archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 827363a95b
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '827363a95b'
${ noResults }
windows-server-2003/net/ias/protocol/proxy/radpack.cpp

502 lines
12 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. ///////////////////////////////////////////////////////////////////////////////
  2. //
  3. // Copyright (c) Microsoft Corp. All rights reserved.
  4. //
  5. // FILE
  6. //
  7. // radpack.cpp
  8. //
  9. // SYNOPSIS
  10. //
  11. // Defines functions for packing and unpacking RADIUS packets.
  12. //
  13. // MODIFICATION HISTORY
  14. //
  15. // 02/01/2000 Original version.
  16. //
  17. ///////////////////////////////////////////////////////////////////////////////
  19. #include <proxypch.h>
  21. #include <align.h>
  22. #include <md5.h>
  23. #include <hmac.h>
  25. #include <radpack.h>
  27. // Return the number of bytes required to round 'length' to a multiple of 16.
  28. inline ULONG GetPaddingLength16(ULONG length) throw ()
  29. {
  30. return ROUND_UP_COUNT(length, 16) - length;
  31. }
  33. // Returns 'true' if attr is a Microsoft VSA. The attribute must be of type 26.
  34. inline bool isMicrosoftVSA(const RadiusAttribute& attr) throw ()
  35. {
  36. return attr.length >= 6 && !memcmp(attr.value, "\x00\x00\x01\x37", 4);
  37. }
  39. // Returns 'true' if attr is a Cisco AV-Pair VSA containing a LEAP session key.
  40. // The attribute must be of type 26.
  41. inline bool isCiscoLeapSessionKey(const RadiusAttribute& attr) throw ()
  42. {
  43. return (attr.length == 57) &&
  44. (memcmp(
  45. attr.value,
  46. "\x00\x00\x00\x09\x01\x35leap:session-key=",
  47. 23
  48. ) == 0);
  49. }
  51. // Pack a 16-bit integer into a buffer.
  52. inline void InsertUInt16(PBYTE p, USHORT value) throw ()
  53. {
  54. p[0] = (BYTE)(value >> 8);
  55. p[1] = (BYTE)value;
  56. }
  58. // Unpack a 16-bit integer into a buffer.
  59. inline USHORT ExtractUInt16(const BYTE* p) throw ()
  60. {
  61. return (USHORT)(p[0] << 8) | (USHORT)p[1];
  62. }
  65. // Returns the number of bytes of padding that should be added when packing the
  66. // attribute.
  67. ULONG
  68. WINAPI
  69. GetPaddingLength(
  70. const RadiusAttribute& attr
  71. ) throw ()
  72. {
  73. switch (attr.type)
  74. {
  75. case RADIUS_USER_PASSWORD:
  76. return GetPaddingLength16(attr.length);
  78. case RADIUS_TUNNEL_PASSWORD:
  79. // Subtract 1 byte for the tag and 2 for the salt.
  80. return GetPaddingLength16(attr.length - 3);
  82. case RADIUS_VENDOR_SPECIFIC:
  83. {
  84. if (isMicrosoftVSA(attr))
  85. {
  86. switch (attr.value[4])
  87. {
  88. case MS_CHAP_MPPE_SEND_KEYS:
  89. case MS_CHAP_MPPE_RECV_KEYS:
  90. // Vendor-Id = 4 bytes
  91. // Vendor-Type = 1 byte
  92. // Vendor-Length = 1 byte
  93. // Salt = 2 bytes
  94. return GetPaddingLength16(attr.length - 8);
  95. }
  96. }
  97. break;
  98. }
  99. }
  101. return 0;
  102. }
  105. // Returns information about how to encrypt/decrypt an attribute.
