17c478bd9Sstevel@tonic-gate /* 2*9525b14bSRao Shoaib * Copyright (c) 2004 by Internet Systems Consortium, Inc. ("ISC") 37c478bd9Sstevel@tonic-gate * Copyright (c) 1999 by Internet Software Consortium, Inc. 47c478bd9Sstevel@tonic-gate * 57c478bd9Sstevel@tonic-gate * Permission to use, copy, modify, and distribute this software for any 67c478bd9Sstevel@tonic-gate * purpose with or without fee is hereby granted, provided that the above 77c478bd9Sstevel@tonic-gate * copyright notice and this permission notice appear in all copies. 87c478bd9Sstevel@tonic-gate * 9*9525b14bSRao Shoaib * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES 10*9525b14bSRao Shoaib * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 11*9525b14bSRao Shoaib * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR 12*9525b14bSRao Shoaib * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 13*9525b14bSRao Shoaib * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 14*9525b14bSRao Shoaib * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT 15*9525b14bSRao Shoaib * OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 167c478bd9Sstevel@tonic-gate */ 177c478bd9Sstevel@tonic-gate 187c478bd9Sstevel@tonic-gate #include "port_before.h" 197c478bd9Sstevel@tonic-gate #include "fd_setsize.h" 207c478bd9Sstevel@tonic-gate 217c478bd9Sstevel@tonic-gate #include <sys/types.h> 227c478bd9Sstevel@tonic-gate #include <sys/param.h> 237c478bd9Sstevel@tonic-gate 247c478bd9Sstevel@tonic-gate #include <netinet/in.h> 257c478bd9Sstevel@tonic-gate #include <arpa/nameser.h> 267c478bd9Sstevel@tonic-gate #include <arpa/inet.h> 277c478bd9Sstevel@tonic-gate 287c478bd9Sstevel@tonic-gate #include <errno.h> 297c478bd9Sstevel@tonic-gate #include <netdb.h> 307c478bd9Sstevel@tonic-gate #include <resolv.h> 317c478bd9Sstevel@tonic-gate #include <stdio.h> 327c478bd9Sstevel@tonic-gate #include <stdlib.h> 337c478bd9Sstevel@tonic-gate #include <string.h> 347c478bd9Sstevel@tonic-gate #include <time.h> 357c478bd9Sstevel@tonic-gate #include <unistd.h> 367c478bd9Sstevel@tonic-gate 377c478bd9Sstevel@tonic-gate #include <isc/dst.h> 387c478bd9Sstevel@tonic-gate 397c478bd9Sstevel@tonic-gate #include "port_after.h" 407c478bd9Sstevel@tonic-gate 417c478bd9Sstevel@tonic-gate /* Private. */ 427c478bd9Sstevel@tonic-gate 437c478bd9Sstevel@tonic-gate #define BOUNDS_CHECK(ptr, count) \ 447c478bd9Sstevel@tonic-gate do { \ 457c478bd9Sstevel@tonic-gate if ((ptr) + (count) > eom) { \ 467c478bd9Sstevel@tonic-gate return (NS_TSIG_ERROR_FORMERR); \ 477c478bd9Sstevel@tonic-gate } \ 487c478bd9Sstevel@tonic-gate } while (0) 497c478bd9Sstevel@tonic-gate 507c478bd9Sstevel@tonic-gate /* Public. */ 517c478bd9Sstevel@tonic-gate 527c478bd9Sstevel@tonic-gate u_char * 537c478bd9Sstevel@tonic-gate ns_find_tsig(u_char *msg, u_char *eom) { 547c478bd9Sstevel@tonic-gate HEADER *hp = (HEADER *)msg; 557c478bd9Sstevel@tonic-gate int n, type; 567c478bd9Sstevel@tonic-gate u_char *cp = msg, *start; 577c478bd9Sstevel@tonic-gate 587c478bd9Sstevel@tonic-gate if (msg == NULL || eom == NULL || msg > eom) 597c478bd9Sstevel@tonic-gate return (NULL); 607c478bd9Sstevel@tonic-gate 617c478bd9Sstevel@tonic-gate