archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6 Commits
1 Branch
0 Tags
2.0 GiB
Tree: daad8a087a
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'daad8a087a'
${ noResults }
windows-xp/Source/XPSP1/NT/net/ias/protocol/proxy/radpack.cpp

516 lines
12 KiB
Raw Normal View History

Add source files
4 years ago
  1. ///////////////////////////////////////////////////////////////////////////////
  2. //
  3. // Copyright (c) 2000, Microsoft Corp. All rights reserved.
  4. //
  5. // FILE
  6. //
  7. // radpack.cpp
  8. //
  9. // SYNOPSIS
  10. //
  11. // Defines functions for packing and unpacking RADIUS packets.
  12. //
  13. // MODIFICATION HISTORY
  14. //
  15. // 02/01/2000 Original version.
  16. //
  17. ///////////////////////////////////////////////////////////////////////////////
  19. #include <proxypch.h>
  21. #include <align.h>
  22. #include <md5.h>
  23. #include <hmac.h>
  25. #include <radpack.h>
  27. // Avoid dependencies on ntrtl.h
  28. extern "C" ULONG __stdcall RtlRandom(PULONG seed);
  30. // Return the number of bytes required to round 'length' to a multiple of 16.
  31. inline ULONG GetPaddingLength16(ULONG length) throw ()
  32. {
  33. return ROUND_UP_COUNT(length, 16) - length;
  34. }
  36. // Returns 'true' if attr is a Microsoft VSA. The attribute must be of type 26.
  37. inline bool isMicrosoftVSA(const RadiusAttribute& attr) throw ()
  38. {
  39. return attr.length >= 6 && !memcmp(attr.value, "\x00\x00\x01\x37", 4);
  40. }
  42. // Pack a 16-bit integer into a buffer.
  43. inline void InsertUInt16(PBYTE p, USHORT value) throw ()
  44. {
  45. p[0] = (BYTE)(value >> 8);
  46. p[1] = (BYTE)value;
  47. }
  49. // Unpack a 16-bit integer into a buffer.
  50. inline USHORT ExtractUInt16(const BYTE* p) throw ()
  51. {
  52. return (USHORT)(p[0] << 8) | (USHORT)p[1];
  53. }
  56. // Returns the number of bytes of padding that should be added when packing the
  57. // attribute.
  58. ULONG
  59. WINAPI
  60. GetPaddingLength(
  61. const RadiusAttribute& attr
  62. ) throw ()
  63. {
  64. switch (attr.type)
  65. {
  66. case RADIUS_USER_PASSWORD:
  67. return GetPaddingLength16(attr.length);
  69. case RADIUS_TUNNEL_PASSWORD:
  70. // Subtract 1 byte for the tag and 2 for the salt.
  71. return GetPaddingLength16(attr.length - 3);
  73. case RADIUS_VENDOR_SPECIFIC:
  74. {
  75. if (isMicrosoftVSA(attr))
  76. {
  77. switch (attr.value[4])
  78. {
  79. case MS_CHAP_MPPE_SEND_KEYS:
  80. case MS_CHAP_MPPE_RECV_KEYS:
  81. // Vendor-Id = 4 bytes
  82. // Vendor-Type = 1 byte
  83. // Vendor-Length = 1 byte
  84. // Salt = 2 bytes
  85. return GetPaddingLength16(attr.length - 8);
  86. }
  87. }
  88. break;
  89. }
  90. }
  92. return 0;
  93. }
  95. // Struct describing how to encrypt an attribute.
  96. struct CryptParameters
  97. {
  98. BOOL encrypted;
  99. BOOL salted;
  100. ULONG offset;
  101. };
  103. // Returns information about how to encrypt/decrypt an attribute.
  104. VOID
  105. WINAPI
  106. GetCryptParameters(
  107. const RadiusAttribute& attr,
  108. CryptParameters& parms
  109. ) throw ()
  110. {
  111. memset(&parms, 0, sizeof(parms));
  113. switch (attr.type)
  114. {
  115. case RADIUS_USER_PASSWORD:
  116. {
  117. parms.encrypted = TRUE;
  118. break;
  119. }
  121. case RADIUS_TUNNEL_PASSWORD:
  122. {
  123. parms.encrypted = TRUE;
  124. parms.salted = TRUE;
  125. parms.offset = 1; // Skip the tag.
