTH_DES);
345 		IXDR_PUT_INT32(ixdr, len);
346 	} else {
347 		ATTEMPT(xdr_putint32(xdrs, (int *)&auth->ah_verf.oa_flavor));
348 		ATTEMPT(xdr_putint32(xdrs, &len));
349 	}
350 	ATTEMPT(xdr_authdes_verf(xdrs, verf));
351 	return (TRUE);
352 }
353 
354 
355 /*
356  * 3. Validate
357  */
358 static bool_t
359 authdes_validate(AUTH *auth, struct opaque_auth *rverf)
360 {
361 /* LINTED pointer alignment */
362 	struct ad_private *ad = AUTH_PRIVATE(auth);
363 	struct authdes_verf verf;
364 	int status;
365 	uint32_t *ixdr;
366 	des_block buf;
367 
368 	if (rverf->oa_length != (2 + 1) * BYTES_PER_XDR_UNIT) {
369 		return (FALSE);
370 	}
371 /* LINTED pointer alignment */
372 	ixdr = (uint32_t *)rverf->oa_base;
373 	buf.key.high = (uint32_t)*ixdr++;
374 	buf.key.low = (uint32_t)*ixdr++;
375 	verf.adv_int_u = (uint32_t)*ixdr++;
376 
377 	/*
378 	 * Decrypt the timestamp
379 	 */
380 	status = ecb_crypt((char *)&auth->ah_key, (char *)&buf,
381 		(u_int)sizeof (des_block), DES_DECRYPT | DES_HW);
382 
383 	if (DES_FAILED(status)) {
384 		syslog(LOG_ERR, "authdes_validate: DES decryption failure");
385 		return (FALSE);
386 	}
387 
388 	/*
389 	 * xdr the decrypted timestamp
390 	 */
391 /* LINTED pointer alignment */
392 	ixdr = (uint32_t *)buf.c;
393 	verf.adv_timestamp.tv_sec = IXDR_GET_INT32(ixdr) + 1;
394 	verf.adv_timestamp.tv_usec = IXDR_GET_INT32(ixdr);
395 
396 	/*
397 	 * validate
398 	 */
399 	if (bcmp((char *)&ad->ad_timestamp, (char *)&verf.adv_timestamp,
400 		 sizeof(struct timeval)) != 0) {
401 		syslog(LOG_DEBUG, "authdes_validate: verifier mismatch");
402 		return (FALSE);
403 	}
404 
405 	/*
406 	 * We have a nickname now, let's use it
407 	 */
408 	ad->ad_nickname = verf.adv_nickname;
409 	ad->ad_cred.adc_namekind = ADN_NICKNAME;
410 	return (TRUE);
411 }
412 
413 /*
414  * 4. Refresh
415  */
416 /*ARGSUSED*/
417 static bool_t
418 authdes_refresh(AUTH *auth, void *dummy __unused)
419 {
420 /* LINTED pointer alignment */
421 	struct ad_private *ad = AUTH_PRIVATE(auth);
422 	struct authdes_cred *cred = &ad->ad_cred;
423 	int		ok;
424 	netobj		pkey;
425 
426 	if (ad->ad_dosync) {
427                 ok = __rpc_get_time_offset(&ad->ad_timediff, ad->ad_nis_srvr,
428 		    ad->ad_timehost, &(ad->ad_uaddr),
429 		    &(ad->ad_netid));
430 		if (! ok) {
431 			/*
432 			 * Hope the clocks are synced!
433 			 */
434 			ad->ad_dosync = 0;
435 			syslog(LOG_DEBUG,
436 			    "authdes_refresh: unable to synchronize clock");
437 		 }
438 	}
439 	ad->ad_xkey = auth->ah_key;
440 	pkey.n_bytes = (char *)(ad->ad_pkey);
441 	pkey.n_len = (u_int)strlen((char *)ad->ad_pkey) + 1;
442 	if (key_encryptsession_pk(ad->ad_servername, &pkey, &ad->ad_xkey) < 0) {
443 		syslog(LOG_INFO,
444 		    "authdes_refresh: keyserv(1m) is unable to encrypt session key");
445 		return (FALSE);
446 	}
447 	cred->adc_fullname.key = ad->ad_xkey;
448 	cred->adc_namekind = ADN_FULLNAME;
449 	cred->adc_fullname.name = ad->ad_fullname;
450 	return (TRUE);
451 }
452 
453 
454 /*
455  * 5. Destroy
456  */
457 static void
458 authdes_destroy(AUTH *auth)
459 {
460 /* LINTED pointer alignment */
461 	struct ad_private *ad = AUTH_PRIVATE(auth);
462 
463 	FREE(ad->ad_fullname, ad->ad_fullnamelen + 1);
464 	FREE(ad->ad_servername, ad->ad_servernamelen + 1);
465 	if (ad->ad_timehost)
466 		FREE(ad->ad_timehost, strlen(ad->ad_timehost) + 1);
467 	if (ad->ad_netid)
468 		FREE(ad->ad_netid, strlen(ad->ad_netid) + 1);
469 	if (ad->ad_uaddr)
470 		FREE(ad->ad_uaddr, strlen(ad->ad_uaddr) + 1);
471 	FREE(ad, sizeof (struct ad_private));
472 	FREE(auth, sizeof(AUTH));
473 }
474 
475 static struct auth_ops *
476 authdes_ops(void)
477 {
478 	static struct auth_ops ops;
479 
480 	/* VARIABLES PROTECTED BY ops_lock: ops */
481 
482 	mutex_lock(&authdes_ops_lock);
483 	if (ops.ah_nextverf == NULL) {
484 		ops.ah_nextverf = authdes_nextverf;
485 		ops.ah_marshal = authdes_marshal;
486 		ops.ah_validate = authdes_validate;
487 		ops.ah_refresh = authdes_refresh;
488 		ops.ah_destroy = authdes_destroy;
489         }
490 	mutex_unlock(&authdes_ops_lock);
491 	return (&ops);
492 }
493