  106. VOID
  107. WINAPI
  108. GetCryptParameters(
  109. const RadiusAttribute& attr,
  110. CryptParameters& parms
  111. ) throw ()
  112. {
  113. memset(&parms, 0, sizeof(parms));
  115. switch (attr.type)
  116. {
  117. case RADIUS_USER_PASSWORD:
  118. {
  119. parms.encrypted = TRUE;
  120. break;
  121. }
  123. case RADIUS_TUNNEL_PASSWORD:
  124. {
  125. parms.encrypted = TRUE;
  126. parms.salted = TRUE;
  127. parms.offset = 1; // Skip the tag.
  128. break;
  129. }
  131. case RADIUS_VENDOR_SPECIFIC:
  132. {
  133. if (isMicrosoftVSA(attr))
  134. {
  135. switch (attr.value[4])
  136. {
  137. case MS_CHAP_MPPE_KEYS:
  138. {
  139. parms.encrypted = TRUE;
  140. parms.offset = 6; // Skip the VSA header.
  141. break;
  142. }
  144. case MS_CHAP_MPPE_SEND_KEYS:
  145. case MS_CHAP_MPPE_RECV_KEYS:
  146. {
  147. parms.encrypted = TRUE;
  148. parms.salted = TRUE;
  149. parms.offset = 6; // Skip the VSA header.
  150. break;
  151. }
  152. }
  153. }
  154. else if (isCiscoLeapSessionKey(attr))
  155. {
  156. parms.encrypted = TRUE;
  157. parms.salted = TRUE;
  158. parms.offset = 23;
  159. }
  160. break;
  161. }
  162. }
  163. }
  165. ULONG
  166. WINAPI
  167. GetBufferSizeRequired(
  168. const RadiusPacket& packet,
  169. const RadiusAttribute* proxyState,
  170. BOOL alwaysSign
  171. ) throw ()
  172. {
  173. // We'll look for the signature as we iterate through the attributes.
  174. BOOL hasSignature = FALSE;
  176. // We always need 20 bytes for the header.
  177. ULONG nbyte = 20;
  179. // Iterate through the attributes.
  180. for (const RadiusAttribute* attr = packet.begin; attr != packet.end; ++attr)
  181. {
  182. nbyte += 2; // Two bytes for type & length.
  183. nbyte += attr->length;
  184. nbyte += GetPaddingLength(*attr);
  186. if (attr->type == RADIUS_SIGNATURE)
  187. {
  188. hasSignature = TRUE;
  189. }
  190. else if (attr->type == RADIUS_EAP_MESSAGE)
  191. {
  192. alwaysSign = TRUE;
  193. }
  194. }
  196. // Reserve space for the Proxy-State attribute.
  197. if (proxyState) { nbyte += proxyState->length + 2; }
  199. // Reserve space for the signature if necessary.
  200. if (alwaysSign && !hasSignature && packet.code == RADIUS_ACCESS_REQUEST)
  201. {
  202. nbyte += 18;
  203. }
  205. return nbyte <= 4096 ? nbyte : 0;
  206. }
  208. VOID
  209. WINAPI
  210. PackBuffer(
  211. const BYTE* secret,
  212. ULONG secretLength,
  213. RadiusPacket& packet,
  214. const RadiusAttribute* proxyState,
  215. BOOL alwaysSign,
  216. BYTE* buffer
  217. ) throw ()
  218. {
  219. // Set up a cursor into the buffer.
  220. BYTE* dst = buffer;
  222. // Pack the header.
  223. *dst++ = packet.code;
  224. *dst++ = packet.identifier;
  225. InsertUInt16(dst, packet.length);
  226. dst += 2;
  228. // Pack the authenticator.
  229. if (packet.code == RADIUS_ACCESS_REQUEST)
  230. {
  231. memcpy(dst, packet.authenticator, 16);
  232. }
  233. else
  234. {
  235. memset(dst, 0, 16);
  236. }
  237. dst += 16;
  239. // We'll look for the signature as we iterate through the attributes.
  240. BYTE* signature = NULL;
  242. for (const RadiusAttribute* attr = packet.begin; attr != packet.end; ++attr)
  243. {
  244. // Pack the type.
