Subversion Repositories planix.SVN

/*

 * p9sk1, p9sk2 - Plan 9 secret (private) key authentication.

 * p9sk2 is an incomplete flawed variant of p9sk1.

 *

 * Client protocol:

 *	write challenge[challen]	(p9sk1 only)

 *	read tickreq[tickreqlen]

 *	write ticket[ticketlen]

 *	read authenticator[authentlen]

 *

 * Server protocol:

 * 	read challenge[challen]	(p9sk1 only)

 *	write tickreq[tickreqlen]

 *	read ticket[ticketlen]

 *	write authenticator[authentlen]

 */

#include "dat.h"

struct State

{

	int vers;

	Key *key;

	Ticket t;

	Ticketreq tr;

	char cchal[CHALLEN];

	char tbuf[TICKETLEN+AUTHENTLEN];

	char authkey[DESKEYLEN];

	uchar *secret;

	int speakfor;

};

enum

{

	/* client phases */

	CHaveChal,

	CNeedTreq,

	CHaveTicket,

	CNeedAuth,

	/* server phases */

	SNeedChal,

	SHaveTreq,

	SNeedTicket,

	SHaveAuth,

	Maxphase,

};

static char *phasenames[Maxphase] =

{

[CHaveChal]		"CHaveChal",

[CNeedTreq]		"CNeedTreq",

[CHaveTicket]		"CHaveTicket",

[CNeedAuth]		"CNeedAuth",

[SNeedChal]		"SNeedChal",

[SHaveTreq]		"SHaveTreq",

[SNeedTicket]		"SNeedTicket",

[SHaveAuth]		"SHaveAuth",

};

static int gettickets(State*, char*, char*);

static int

p9skinit(Proto *p, Fsstate *fss)

{

	State *s;

	int iscli, ret;

	Key *k;

	Keyinfo ki;

	Attr *attr;

	if((iscli = isclient(_strfindattr(fss->attr, "role"))) < 0)

		return failure(fss, nil);

	s = emalloc(sizeof *s);

	fss = fss;

	fss->phasename = phasenames;

	fss->maxphase = Maxphase;

	if(p == &p9sk1)

		s->vers = 1;

	else if(p == &p9sk2)

		s->vers = 2;

	else

		abort();

	if(iscli){

		switch(s->vers){

		case 1:

			fss->phase = CHaveChal;

			memrandom(s->cchal, CHALLEN);

			break;

		case 2:

			fss->phase = CNeedTreq;

			break;

		}

	}else{

		s->tr.type = AuthTreq;

		attr = setattr(_copyattr(fss->attr), "proto=p9sk1");

		mkkeyinfo(&ki, fss, attr);

		ki.user = nil;

		ret = findkey(&k, &ki, "user? dom?");

		_freeattr(attr);

		if(ret != RpcOk){

			free(s);

			return ret;

		}

		safecpy(s->tr.authid, _strfindattr(k->attr, "user"), sizeof(s->tr.authid));

		safecpy(s->tr.authdom, _strfindattr(k->attr, "dom"), sizeof(s->tr.authdom));

		s->key = k;

		memrandom(s->tr.chal, sizeof s->tr.chal);

		switch(s->vers){

		case 1:

			fss->phase = SNeedChal;

			break;

		case 2:

			fss->phase = SHaveTreq;

			memmove(s->cchal, s->tr.chal, CHALLEN);

			break;

		}

	}

	fss->ps = s;

	return RpcOk;

}

static int

p9skread(Fsstate *fss, void *a, uint *n)

{

	int m;

	State *s;

	s = fss->ps;

	switch(fss->phase){

	default:

		return phaseerror(fss, "read");

	case CHaveChal:

		m = CHALLEN;

		if(*n < m)

			return toosmall(fss, m);

		*n = m;

		memmove(a, s->cchal, m);

		fss->phase = CNeedTreq;

		return RpcOk;

	case SHaveTreq:

		m = TICKREQLEN;

		if(*n < m)

			return toosmall(fss, m);

		*n = m;

		convTR2M(&s->tr, a);

		fss->phase = SNeedTicket;

		return RpcOk;

	case CHaveTicket:

		m = TICKETLEN+AUTHENTLEN;

		if(*n < m)

			return toosmall(fss, m);

		*n = m;

		memmove(a, s->tbuf, m);

		fss->phase = CNeedAuth;

		return RpcOk;

	case SHaveAuth:

		m = AUTHENTLEN;

		if(*n < m)

			return toosmall(fss, m);

		*n = m;

		memmove(a, s->tbuf+TICKETLEN, m);

		fss->ai.cuid = s->t.cuid;

		fss->ai.suid = s->t.suid;

		s->secret = emalloc(8);

		des56to64((uchar*)s->t.key, s->secret);

		fss->ai.secret = s->secret;

		fss->ai.nsecret = 8;

		fss->haveai = 1;

		fss->phase = Established;

		return RpcOk;

