2 Unix SMB/CIFS implementation.
4 Copyright (C) Andrew Tridgell 2004
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 2 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program; if not, write to the Free Software
18 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
24 mark the flags2 field in a packet as signed
26 static void mark_packet_signed(struct smbsrv_request *req)
29 flags2 = SVAL(req->out.hdr, HDR_FLG2);
30 flags2 |= FLAGS2_SMB_SECURITY_SIGNATURES;
31 SSVAL(req->out.hdr, HDR_FLG2, flags2);
35 calculate the signature for a message
37 static void calc_signature(uint8_t *buffer, size_t length,
38 DATA_BLOB *mac_key, uint8_t signature[8])
40 uint8_t calc_md5_mac[16];
41 struct MD5Context md5_ctx;
44 MD5Update(&md5_ctx, mac_key->data, mac_key->length);
45 MD5Update(&md5_ctx, buffer, length);
46 MD5Final(calc_md5_mac, &md5_ctx);
47 memcpy(signature, calc_md5_mac, 8);
52 sign an outgoing packet
54 void req_sign_packet(struct smbsrv_request *req)
56 /* check if we are doing signing on this connection */
57 if (req->smb_ctx->signing.signing_state != SMB_SIGNING_REQUIRED) {
61 SBVAL(req->out.hdr, HDR_SS_FIELD, req->seq_num+1);
63 mark_packet_signed(req);
65 calc_signature(req->out.hdr, req->out.size - NBT_HDR_SIZE,
66 &req->smb_ctx->signing.mac_key,
67 &req->out.hdr[HDR_SS_FIELD]);
72 setup the signing key for a connection. Called after authentication succeeds
75 void srv_setup_signing(struct smbsrv_context *smb_ctx,
76 DATA_BLOB *session_key,
77 DATA_BLOB *session_response)
79 smb_ctx->signing.mac_key = data_blob(NULL,
80 session_key->length + session_response->length);
81 memcpy(smb_ctx->signing.mac_key.data, session_key->data, session_key->length);
82 if (session_response->length != 0) {
83 memcpy(&smb_ctx->signing.mac_key.data[session_key->length],
84 session_response->data,
85 session_response->length);
91 allocate a sequence number to a request
93 static void req_signing_alloc_seq_num(struct smbsrv_request *req)
95 req->seq_num = req->smb_ctx->signing.next_seq_num;
97 /* TODO: we need to handle one-way requests like NTcancel, which
98 only increment the sequence number by 1 */
99 if (req->smb_ctx->signing.signing_state != SMB_SIGNING_OFF) {
100 req->smb_ctx->signing.next_seq_num += 2;
105 check the signature of an incoming packet
107 BOOL req_signing_check_incoming(struct smbsrv_request *req)
109 uint8_t client_md5_mac[8], signature[8];
111 switch (req->smb_ctx->signing.signing_state) {
112 case SMB_SIGNING_OFF:
114 case SMB_SIGNING_SUPPORTED:
115 if (req->flags2 & FLAGS2_SMB_SECURITY_SIGNATURES) {
116 req->smb_ctx->signing.signing_state = SMB_SIGNING_REQUIRED;
119 case SMB_SIGNING_REQUIRED:
123 req_signing_alloc_seq_num(req);
125 /* the first packet isn't checked as the key hasn't been established */
126 if (req->seq_num == 0) {
130 /* room enough for the signature? */
131 if (req->in.size < NBT_HDR_SIZE + HDR_SS_FIELD + 8) {
135 memcpy(client_md5_mac, req->in.hdr + HDR_SS_FIELD, 8);
137 SBVAL(req->in.hdr, HDR_SS_FIELD, req->seq_num);
139 calc_signature(req->in.hdr, req->in.size - NBT_HDR_SIZE,
140 &req->smb_ctx->signing.mac_key,
143 if (memcmp(client_md5_mac, signature, 8) != 0) {
144 DEBUG(2,("Bad SMB signature seq_num=%d\n", (int)req->seq_num));