if (cp + HFIXEDSZ >= eom) 627c478bd9Sstevel@tonic-gate return (NULL); 637c478bd9Sstevel@tonic-gate 647c478bd9Sstevel@tonic-gate if (hp->arcount == 0) 657c478bd9Sstevel@tonic-gate return (NULL); 667c478bd9Sstevel@tonic-gate 677c478bd9Sstevel@tonic-gate cp += HFIXEDSZ; 687c478bd9Sstevel@tonic-gate 697c478bd9Sstevel@tonic-gate n = ns_skiprr(cp, eom, ns_s_qd, ntohs(hp->qdcount)); 707c478bd9Sstevel@tonic-gate if (n < 0) 717c478bd9Sstevel@tonic-gate return (NULL); 727c478bd9Sstevel@tonic-gate cp += n; 737c478bd9Sstevel@tonic-gate 747c478bd9Sstevel@tonic-gate n = ns_skiprr(cp, eom, ns_s_an, ntohs(hp->ancount)); 757c478bd9Sstevel@tonic-gate if (n < 0) 767c478bd9Sstevel@tonic-gate return (NULL); 777c478bd9Sstevel@tonic-gate cp += n; 787c478bd9Sstevel@tonic-gate 797c478bd9Sstevel@tonic-gate n = ns_skiprr(cp, eom, ns_s_ns, ntohs(hp->nscount)); 807c478bd9Sstevel@tonic-gate if (n < 0) 817c478bd9Sstevel@tonic-gate return (NULL); 827c478bd9Sstevel@tonic-gate cp += n; 837c478bd9Sstevel@tonic-gate 847c478bd9Sstevel@tonic-gate n = ns_skiprr(cp, eom, ns_s_ar, ntohs(hp->arcount) - 1); 857c478bd9Sstevel@tonic-gate if (n < 0) 867c478bd9Sstevel@tonic-gate return (NULL); 877c478bd9Sstevel@tonic-gate cp += n; 887c478bd9Sstevel@tonic-gate 897c478bd9Sstevel@tonic-gate start = cp; 907c478bd9Sstevel@tonic-gate n = dn_skipname(cp, eom); 917c478bd9Sstevel@tonic-gate if (n < 0) 927c478bd9Sstevel@tonic-gate return (NULL); 937c478bd9Sstevel@tonic-gate cp += n; 947c478bd9Sstevel@tonic-gate if (cp + INT16SZ >= eom) 957c478bd9Sstevel@tonic-gate return (NULL); 967c478bd9Sstevel@tonic-gate 977c478bd9Sstevel@tonic-gate GETSHORT(type, cp); 987c478bd9Sstevel@tonic-gate if (type != ns_t_tsig) 997c478bd9Sstevel@tonic-gate return (NULL); 1007c478bd9Sstevel@tonic-gate return (start); 1017c478bd9Sstevel@tonic-gate } 1027c478bd9Sstevel@tonic-gate 1037c478bd9Sstevel@tonic-gate /* ns_verify 104*9525b14bSRao Shoaib * 1057c478bd9Sstevel@tonic-gate * Parameters: 106*9525b14bSRao Shoaib *\li statp res stuff 107*9525b14bSRao Shoaib *\li msg received message 108*9525b14bSRao Shoaib *\li msglen length of message 109*9525b14bSRao Shoaib *\li key tsig key used for verifying. 110*9525b14bSRao Shoaib *\li querysig (response), the signature in the query 111*9525b14bSRao Shoaib *\li querysiglen (response), the length of the signature in the query 112*9525b14bSRao Shoaib *\li sig (query), a buffer to hold the signature 113*9525b14bSRao Shoaib *\li siglen (query), input - length of signature buffer 1147c478bd9Sstevel@tonic-gate * output - length of signature 1157c478bd9Sstevel@tonic-gate * 1167c478bd9Sstevel@tonic-gate * Errors: 117*9525b14bSRao Shoaib *\li - bad input (-1) 118*9525b14bSRao Shoaib *\li - invalid dns message (NS_TSIG_ERROR_FORMERR) 119*9525b14bSRao Shoaib *\li - TSIG is not present (NS_TSIG_ERROR_NO_TSIG) 120*9525b14bSRao Shoaib *\li - key doesn't match (-ns_r_badkey) 121*9525b14bSRao Shoaib *\li - TSIG verification fails with BADKEY (-ns_r_badkey) 122*9525b14bSRao Shoaib *\li - TSIG verification fails with BADSIG (-ns_r_badsig) 123*9525b14bSRao Shoaib *\li - TSIG verification fails with BADTIME (-ns_r_badtime) 124*9525b14bSRao Shoaib *\li - TSIG verification succeeds, error set to BAKEY (ns_r_badkey) 125*9525b14bSRao Shoaib *\li - TSIG verification succeeds, error set to BADSIG (ns_r_badsig) 126*9525b14bSRao Shoaib *\li - TSIG verification succeeds, error set to BADTIME (ns_r_badtime) 1277c478bd9Sstevel@tonic-gate */ 1287c478bd9Sstevel@tonic-gate int 1297c478bd9Sstevel@tonic-gate ns_verify(u_char *msg, int *msglen, void *k, 1307c478bd9Sstevel@tonic-gate const u_char *querysig, int querysiglen, u_char *sig, int *siglen, 1317c478bd9Sstevel@tonic-gate time_t *timesigned, int nostrip) 1327c478bd9Sstevel@tonic-gate { 1337c478bd9Sstevel@tonic-gate HEADER *hp = (HEADER *)msg; 1347c478bd9Sstevel@tonic-gate DST_KEY *key = (DST_KEY *)k; 1357c478bd9Sstevel@tonic-gate u_char *cp = msg, *eom; 1367c478bd9Sstevel@tonic-gate char name[MAXDNAME], alg[MAXDNAME]; 1377c478bd9Sstevel@tonic-gate u_char *recstart, *rdatastart; 1387c478bd9Sstevel@tonic-gate u_char *sigstart, *otherstart; 1397c478bd9Sstevel@tonic-gate int n; 1407c478bd9Sstevel@tonic-gate int error; 1417c478bd9Sstevel@tonic-gate u_int16_t type, length; 142*9525b14bSRao Shoaib u_int16_t fudge, sigfieldlen, otherfieldlen; 1437c478bd9Sstevel@tonic-gate 1447c478bd9Sstevel@tonic-gate dst_init(); 1457c478bd9Sstevel@tonic-gate if (msg == NULL || msglen == NULL || *msglen < 0) 1467c478bd9Sstevel@tonic-gate return (-1); 1477c478bd9Sstevel@tonic-gate 1487c478bd9Sstevel@tonic-gate eom = msg + *msglen; 1497c478bd9Sstevel@tonic-gate 1507c478bd9Sstevel@tonic-gate recstart = ns_find_tsig(msg, eom); 1517c478bd9Sstevel@tonic-gate if (recstart == NULL) 1527c478bd9Sstevel@tonic-gate return (NS_TSIG_ERROR_NO_TSIG); 1537c478bd9Sstevel@tonic-gate 1547c478bd9Sstevel@tonic-gate cp = recstart; 1557c478bd9Sstevel@tonic-gate 1567c478bd9Sstevel@tonic-gate /* Read the key name. */ 1577c478bd9Sstevel@tonic-gate n = dn_expand(msg, eom, cp, name, MAXDNAME); 1587c478bd9Sstevel@tonic-gate if (n < 0) 1597c478bd9Sstevel@tonic-gate return (NS_TSIG_ERROR_FORMERR); 1607c478bd9Sstevel@tonic-gate cp += n; 1617c478bd9Sstevel@tonic-gate 1627c478bd9Sstevel@tonic-gate /* Read the type. */ 1637c478bd9Sstevel@tonic-gate BOUNDS_CHECK(cp, 2*INT16SZ + INT32SZ + INT16SZ); 1647c478bd9Sstevel@tonic-gate GETSHORT(type, cp); 1657c478bd9Sstevel@tonic-gate if (type != ns_t_tsig) 1667c478bd9Sstevel@tonic-gate return (NS_TSIG_ERROR_NO_TSIG); 1677c478bd9Sstevel@tonic-gate 1687c478bd9Sstevel@tonic-gate /* Skip the class and TTL, save the length. */ 1697c478bd9Sstevel@tonic-gate cp += INT16SZ + INT32SZ; 1707c478bd9Sstevel@tonic-gate GETSHORT(length, cp); 1717c478bd9Sstevel@tonic-gate if (eom - cp != length) 1727c478bd9Sstevel@tonic-gate return (NS_TSIG_ERROR_FORMERR); 1737c478bd9Sstevel@tonic-gate 1747c478bd9Sstevel@tonic-gate /* Read the algorithm name. */ 1757c478bd9Sstevel@tonic-gate rdatastart = cp; 1767c478bd9Sstevel@tonic-gate n = dn_expand(msg, eom, cp, alg, MAXDNAME); 1777c478bd9Sstevel@tonic-gate if (n < 0) 1787c478bd9Sstevel@tonic-gate return (NS_TSIG_ERROR_FORMERR); 1797c478bd9Sstevel@tonic-gate if (ns_samename(alg, NS_TSIG_ALG_HMAC_MD5) != 1) 1807c478bd9Sstevel@tonic-gate return (-ns_r_badkey); 1817c478bd9Sstevel@tonic-gate cp += n; 