  126. break;
  127. }
  129. case RADIUS_VENDOR_SPECIFIC:
  130. {
  131. if (isMicrosoftVSA(attr))
  132. {
  133. switch (attr.value[4])
  134. {
  135. case MS_CHAP_MPPE_KEYS:
  136. {
  137. parms.encrypted = TRUE;
  138. parms.offset = 6; // Skip the VSA header.
  139. break;
  140. }
  142. case MS_CHAP_MPPE_SEND_KEYS:
  143. case MS_CHAP_MPPE_RECV_KEYS:
  144. {
  145. parms.encrypted = TRUE;
  146. parms.salted = TRUE;
  147. parms.offset = 6; // Skip the VSA header.
  148. break;
  149. }
  150. }
  151. }
  152. break;
  153. }
  154. }
  155. }
  157. ULONG
  158. WINAPI
  159. GetBufferSizeRequired(
  160. const RadiusPacket& packet,
  161. const RadiusAttribute* proxyState,
  162. BOOL alwaysSign
  163. ) throw ()
  164. {
  165. // We'll look for the signature as we iterate through the attributes.
  166. BOOL hasSignature = FALSE;
  168. // We always need 20 bytes for the header.
  169. ULONG nbyte = 20;
  171. // Iterate through the attributes.
  172. for (const RadiusAttribute* attr = packet.begin; attr != packet.end; ++attr)
  173. {
  174. nbyte += 2; // Two bytes for type & length.
  175. nbyte += attr->length;
  176. nbyte += GetPaddingLength(*attr);
  178. if (attr->type == RADIUS_SIGNATURE)
  179. {
  180. hasSignature = TRUE;
  181. }
  182. else if (attr->type == RADIUS_EAP_MESSAGE)
  183. {
  184. alwaysSign = TRUE;
  185. }
  186. }
  188. // Reserve space for the Proxy-State attribute.
  189. if (proxyState) { nbyte += proxyState->length + 2; }
  191. // Reserve space for the signature if necessary.
  192. if (alwaysSign && !hasSignature && packet.code == RADIUS_ACCESS_REQUEST)
  193. {
  194. nbyte += 18;
  195. }
  197. return nbyte <= 4096 ? nbyte : 0;
  198. }
  200. VOID
  201. WINAPI
  202. PackBuffer(
  203. const BYTE* secret,
  204. ULONG secretLength,
  205. RadiusPacket& packet,
  206. const RadiusAttribute* proxyState,
  207. BOOL alwaysSign,
  208. BYTE* buffer
  209. ) throw ()
  210. {
  211. // Set up a cursor into the buffer.
  212. BYTE* dst = buffer;
  214. // Pack the header.
  215. *dst++ = packet.code;
  216. *dst++ = packet.identifier;
  217. InsertUInt16(dst, packet.length);
  218. dst += 2;
  220. // Pack the authenticator.
  221. if (packet.code == RADIUS_ACCESS_REQUEST)
  222. {
  223. if (packet.authenticator != 0)
  224. {
  225. memcpy(dst, packet.authenticator, 16);
  226. }
  227. else
  228. {
  229. static ULONG seed;
  230. if (seed == 0)
  231. {
  232. FILETIME ft;
  233. GetSystemTimeAsFileTime(&ft);
  234. seed = ft.dwLowDateTime | ft.dwHighDateTime;
  235. }
  237. ULONG auth[4];
  238. auth[0] = RtlRandom(&seed);
  239. auth[1] = RtlRandom(&seed);
  240. auth[2] = RtlRandom(&seed);
  241. auth[3] = RtlRandom(&seed);
  242. memcpy(dst, auth, 16);
  243. }
  244. }
  245. else
  246. {
  247. memset(dst, 0, 16);
  248. }
  249. dst += 16;
  251. // We'll look for the signature as we iterate through the attributes.