  245. *dst++ = attr->type;
  247. // Pack the length.
  248. ULONG paddingLength = GetPaddingLength(*attr);
  249. ULONG valueLength = attr->length + paddingLength;
  250. *dst++ = (BYTE)(2 + valueLength);
  252. if (attr->type == RADIUS_SIGNATURE)
  253. {
  254. signature = dst;
  255. }
  256. else if (attr->type == RADIUS_EAP_MESSAGE)
  257. {
  258. alwaysSign = TRUE;
  259. }
  261. // Pack the value ...
  262. memcpy(dst, attr->value, attr->length);
  263. // ... and add the padding.
  264. memset(dst + attr->length, 0, paddingLength);
  266. // Do we need to encrypt this attribute ?
  267. CryptParameters parms;
  268. GetCryptParameters(*attr, parms);
  269. if (parms.encrypted)
  270. {
  271. // Yes.
  272. IASRadiusCrypt(
  273. TRUE,
  274. parms.salted,
  275. secret,
  276. secretLength,
  277. buffer + 4,
  278. dst + parms.offset,
  279. valueLength - parms.offset
  280. );
  281. }
  283. dst += valueLength;
  284. }
  286. // Add the Proxy-State
  287. if (proxyState)
  288. {
  289. *dst++ = proxyState->type;
  290. *dst++ = proxyState->length + 2;
  291. memcpy(dst, proxyState->value, proxyState->length);
  292. dst += proxyState->length;
  293. }
  295. if (packet.code == RADIUS_ACCESS_REQUEST)
  296. {
  297. if (alwaysSign && (signature == 0))
  298. {
  299. *dst++ = RADIUS_SIGNATURE;
  300. *dst++ = 18;
  301. signature = dst;
  302. }
  304. if (signature != 0)
  305. {
  306. // Compute the signature.
  307. memset(signature, 0, 16);
  308. HMACMD5_CTX context;
  309. HMACMD5Init(&context, (BYTE*)secret, secretLength);
  310. HMACMD5Update(&context, buffer, packet.length);
  311. HMACMD5Final(&context, signature);
  312. }
  313. }
  314. else
  315. {
  316. // For everything but Access-Request, we compute the authenticator.
  317. MD5_CTX context;
  318. MD5Init(&context);
  319. MD5Update(&context, buffer, packet.length);
  320. MD5Update(&context, secret, secretLength);
  321. MD5Final(&context);
  323. memcpy(buffer + 4, context.digest, 16);
  324. }
  325. }
  327. RadiusAttribute*
  328. WINAPI
  329. FindAttribute(
  330. const RadiusPacket& packet,
  331. BYTE type
  332. )
  333. {
  334. for (const RadiusAttribute* i = packet.begin; i != packet.end; ++i)
  335. {
  336. if (i->type == type) { return const_cast<RadiusAttribute*>(i); }
  337. }
  339. return NULL;
  340. }
  342. ULONG
  343. WINAPI
  344. GetAttributeCount(
  345. const BYTE* buffer,
  346. ULONG bufferLength
  347. ) throw ()
  348. {
  349. if (bufferLength >= 20 && ExtractUInt16(buffer + 2) == bufferLength)
  350. {
  351. ULONG count = 0;
  352. const BYTE* end = buffer + bufferLength;
  353. for (const BYTE* p = buffer + 20; p < end; p += p[1])
  354. {
  355. ++count;
  356. }
  358. if (p == end) { return count; }
  359. }
  361. return MALFORMED_PACKET;
  362. }
  364. VOID
  365. WINAPI
  366. UnpackBuffer(
  367. BYTE* buffer,
  368. ULONG bufferLength,
  369. RadiusPacket& packet
  370. ) throw ()
  371. {
  372. // Set up a cursor into the buffer.