1827c478bd9Sstevel@tonic-gate 1837c478bd9Sstevel@tonic-gate /* Read the time signed and fudge. */ 1847c478bd9Sstevel@tonic-gate BOUNDS_CHECK(cp, INT16SZ + INT32SZ + INT16SZ); 1857c478bd9Sstevel@tonic-gate cp += INT16SZ; 1867c478bd9Sstevel@tonic-gate GETLONG((*timesigned), cp); 1877c478bd9Sstevel@tonic-gate GETSHORT(fudge, cp); 1887c478bd9Sstevel@tonic-gate 1897c478bd9Sstevel@tonic-gate /* Read the signature. */ 1907c478bd9Sstevel@tonic-gate BOUNDS_CHECK(cp, INT16SZ); 1917c478bd9Sstevel@tonic-gate GETSHORT(sigfieldlen, cp); 1927c478bd9Sstevel@tonic-gate BOUNDS_CHECK(cp, sigfieldlen); 1937c478bd9Sstevel@tonic-gate sigstart = cp; 1947c478bd9Sstevel@tonic-gate cp += sigfieldlen; 1957c478bd9Sstevel@tonic-gate 196*9525b14bSRao Shoaib /* Skip id and read error. */ 1977c478bd9Sstevel@tonic-gate BOUNDS_CHECK(cp, 2*INT16SZ); 198*9525b14bSRao Shoaib cp += INT16SZ; 1997c478bd9Sstevel@tonic-gate GETSHORT(error, cp); 2007c478bd9Sstevel@tonic-gate 2017c478bd9Sstevel@tonic-gate /* Parse the other data. */ 2027c478bd9Sstevel@tonic-gate BOUNDS_CHECK(cp, INT16SZ); 2037c478bd9Sstevel@tonic-gate GETSHORT(otherfieldlen, cp); 2047c478bd9Sstevel@tonic-gate BOUNDS_CHECK(cp, otherfieldlen); 2057c478bd9Sstevel@tonic-gate otherstart = cp; 2067c478bd9Sstevel@tonic-gate cp += otherfieldlen; 2077c478bd9Sstevel@tonic-gate 2087c478bd9Sstevel@tonic-gate if (cp != eom) 2097c478bd9Sstevel@tonic-gate return (NS_TSIG_ERROR_FORMERR); 2107c478bd9Sstevel@tonic-gate 2117c478bd9Sstevel@tonic-gate /* Verify that the key used is OK. */ 2127c478bd9Sstevel@tonic-gate if (key != NULL) { 2137c478bd9Sstevel@tonic-gate if (key->dk_alg != KEY_HMAC_MD5) 2147c478bd9Sstevel@tonic-gate return (-ns_r_badkey); 2157c478bd9Sstevel@tonic-gate if (error != ns_r_badsig && error != ns_r_badkey) { 2167c478bd9Sstevel@tonic-gate if (ns_samename(key->dk_key_name, name) != 1) 2177c478bd9Sstevel@tonic-gate return (-ns_r_badkey); 2187c478bd9Sstevel@tonic-gate } 2197c478bd9Sstevel@tonic-gate } 2207c478bd9Sstevel@tonic-gate 2217c478bd9Sstevel@tonic-gate hp->arcount = htons(ntohs(hp->arcount) - 1); 2227c478bd9Sstevel@tonic-gate 2237c478bd9Sstevel@tonic-gate /* 2247c478bd9Sstevel@tonic-gate * Do the verification. 2257c478bd9Sstevel@tonic-gate */ 2267c478bd9Sstevel@tonic-gate 2277c478bd9Sstevel@tonic-gate if (key != NULL && error != ns_r_badsig && error != ns_r_badkey) { 2287c478bd9Sstevel@tonic-gate void *ctx; 2297c478bd9Sstevel@tonic-gate u_char buf[MAXDNAME]; 2307c478bd9Sstevel@tonic-gate u_char buf2[MAXDNAME]; 2317c478bd9Sstevel@tonic-gate 2327c478bd9Sstevel@tonic-gate /* Digest the query signature, if this is a response. */ 2337c478bd9Sstevel@tonic-gate dst_verify_data(SIG_MODE_INIT, key, &ctx, NULL, 0, NULL, 0); 2347c478bd9Sstevel@tonic-gate if (querysiglen > 0 && querysig != NULL) { 2357c478bd9Sstevel@tonic-gate u_int16_t len_n = htons(querysiglen); 2367c478bd9Sstevel@tonic-gate dst_verify_data(SIG_MODE_UPDATE, key, &ctx, 2377c478bd9Sstevel@tonic-gate (u_char *)&len_n, INT16SZ, NULL, 0); 2387c478bd9Sstevel@tonic-gate dst_verify_data(SIG_MODE_UPDATE, key, &ctx, 2397c478bd9Sstevel@tonic-gate querysig, querysiglen, NULL, 0); 2407c478bd9Sstevel@tonic-gate } 