  252. BYTE* signature = NULL;
  254. for (const RadiusAttribute* attr = packet.begin; attr != packet.end; ++attr)
  255. {
  256. // Pack the type.
  257. *dst++ = attr->type;
  259. // Pack the length.
  260. ULONG paddingLength = GetPaddingLength(*attr);
  261. ULONG valueLength = attr->length + paddingLength;
  262. *dst++ = (BYTE)(2 + valueLength);
  264. if (attr->type == RADIUS_SIGNATURE)
  265. {
  266. signature = dst;
  267. }
  268. else if (attr->type == RADIUS_EAP_MESSAGE)
  269. {
  270. alwaysSign = TRUE;
  271. }
  273. // Pack the value ...
  274. memcpy(dst, attr->value, attr->length);
  275. // ... and add the padding.
  276. memset(dst + attr->length, 0, paddingLength);
  278. // Do we need to encrypt this attribute ?
  279. CryptParameters parms;
  280. GetCryptParameters(*attr, parms);
  281. if (parms.encrypted)
  282. {
  283. // Yes.
  284. IASRadiusCrypt(
  285. TRUE,
  286. parms.salted,
  287. secret,
  288. secretLength,
  289. buffer + 4,
  290. dst + parms.offset,
  291. valueLength - parms.offset
  292. );
  293. }
  295. dst += valueLength;
  296. }
  298. // Add the Proxy-State
  299. if (proxyState)
  300. {
  301. *dst++ = proxyState->type;
  302. *dst++ = proxyState->length + 2;
  303. memcpy(dst, proxyState->value, proxyState->length);
  304. dst += proxyState->length;
  305. }
  307. if (packet.code == RADIUS_ACCESS_REQUEST)
  308. {
  309. if (alwaysSign)
  310. {
  311. // If we didn't find a signature, ...
  312. if (!signature)
  313. {
  314. // ... then add one at the end of the packet.
  315. *dst++ = RADIUS_SIGNATURE;
  316. *dst++ = 18;
  317. signature = dst;
  318. }
  320. // Compute the signature.
  321. memset(signature, 0, 16);
  322. HMACMD5_CTX context;
  323. HMACMD5Init(&context, (BYTE*)secret, secretLength);
  324. HMACMD5Update(&context, buffer, packet.length);
  325. HMACMD5Final(&context, signature);
  326. }
  327. }
  328. else
  329. {
  330. // For everything but Access-Request, we compute the authenticator.
  331. MD5_CTX context;
  332. MD5Init(&context);
  333. MD5Update(&context, buffer, packet.length);
  334. MD5Update(&context, secret, secretLength);
  335. MD5Final(&context);
  337. memcpy(buffer + 4, context.digest, 16);
  338. }
  339. }
  341. RadiusAttribute*
  342. WINAPI
  343. FindAttribute(
  344. const RadiusPacket& packet,
  345. BYTE type
  346. )
  347. {
  348. for (const RadiusAttribute* i = packet.begin; i != packet.end; ++i)
  349. {
  350. if (i->type == type) { return const_cast<RadiusAttribute*>(i); }
  351. }
  353. return NULL;
  354. }
  356. ULONG
  357. WINAPI
  358. GetAttributeCount(
  359. const BYTE* buffer,
  360. ULONG bufferLength
  361. ) throw ()
  362. {
  363. if (bufferLength >= 20 && ExtractUInt16(buffer + 2) == bufferLength)
  364. {
  365. ULONG count = 0;
  366. const BYTE* end = buffer + bufferLength;
  367. for (const BYTE* p = buffer + 20; p < end; p += p[1])
  368. {
  369. ++count;
  370. }
  372. if (p == end) { return count; }
  373. }
  375. return MALFORMED_PACKET;
  376. }
  378. VOID
  379. WINAPI
  380. UnpackBuffer(
  381. BYTE* buffer,
  382. ULONG bufferLength,
  383. RadiusPacket& packet
  384. ) throw ()
  385. {
  386. // Set up a cursor into the buffer.