	}

}

static int

p9skwrite(Fsstate *fss, void *a, uint n)

{

	int m, ret, sret;

	char tbuf[2*TICKETLEN], trbuf[TICKREQLEN], *user;

	Attr *attr;

	Authenticator auth;

	State *s;

	Key *srvkey;

	Keyinfo ki;

	s = fss->ps;

	switch(fss->phase){

	default:

		return phaseerror(fss, "write");

	case SNeedChal:

		m = CHALLEN;

		if(n < m)

			return toosmall(fss, m);

		memmove(s->cchal, a, m);

		fss->phase = SHaveTreq;

		return RpcOk;

	case CNeedTreq:

		m = TICKREQLEN;

		if(n < m)

			return toosmall(fss, m);

		/* remember server's chal */

		convM2TR(a, &s->tr);

		if(s->vers == 2)

			memmove(s->cchal, s->tr.chal, CHALLEN);

		if(s->key != nil)

			closekey(s->key);

		attr = _delattr(_delattr(_copyattr(fss->attr), "role"), "user");

		attr = setattr(attr, "proto=p9sk1");

		user = _strfindattr(fss->attr, "user");

		/*

		 * If our client is the user who started factotum (client==owner), then

		 * he can use whatever keys we have to speak as whoever he pleases.

		 * If, on the other hand, we're speaking on behalf of someone else,

		 * we will only vouch for their name on the local system.

		 *

		 * We do the sysuser findkey second so that if we return RpcNeedkey,

		 * the correct key information gets asked for.

		 */

		srvkey = nil;

		s->speakfor = 0;

		sret = RpcFailure;

		if(user==nil || strcmp(user, fss->sysuser) == 0){

			mkkeyinfo(&ki, fss, attr);

			ki.user = nil;

			sret = findkey(&srvkey, &ki,

				"role=speakfor dom=%q user?", s->tr.authdom);

		}

		if(user != nil)

			attr = setattr(attr, "user=%q", user);

		mkkeyinfo(&ki, fss, attr);

		ret = findkey(&s->key, &ki,

			"role=client dom=%q %s", s->tr.authdom, p9sk1.keyprompt);

		if(ret == RpcOk)

			closekey(srvkey);

		else if(sret == RpcOk){

			s->key = srvkey;

			s->speakfor = 1;

		}else if(ret == RpcConfirm || sret == RpcConfirm){

			_freeattr(attr);

			return RpcConfirm;

		}else{

			_freeattr(attr);

			return ret;

		}

		/* fill in the rest of the request */

		s->tr.type = AuthTreq;

		safecpy(s->tr.hostid, _strfindattr(s->key->attr, "user"), sizeof s->tr.hostid);

		if(s->speakfor)

			safecpy(s->tr.uid, fss->sysuser, sizeof s->tr.uid);

		else

			safecpy(s->tr.uid, s->tr.hostid, sizeof s->tr.uid);

		convTR2M(&s->tr, trbuf);

		/* get tickets, from auth server or invent if we can */

		if(gettickets(s, trbuf, tbuf) < 0){

			_freeattr(attr);

			return failure(fss, nil);

		}

		convM2T(tbuf, &s->t, (char*)s->key->priv);

		if(s->t.num != AuthTc){

			if(s->key->successes == 0 && !s->speakfor)

				disablekey(s->key);

			if(askforkeys && !s->speakfor){

				snprint(fss->keyinfo, sizeof fss->keyinfo,

					"%A %s", attr, p9sk1.keyprompt);

				_freeattr(attr);

				return RpcNeedkey;

			}else{

				_freeattr(attr);

				return failure(fss, Ebadkey);

			}

		}

		s->key->successes++;

		_freeattr(attr);

		memmove(s->tbuf, tbuf+TICKETLEN, TICKETLEN);

		auth.num = AuthAc;

		memmove(auth.chal, s->tr.chal, CHALLEN);

		auth.id = 0;

		convA2M(&auth, s->tbuf+TICKETLEN, s->t.key);

		fss->phase = CHaveTicket;

		return RpcOk;

	case SNeedTicket:

		m = TICKETLEN+AUTHENTLEN;

		if(n < m)

			return toosmall(fss, m);

		convM2T(a, &s->t, (char*)s->key->priv);

		if(s->t.num != AuthTs

		|| memcmp(s->t.chal, s->tr.chal, CHALLEN) != 0)

			return failure(fss, Easproto);

		convM2A((char*)a+TICKETLEN, &auth, s->t.key);