2417c478bd9Sstevel@tonic-gate 2427c478bd9Sstevel@tonic-gate /* Digest the message. */ 2437c478bd9Sstevel@tonic-gate dst_verify_data(SIG_MODE_UPDATE, key, &ctx, msg, recstart - msg, 2447c478bd9Sstevel@tonic-gate NULL, 0); 2457c478bd9Sstevel@tonic-gate 2467c478bd9Sstevel@tonic-gate /* Digest the key name. */ 2477c478bd9Sstevel@tonic-gate n = ns_name_pton(name, buf2, sizeof(buf2)); 2487c478bd9Sstevel@tonic-gate if (n < 0) 2497c478bd9Sstevel@tonic-gate return (-1); 2507c478bd9Sstevel@tonic-gate n = ns_name_ntol(buf2, buf, sizeof(buf)); 2517c478bd9Sstevel@tonic-gate if (n < 0) 2527c478bd9Sstevel@tonic-gate return (-1); 2537c478bd9Sstevel@tonic-gate dst_verify_data(SIG_MODE_UPDATE, key, &ctx, buf, n, NULL, 0); 2547c478bd9Sstevel@tonic-gate 2557c478bd9Sstevel@tonic-gate /* Digest the class and TTL. */ 2567c478bd9Sstevel@tonic-gate dst_verify_data(SIG_MODE_UPDATE, key, &ctx, 2577c478bd9Sstevel@tonic-gate recstart + dn_skipname(recstart, eom) + INT16SZ, 2587c478bd9Sstevel@tonic-gate INT16SZ + INT32SZ, NULL, 0); 2597c478bd9Sstevel@tonic-gate 2607c478bd9Sstevel@tonic-gate /* Digest the algorithm. */ 2617c478bd9Sstevel@tonic-gate n = ns_name_pton(alg, buf2, sizeof(buf2)); 2627c478bd9Sstevel@tonic-gate if (n < 0) 2637c478bd9Sstevel@tonic-gate return (-1); 2647c478bd9Sstevel@tonic-gate n = ns_name_ntol(buf2, buf, sizeof(buf)); 2657c478bd9Sstevel@tonic-gate if (n < 0) 2667c478bd9Sstevel@tonic-gate return (-1); 2677c478bd9Sstevel@tonic-gate dst_verify_data(SIG_MODE_UPDATE, key, &ctx, buf, n, NULL, 0); 2687c478bd9Sstevel@tonic-gate 2697c478bd9Sstevel@tonic-gate /* Digest the time signed and fudge. */ 2707c478bd9Sstevel@tonic-gate dst_verify_data(SIG_MODE_UPDATE, key, &ctx, 2717c478bd9Sstevel@tonic-gate rdatastart + dn_skipname(rdatastart, eom), 2727c478bd9Sstevel@tonic-gate INT16SZ + INT32SZ + INT16SZ, NULL, 0); 2737c478bd9Sstevel@tonic-gate 2747c478bd9Sstevel@tonic-gate /* Digest the error and other data. */ 2757c478bd9Sstevel@tonic-gate dst_verify_data(SIG_MODE_UPDATE, key, &ctx, 2767c478bd9Sstevel@tonic-gate otherstart - INT16SZ - INT16SZ, 2777c478bd9Sstevel@tonic-gate otherfieldlen + INT16SZ + INT16SZ, NULL, 0); 2787c478bd9Sstevel@tonic-gate 2797c478bd9Sstevel@tonic-gate n = dst_verify_data(SIG_MODE_FINAL, key, &ctx, NULL, 0, 2807c478bd9Sstevel@tonic-gate sigstart, sigfieldlen); 2817c478bd9Sstevel@tonic-gate 2827c478bd9Sstevel@tonic-gate if (n < 0) 2837c478bd9Sstevel@tonic-gate return (-ns_r_badsig); 2847c478bd9Sstevel@tonic-gate 2857c478bd9Sstevel@tonic-gate if (sig != NULL && siglen != NULL) { 2867c478bd9Sstevel@tonic-gate if (*siglen < sigfieldlen) 2877c478bd9Sstevel@tonic-gate return (NS_TSIG_ERROR_NO_SPACE); 2887c478bd9Sstevel@tonic-gate memcpy(sig, sigstart, sigfieldlen); 2897c478bd9Sstevel@tonic-gate *siglen = sigfieldlen; 2907c478bd9Sstevel@tonic-gate } 2917c478bd9Sstevel@tonic-gate } else { 2927c478bd9Sstevel@tonic-gate if (sigfieldlen > 0) 2937c478bd9Sstevel@tonic-gate return (NS_TSIG_ERROR_FORMERR); 2947c478bd9Sstevel@tonic-gate if (sig != NULL && siglen != NULL) 2957c478bd9Sstevel@tonic-gate *siglen = 0; 2967c478bd9Sstevel@tonic-gate } 2977c478bd9Sstevel@tonic-gate 2987c478bd9Sstevel@tonic-gate /* Reset the counter, since we still need to check for badtime. */ 2997c478bd9Sstevel@tonic-gate hp->arcount = htons(ntohs(hp->arcount) + 1); 3007c478bd9Sstevel@tonic-gate 3017c478bd9Sstevel@tonic-gate /* Verify the time. */ 3027c478bd9Sstevel@tonic-gate if (abs((*timesigned) - time(NULL)) > fudge) 3037c478bd9Sstevel@tonic-gate return (-ns_r_badtime); 3047c478bd9Sstevel@tonic-gate 3057c478bd9Sstevel@tonic-gate if (nostrip == 0) { 3067c478bd9Sstevel@tonic-gate *msglen = recstart - msg; 3077c478bd9Sstevel@tonic-gate hp->arcount = htons(ntohs(hp->arcount) - 1); 3087c478bd9Sstevel@tonic-gate } 3097c478bd9Sstevel@tonic-gate 3107c478bd9Sstevel@tonic-gate if (error != NOERROR) 3117c478bd9Sstevel@tonic-gate return (error); 3127c478bd9Sstevel@tonic-gate 3137c478bd9Sstevel@tonic-gate return (0); 3147c478bd9Sstevel@tonic-gate } 3157c478bd9Sstevel@tonic-gate 3167c478bd9Sstevel@tonic-gate int 3177c478bd9Sstevel@tonic-gate ns_verify_tcp_init(void *k, const u_char *querysig, int querysiglen, 3187c478bd9Sstevel@tonic-gate ns_tcp_tsig_state *state) 3197c478bd9Sstevel@tonic-gate { 3207c478bd9Sstevel@tonic-gate dst_init(); 3217c478bd9Sstevel@tonic-gate if (state == NULL || k == NULL || querysig == NULL || querysiglen < 0) 3227c478bd9Sstevel@tonic-gate return (-1); 3237c478bd9Sstevel@tonic-gate state->counter = -1; 3247c478bd9Sstevel@tonic-gate state->key = k; 3257c478bd9Sstevel@tonic-gate if (state->key->dk_alg != KEY_HMAC_MD5) 3267c478bd9Sstevel@tonic-gate return (-ns_r_badkey); 3277c478bd9Sstevel@tonic-gate if (querysiglen > (int)sizeof(state->sig)) 3287c478bd9Sstevel@tonic-gate return (-1); 3297c478bd9Sstevel@tonic-gate memcpy(state->sig, querysig, querysiglen); 3307c478bd9Sstevel@tonic-gate state->siglen = querysiglen; 3317c478bd9Sstevel@tonic-gate return (0); 3327c478bd9Sstevel@tonic-gate } 3337c478bd9Sstevel@tonic-gate 3347c478bd9Sstevel@tonic-gate int 3357c478bd9Sstevel@tonic-gate ns_verify_tcp(u_char *msg, int *msglen, ns_tcp_tsig_state *state, 3367c478bd9Sstevel@tonic-gate int required) 3377c478bd9Sstevel@tonic-gate { 3387c478bd9Sstevel@tonic-gate HEADER *hp = (HEADER *)msg; 339*9525b14bSRao Shoaib u_char *recstart, *sigstart; 3407c478bd9Sstevel@tonic-gate unsigned int sigfieldlen, otherfieldlen; 341*9525b14bSRao Shoaib u_char *cp, *eom, *cp2; 3427c478bd9Sstevel@tonic-gate char name[MAXDNAME], alg[MAXDNAME]; 3437c478bd9Sstevel@tonic-gate u_char buf[MAXDNAME]; 344*9525b14bSRao Shoaib int n, type, length, fudge, error; 3457c478bd9Sstevel@tonic-gate time_t timesigned; 3467c478bd9Sstevel@tonic-gate 3477c478bd9Sstevel@tonic-gate if (msg == NULL || msglen == NULL || state == NULL) 3487c478bd9Sstevel@tonic-gate return (-1); 3497c478bd9Sstevel@tonic-gate 350*9525b14bSRao Shoaib eom = msg + *msglen; 351*9525b14bSRao Shoaib 3527c478bd9Sstevel@tonic-gate state->counter++; 3537c478bd9Sstevel@tonic-gate if (state->counter == 0) 3547c478bd9Sstevel@tonic-gate return (ns_verify(msg, msglen, state->key, 3557c478bd9Sstevel@tonic-gate state->sig, state->siglen, 3567c478bd9Sstevel@tonic-gate state->sig, &state->siglen, ×igned, 0)); 3577c478bd9Sstevel@tonic-gate 3587c478bd9Sstevel@tonic-gate if (state->siglen > 0) { 