  387. BYTE* src = buffer;
  389. packet.code = *src++;
  390. packet.identifier = *src++;
  391. packet.length = ExtractUInt16(src);
  392. src +=2;
  393. packet.authenticator = src;
  394. src += 16;
  396. RadiusAttribute* dst = packet.begin;
  397. const BYTE* end = buffer + bufferLength;
  398. while (src < end)
  399. {
  400. dst->type = *src++;
  401. dst->length = *src++ - 2;
  402. dst->value = src;
  403. src += dst->length;
  404. ++dst;
  405. }
  406. }
  408. BYTE*
  409. WINAPI
  410. FindRawAttribute(
  411. BYTE type,
  412. BYTE* buffer,
  413. ULONG bufferLength
  414. )
  415. {
  416. BYTE* end = buffer + bufferLength;
  418. for (BYTE* p = buffer + 20; p < buffer + bufferLength; p += p[1])
  419. {
  420. if (*p == type) { return p; }
  421. }
  423. return NULL;
  424. }
  426. AuthResult
  427. WINAPI
  428. AuthenticateAndDecrypt(
  429. const BYTE* requestAuthenticator,
  430. const BYTE* secret,
  431. ULONG secretLength,
  432. BYTE* buffer,
  433. ULONG bufferLength,
  434. RadiusPacket& packet
  435. ) throw ()
  436. {
  437. AuthResult result = AUTH_UNKNOWN;
  439. if (!requestAuthenticator) { requestAuthenticator = buffer + 4; }
  441. // Check the authenticator for everything but Access-Request.
  442. if (buffer[0] != RADIUS_ACCESS_REQUEST)
  443. {
  444. MD5_CTX context;
  445. MD5Init(&context);
  446. MD5Update(&context, buffer, 4);
  447. MD5Update(&context, requestAuthenticator, 16);
  448. MD5Update(&context, buffer + 20, bufferLength - 20);
  449. MD5Update(&context, secret, secretLength);
  450. MD5Final(&context);
  452. if (memcmp(context.digest, buffer + 4, 16))
  453. {
  454. return AUTH_BAD_AUTHENTICATOR;
  455. }
  457. result = AUTH_AUTHENTIC;
  458. }
  460. // Look for a signature.
  461. BYTE* signature = FindRawAttribute(
  462. RADIUS_SIGNATURE,
  463. buffer,
  464. bufferLength
  465. );
  467. if (signature)
  468. {
  469. if (signature[1] != 18) { return AUTH_BAD_SIGNATURE; }
  471. signature += 2;
  473. BYTE sent[16];
  474. memcpy(sent, signature, 16);
  476. memset(signature, 0, 16);
  478. HMACMD5_CTX context;
  479. HMACMD5Init(&context, (BYTE*)secret, secretLength);
  480. HMACMD5Update(&context, buffer, 4);
  481. HMACMD5Update(&context, (BYTE*)requestAuthenticator, 16);
  482. HMACMD5Update(&context, buffer + 20, bufferLength - 20);
  483. HMACMD5Final(&context, signature);
  485. if (memcmp(signature, sent, 16)) { return AUTH_BAD_SIGNATURE; }
  487. result = AUTH_AUTHENTIC;
  488. }
  489. else if (FindRawAttribute(RADIUS_EAP_MESSAGE, buffer, bufferLength))
  490. {
  491. return AUTH_MISSING_SIGNATURE;
  492. }
  494. // The buffer is authentic, so decrypt the attributes.
  495. for (const RadiusAttribute* attr = packet.begin; attr != packet.end; ++attr)
  496. {
  497. // Do we need to decrypt this attribute ?
  498. CryptParameters parms;
  499. GetCryptParameters(*attr, parms);
  500. if (parms.encrypted)
  501. {
  502. // Yes.
  503. IASRadiusCrypt(
  504. FALSE,
  505. parms.salted,
  506. secret,
  507. secretLength,
  508. requestAuthenticator,
  509. attr->value + parms.offset,
  510. attr->length - parms.offset
  511. );
  512. }
  513. }
  515. return result;
  516. }