external/bsd/tcpdump/dist/signature.c

   1 /*
   2  * Redistribution and use in source and binary forms, with or without
   3  * modification, are permitted provided that: (1) source code
   4  * distributions retain the above copyright notice and this paragraph
   5  * in its entirety, and (2) distributions including binary code include
   6  * the above copyright notice and this paragraph in its entirety in
   7  * the documentation or other materials provided with the distribution.
   8  * THIS SOFTWARE IS PROVIDED ``AS IS'' AND
   9  * WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, WITHOUT
  10  * LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
  11  * FOR A PARTICULAR PURPOSE.
  12  *
  13  * Functions for signature and digest verification.
  14  *
  15  * Original code by Hannes Gredler (hannes@juniper.net)
  16  */
  17
  18 #include <sys/cdefs.h>
  19 #ifndef lint
  20 __RCSID("$NetBSD: signature.c,v 1.5 2014/11/20 03:05:03 christos Exp $");
  21 #endif
  22
  23 #define NETDISSECT_REWORKED
  24 #ifdef HAVE_CONFIG_H
  25 #include "config.h"
  26 #endif
  27
  28 #include <tcpdump-stdinc.h>
  29
  30 #include <string.h>
  31
  32 #include "interface.h"
  33 #include "signature.h"
  34
  35 #ifdef HAVE_LIBCRYPTO
  36 #include <openssl/md5.h>
  37 #endif
  38
  39 const struct tok signature_check_values[] = {
  40     { SIGNATURE_VALID, "valid"},
  41     { SIGNATURE_INVALID, "invalid"},
  42     { CANT_CHECK_SIGNATURE, "unchecked"},
  43     { 0, NULL }
  44 };
  45
  46
  47 #ifdef HAVE_LIBCRYPTO
  48 /*
  49  * Compute a HMAC MD5 sum.
  50  * Taken from rfc2104, Appendix.
  51  */
  52 USES_APPLE_DEPRECATED_API
  53 static void
  54 signature_compute_hmac_md5(const uint8_t *text, int text_len, unsigned char *key,
  55                            unsigned int key_len, uint8_t *digest)
  56 {
  57     MD5_CTX context;
  58     unsigned char k_ipad[65];    /* inner padding - key XORd with ipad */
  59     unsigned char k_opad[65];    /* outer padding - key XORd with opad */
  60     unsigned char tk[16];
  61     int i;
  62
  63     /* if key is longer than 64 bytes reset it to key=MD5(key) */
  64     if (key_len > 64) {
  65
  66         MD5_CTX tctx;
  67
  68         MD5_Init(&tctx);
  69         MD5_Update(&tctx, key, key_len);
  70         MD5_Final(tk, &tctx);
  71
  72         key = tk;
  73         key_len = 16;
  74     }
  75
  76     /*
  77      * the HMAC_MD5 transform looks like:
  78      *
  79      * MD5(K XOR opad, MD5(K XOR ipad, text))
  80      *
  81      * where K is an n byte key
  82      * ipad is the byte 0x36 repeated 64 times
  83      * opad is the byte 0x5c repeated 64 times
  84      * and text is the data being protected
  85      */
  86
  87     /* start out by storing key in pads */
  88     memset(k_ipad, 0, sizeof k_ipad);
  89     memset(k_opad, 0, sizeof k_opad);
  90     memcpy(k_ipad, key, key_len);
  91     memcpy(k_opad, key, key_len);
  92
  93     /* XOR key with ipad and opad values */
  94     for (i=0; i<64; i++) {
  95         k_ipad[i] ^= 0x36;
  96         k_opad[i] ^= 0x5c;
  97     }
  98
  99     /*
 100      * perform inner MD5
 101      */
 102     MD5_Init(&context);                   /* init context for 1st pass */
 103     MD5_Update(&context, k_ipad, 64);     /* start with inner pad */
 104     MD5_Update(&context, text, text_len); /* then text of datagram */
 105     MD5_Final(digest, &context);          /* finish up 1st pass */
 106
 107     /*
 108      * perform outer MD5
 109      */
 110     MD5_Init(&context);                   /* init context for 2nd pass */
 111     MD5_Update(&context, k_opad, 64);     /* start with outer pad */
 112     MD5_Update(&context, digest, 16);     /* then results of 1st hash */
 113     MD5_Final(digest, &context);          /* finish up 2nd pass */
 114 }
 115 USES_APPLE_RST
 116 #endif
 117
 118 #ifdef HAVE_LIBCRYPTO
 119 /*
 120  * Verify a cryptographic signature of the packet.
 121  * Currently only MD5 is supported.
 122  */
 123 int
 124 signature_verify(netdissect_options *ndo,
 125                  const u_char *pptr, u_int plen, u_char *sig_ptr)
 126 {
 127     uint8_t rcvsig[16];
 128     uint8_t sig[16];
 129     unsigned int i;
 130
 131     /*
 132      * Save the signature before clearing it.
 133      */
 134     memcpy(rcvsig, sig_ptr, sizeof(rcvsig));
 135     memset(sig_ptr, 0, sizeof(rcvsig));
 136
 137     if (!ndo->ndo_sigsecret) {
 138         return (CANT_CHECK_SIGNATURE);
 139     }
 140
 141     signature_compute_hmac_md5(pptr, plen, (unsigned char *)ndo->ndo_sigsecret,
 142                                strlen(ndo->ndo_sigsecret), sig);
 143
 144     if (memcmp(rcvsig, sig, sizeof(sig)) == 0) {
 145         return (SIGNATURE_VALID);
 146
 147     } else {
 148
 149         for (i = 0; i < sizeof(sig); ++i) {
 150             ND_PRINT((ndo, "%02x", sig[i]));
 151         }
 152
 153         return (SIGNATURE_INVALID);
 154     }
 155 }
 156 #endif
 157
 158 /*
 159  * Local Variables:
 160  * c-style: whitesmith
 161  * c-basic-offset: 4
 162  * End:
 163  */