  373. BYTE* src = buffer;
  375. packet.code = *src++;
  376. packet.identifier = *src++;
  377. packet.length = ExtractUInt16(src);
  378. src +=2;
  379. packet.authenticator = src;
  380. src += 16;
  382. RadiusAttribute* dst = packet.begin;
  383. const BYTE* end = buffer + bufferLength;
  384. while (src < end)
  385. {
  386. dst->type = *src++;
  387. dst->length = *src++ - 2;
  388. dst->value = src;
  389. src += dst->length;
  390. ++dst;
  391. }
  392. }
  394. BYTE*
  395. WINAPI
  396. FindRawAttribute(
  397. BYTE type,
  398. BYTE* buffer,
  399. ULONG bufferLength
  400. )
  401. {
  402. BYTE* end = buffer + bufferLength;
  404. for (BYTE* p = buffer + 20; p < buffer + bufferLength; p += p[1])
  405. {
  406. if (*p == type) { return p; }
  407. }
  409. return NULL;
  410. }
  412. AuthResult
  413. WINAPI
  414. AuthenticateAndDecrypt(
  415. const BYTE* requestAuthenticator,
  416. const BYTE* secret,
  417. ULONG secretLength,
  418. BYTE* buffer,
  419. ULONG bufferLength,
  420. RadiusPacket& packet
  421. ) throw ()
  422. {
  423. AuthResult result = AUTH_UNKNOWN;
  425. if (!requestAuthenticator) { requestAuthenticator = buffer + 4; }
  427. // Check the authenticator for everything but Access-Request.
  428. if (buffer[0] != RADIUS_ACCESS_REQUEST)
  429. {
  430. MD5_CTX context;
  431. MD5Init(&context);
  432. MD5Update(&context, buffer, 4);
  433. MD5Update(&context, requestAuthenticator, 16);
  434. MD5Update(&context, buffer + 20, bufferLength - 20);
  435. MD5Update(&context, secret, secretLength);
  436. MD5Final(&context);
  438. if (memcmp(context.digest, buffer + 4, 16))
  439. {
  440. return AUTH_BAD_AUTHENTICATOR;
  441. }
  443. result = AUTH_AUTHENTIC;
  444. }
  446. // Look for a signature.
  447. BYTE* signature = FindRawAttribute(
  448. RADIUS_SIGNATURE,
  449. buffer,
  450. bufferLength
  451. );
  453. if (signature)
  454. {
  455. if (signature[1] != 18) { return AUTH_BAD_SIGNATURE; }
  457. signature += 2;
  459. BYTE sent[16];
  460. memcpy(sent, signature, 16);
  462. memset(signature, 0, 16);
  464. HMACMD5_CTX context;
  465. HMACMD5Init(&context, (BYTE*)secret, secretLength);
  466. HMACMD5Update(&context, buffer, 4);
  467. HMACMD5Update(&context, (BYTE*)requestAuthenticator, 16);
  468. HMACMD5Update(&context, buffer + 20, bufferLength - 20);
  469. HMACMD5Final(&context, signature);
  471. if (memcmp(signature, sent, 16)) { return AUTH_BAD_SIGNATURE; }
  473. result = AUTH_AUTHENTIC;
  474. }
  475. else if (FindRawAttribute(RADIUS_EAP_MESSAGE, buffer, bufferLength))
  476. {
  477. return AUTH_MISSING_SIGNATURE;
  478. }
  480. // The buffer is authentic, so decrypt the attributes.
  481. for (const RadiusAttribute* attr = packet.begin; attr != packet.end; ++attr)
  482. {
  483. // Do we need to decrypt this attribute ?
  484. CryptParameters parms;
  485. GetCryptParameters(*attr, parms);
  486. if (parms.encrypted)
  487. {
  488. // Yes.
  489. IASRadiusCrypt(
  490. FALSE,
  491. parms.salted,
  492. secret,
  493. secretLength,
  494. requestAuthenticator,
  495. attr->value + parms.offset,
  496. attr->length - parms.offset
  497. );
  498. }
  499. }
  501. return result;
  502. }