		if(auth.num != AuthAc

		|| memcmp(auth.chal, s->tr.chal, CHALLEN) != 0

		|| auth.id != 0)

			return failure(fss, Easproto);

		auth.num = AuthAs;

		memmove(auth.chal, s->cchal, CHALLEN);

		auth.id = 0;

		convA2M(&auth, s->tbuf+TICKETLEN, s->t.key);

		fss->phase = SHaveAuth;

		return RpcOk;

	case CNeedAuth:

		m = AUTHENTLEN;

		if(n < m)

			return toosmall(fss, m);

		convM2A(a, &auth, s->t.key);

		if(auth.num != AuthAs

		|| memcmp(auth.chal, s->cchal, CHALLEN) != 0

		|| auth.id != 0)

			return failure(fss, Easproto);

		fss->ai.cuid = s->t.cuid;

		fss->ai.suid = s->t.suid;

		s->secret = emalloc(8);

		des56to64((uchar*)s->t.key, s->secret);

		fss->ai.secret = s->secret;

		fss->ai.nsecret = 8;

		fss->haveai = 1;

		fss->phase = Established;

		return RpcOk;

	}

}

static void

p9skclose(Fsstate *fss)

{

	State *s;

	s = fss->ps;

	if(s->secret != nil){

		free(s->secret);

		s->secret = nil;

	}

	if(s->key != nil){

		closekey(s->key);

		s->key = nil;

	}

	free(s);

}

static int

unhex(char c)

{

	if('0' <= c && c <= '9')

		return c-'0';

	if('a' <= c && c <= 'f')

		return c-'a'+10;

	if('A' <= c && c <= 'F')

		return c-'A'+10;

	abort();

	return -1;

}

static int

hexparse(char *hex, uchar *dat, int ndat)

{

	int i;

	if(strlen(hex) != 2*ndat)

		return -1;

	if(hex[strspn(hex, "0123456789abcdefABCDEF")] != '\0')

		return -1;

	for(i=0; i<ndat; i++)

		dat[i] = (unhex(hex[2*i])<<4)|unhex(hex[2*i+1]);

	return 0;

}

static int

p9skaddkey(Key *k, int before)

{

	char *s;

	k->priv = emalloc(DESKEYLEN);

	if(s = _strfindattr(k->privattr, "!hex")){

		if(hexparse(s, k->priv, 7) < 0){

			free(k->priv);

			k->priv = nil;

			werrstr("malformed key data");

			return -1;

		}

	}else if(s = _strfindattr(k->privattr, "!password")){

		passtokey((char*)k->priv, s);

	}else{

		werrstr("no key data");

		free(k->priv);

		k->priv = nil;

		return -1;

	}

	return replacekey(k, before);

}

static void

p9skclosekey(Key *k)

{

	free(k->priv);

}

static int

getastickets(State *s, char *trbuf, char *tbuf)

{

	int asfd, rv;

	char *dom;

	if((dom = _strfindattr(s->key->attr, "dom")) == nil){

		werrstr("auth key has no domain");

		return -1;

	}

	asfd = _authdial(nil, dom);

	if(asfd < 0)

		return -1;

	rv = _asgetticket(asfd, trbuf, tbuf);

	close(asfd);

	return rv;

}

static int

mkserverticket(State *s, char *tbuf)

{

	Ticketreq *tr = &s->tr;

	Ticket t;

	if(strcmp(tr->authid, tr->hostid) != 0)

		return -1;

/* this keeps creating accounts on martha from working.  -- presotto

	if(strcmp(tr->uid, "none") == 0)

		return -1;

*/

	memset(&t, 0, sizeof(t));

	memmove(t.chal, tr->chal, CHALLEN);

	strcpy(t.cuid, tr->uid);

	strcpy(t.suid, tr->uid);

	memrandom(t.key, DESKEYLEN);

	t.num = AuthTc;

	convT2M(&t, tbuf, s->key->priv);

	t.num = AuthTs;

	convT2M(&t, tbuf+TICKETLEN, s->key->priv);

	return 0;

}

static int

gettickets(State *s, char *trbuf, char *tbuf)

{

/*

	if(mktickets(s, trbuf, tbuf) >= 0)

		return 0;

*/

	if(getastickets(s, trbuf, tbuf) >= 0)

		return 0;

	return mkserverticket(s, tbuf);

}

Proto p9sk1 = {

.name=	"p9sk1",

.init=		p9skinit,

.write=	p9skwrite,

.read=	p9skread,

.close=	p9skclose,

.addkey=	p9skaddkey,

.closekey=	p9skclosekey,

.keyprompt=	"user? !password?"

};

Proto p9sk2 = {

.name=	"p9sk2",

.init=		p9skinit,

.write=	p9skwrite,

.read=	p9skread,

.close=	p9skclose,

};