3597c478bd9Sstevel@tonic-gate u_int16_t siglen_n = htons(state->siglen); 3607c478bd9Sstevel@tonic-gate 3617c478bd9Sstevel@tonic-gate dst_verify_data(SIG_MODE_INIT, state->key, &state->ctx, 3627c478bd9Sstevel@tonic-gate NULL, 0, NULL, 0); 3637c478bd9Sstevel@tonic-gate dst_verify_data(SIG_MODE_UPDATE, state->key, &state->ctx, 3647c478bd9Sstevel@tonic-gate (u_char *)&siglen_n, INT16SZ, NULL, 0); 3657c478bd9Sstevel@tonic-gate dst_verify_data(SIG_MODE_UPDATE, state->key, &state->ctx, 3667c478bd9Sstevel@tonic-gate state->sig, state->siglen, NULL, 0); 3677c478bd9Sstevel@tonic-gate state->siglen = 0; 3687c478bd9Sstevel@tonic-gate } 3697c478bd9Sstevel@tonic-gate 3707c478bd9Sstevel@tonic-gate cp = recstart = ns_find_tsig(msg, eom); 3717c478bd9Sstevel@tonic-gate 3727c478bd9Sstevel@tonic-gate if (recstart == NULL) { 3737c478bd9Sstevel@tonic-gate if (required) 3747c478bd9Sstevel@tonic-gate return (NS_TSIG_ERROR_NO_TSIG); 3757c478bd9Sstevel@tonic-gate dst_verify_data(SIG_MODE_UPDATE, state->key, &state->ctx, 3767c478bd9Sstevel@tonic-gate msg, *msglen, NULL, 0); 3777c478bd9Sstevel@tonic-gate return (0); 3787c478bd9Sstevel@tonic-gate } 3797c478bd9Sstevel@tonic-gate 3807c478bd9Sstevel@tonic-gate hp->arcount = htons(ntohs(hp->arcount) - 1); 3817c478bd9Sstevel@tonic-gate dst_verify_data(SIG_MODE_UPDATE, state->key, &state->ctx, 3827c478bd9Sstevel@tonic-gate msg, recstart - msg, NULL, 0); 3837c478bd9Sstevel@tonic-gate 3847c478bd9Sstevel@tonic-gate /* Read the key name. */ 3857c478bd9Sstevel@tonic-gate n = dn_expand(msg, eom, cp, name, MAXDNAME); 3867c478bd9Sstevel@tonic-gate if (n < 0) 3877c478bd9Sstevel@tonic-gate return (NS_TSIG_ERROR_FORMERR); 3887c478bd9Sstevel@tonic-gate cp += n; 3897c478bd9Sstevel@tonic-gate 3907c478bd9Sstevel@tonic-gate /* Read the type. */ 3917c478bd9Sstevel@tonic-gate BOUNDS_CHECK(cp, 2*INT16SZ + INT32SZ + INT16SZ); 3927c478bd9Sstevel@tonic-gate GETSHORT(type, cp); 3937c478bd9Sstevel@tonic-gate if (type != ns_t_tsig) 3947c478bd9Sstevel@tonic-gate return (NS_TSIG_ERROR_NO_TSIG); 3957c478bd9Sstevel@tonic-gate 3967c478bd9Sstevel@tonic-gate /* Skip the class and TTL, save the length. */ 3977c478bd9Sstevel@tonic-gate cp += INT16SZ + INT32SZ; 3987c478bd9Sstevel@tonic-gate GETSHORT(length, cp); 3997c478bd9Sstevel@tonic-gate if (eom - cp != length) 4007c478bd9Sstevel@tonic-gate return (NS_TSIG_ERROR_FORMERR); 4017c478bd9Sstevel@tonic-gate 4027c478bd9Sstevel@tonic-gate /* Read the algorithm name. */ 4037c478bd9Sstevel@tonic-gate n = dn_expand(msg, eom, cp, alg, MAXDNAME); 4047c478bd9Sstevel@tonic-gate if (n < 0) 4057c478bd9Sstevel@tonic-gate return (NS_TSIG_ERROR_FORMERR); 4067c478bd9Sstevel@tonic-gate if (ns_samename(alg, NS_TSIG_ALG_HMAC_MD5) != 1) 4077c478bd9Sstevel@tonic-gate return (-ns_r_badkey); 4087c478bd9Sstevel@tonic-gate cp += n; 4097c478bd9Sstevel@tonic-gate 4107c478bd9Sstevel@tonic-gate /* Verify that the key used is OK. */ 4117c478bd9Sstevel@tonic-gate if ((ns_samename(state->key->dk_key_name, name) != 1 || 4127c478bd9Sstevel@tonic-gate state->key->dk_alg != KEY_HMAC_MD5)) 4137c478bd9Sstevel@tonic-gate return (-ns_r_badkey); 4147c478bd9Sstevel@tonic-gate 4157c478bd9Sstevel@tonic-gate /* Read the time signed and fudge. */ 4167c478bd9Sstevel@tonic-gate BOUNDS_CHECK(cp, INT16SZ + INT32SZ + INT16SZ); 4177c478bd9Sstevel@tonic-gate cp += INT16SZ; 4187c478bd9Sstevel@tonic-gate GETLONG(timesigned, cp); 4197c478bd9Sstevel@tonic-gate GETSHORT(fudge, cp); 4207c478bd9Sstevel@tonic-gate 4217c478bd9Sstevel@tonic-gate /* Read the signature. */ 4227c478bd9Sstevel@tonic-gate BOUNDS_CHECK(cp, INT16SZ); 4237c478bd9Sstevel@tonic-gate GETSHORT(sigfieldlen, cp); 4247c478bd9Sstevel@tonic-gate BOUNDS_CHECK(cp, sigfieldlen); 4257c478bd9Sstevel@tonic-gate sigstart = cp; 4267c478bd9Sstevel@tonic-gate cp += sigfieldlen; 4277c478bd9Sstevel@tonic-gate 428*9525b14bSRao Shoaib /* Skip id and read error. */ 4297c478bd9Sstevel@tonic-gate BOUNDS_CHECK(cp, 2*INT16SZ); 430*9525b14bSRao Shoaib cp += INT16SZ; 4317c478bd9Sstevel@tonic-gate GETSHORT(error, cp); 4327c478bd9Sstevel@tonic-gate 4337c478bd9Sstevel@tonic-gate /* Parse the other data. */ 4347c478bd9Sstevel@tonic-gate BOUNDS_CHECK(cp, INT16SZ); 4357c478bd9Sstevel@tonic-gate GETSHORT(otherfieldlen, cp); 4367c478bd9Sstevel@tonic-gate BOUNDS_CHECK(cp, otherfieldlen); 4377c478bd9Sstevel@tonic-gate cp += otherfieldlen; 4387c478bd9Sstevel@tonic-gate 4397c478bd9Sstevel@tonic-gate if (cp != eom) 4407c478bd9Sstevel@tonic-gate return (NS_TSIG_ERROR_FORMERR); 4417c478bd9Sstevel@tonic-gate 4427c478bd9Sstevel@tonic-gate /* 4437c478bd9Sstevel@tonic-gate * Do the verification. 4447c478bd9Sstevel@tonic-gate */ 4457c478bd9Sstevel@tonic-gate 4467c478bd9Sstevel@tonic-gate /* Digest the time signed and fudge. */ 4477c478bd9Sstevel@tonic-gate cp2 = buf; 448*9525b14bSRao Shoaib PUTSHORT(0, cp2); /*%< Top 16 bits of time. */ 4497c478bd9Sstevel@tonic-gate PUTLONG(timesigned, cp2); 4507c478bd9Sstevel@tonic-gate PUTSHORT(NS_TSIG_FUDGE, cp2); 4517c478bd9Sstevel@tonic-gate 4527c478bd9Sstevel@tonic-gate dst_verify_data(SIG_MODE_UPDATE, state->key, &state->ctx, 4537c478bd9Sstevel@tonic-gate buf, cp2 - buf, NULL, 0); 4547c478bd9Sstevel@tonic-gate 4557c478bd9Sstevel@tonic-gate n = dst_verify_data(SIG_MODE_FINAL, state->key, &state->ctx, NULL, 0, 4567c478bd9Sstevel@tonic-gate sigstart, sigfieldlen); 4577c478bd9Sstevel@tonic-gate if (n < 0) 4587c478bd9Sstevel@tonic-gate return (-ns_r_badsig); 4597c478bd9Sstevel@tonic-gate 4607c478bd9Sstevel@tonic-gate if (sigfieldlen > sizeof(state->sig)) 4617c478bd9Sstevel@tonic-gate return (NS_TSIG_ERROR_NO_SPACE); 4627c478bd9Sstevel@tonic-gate 4637c478bd9Sstevel@tonic-gate memcpy(state->sig, sigstart, sigfieldlen); 4647c478bd9Sstevel@tonic-gate state->siglen = sigfieldlen; 4657c478bd9Sstevel@tonic-gate 4667c478bd9Sstevel@tonic-gate /* Verify the time. */ 4677c478bd9Sstevel@tonic-gate if (abs(timesigned - time(NULL)) > fudge) 4687c478bd9Sstevel@tonic-gate return (-ns_r_badtime); 4697c478bd9Sstevel@tonic-gate 4707c478bd9Sstevel@tonic-gate *msglen = recstart - msg; 4717c478bd9Sstevel@tonic-gate 4727c478bd9Sstevel@tonic-gate if (error != NOERROR) 4737c478bd9Sstevel@tonic-gate return (error); 4747c478bd9Sstevel@tonic-gate 4757c478bd9Sstevel@tonic-gate return (0); 4767c478bd9Sstevel@tonic-gate } 477*9525b14bSRao Shoaib 478*9525b14bSRao Shoaib /*! \file */ 479