Head

GCC Code Coverage Report

Directory:	./		Exec	Total	Coverage
File:	lib/libradius/radius_mppe.c	Lines:	73	80	91.3 %
Date:	2017-11-07	Branches:	25	32	78.1 %


/*	$OpenBSD: radius_mppe.c,v 1.1 2015/07/20 23:52:29 yasuoka Exp $ */

/*-
 * Copyright (c) 2013 Internet Initiative Japan Inc.
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 *
 * THIS SOFTWARE IS PROVIDED BY THE"AUTHOR" AND CONTRIBUTORS AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 */

#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>

#include <stdbool.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>

#include <openssl/md5.h>

#include "radius.h"

#include "radius_local.h"

int
radius_encrypt_mppe_key_attr(void *cipher, size_t * clen, const void *plain,
    size_t plen, const void *ra, const char *secret)
{
	size_t		 slen = strlen(secret);
	uint8_t		 b[16], plain0[256], *p, *c;
	size_t		 off;
	MD5_CTX		 ctx;
	unsigned int	 i;
	uint16_t	 salt;

	if (plen > 239)
		return (-1);
	if (*clen < ROUNDUP(plen + 1, 16) + 2)
		return (-1);

	salt = arc4random();
	plain0[0] = plen;
	memcpy(plain0 + 1, plain, plen);
	memset(plain0 + 1 + plen, 0, ROUNDUP(plen + 1, 16) - (plen + 1));

	*clen = ROUNDUP(plen + 1, 16) + 2;
	memcpy(cipher, &salt, 2);
	for (off = 0; off < *clen - 2; off += 16) {
		c = ((uint8_t *)cipher) + 2 + off;
		p = ((uint8_t *)plain0) + off;
		MD5_Init(&ctx);
		MD5_Update(&ctx, secret, slen);
		if (off == 0) {
			MD5_Update(&ctx, ra, 16);
			MD5_Update(&ctx, cipher, 2);
		} else
			MD5_Update(&ctx, c - 16, 16);
		MD5_Final(b, &ctx);
		for (i = 0; i < 16; i++)
			c[i] = p[i] ^ b[i];
	}

	return (0);
}

int
radius_decrypt_mppe_key_attr(void *plain, size_t * plen, const void *cipher,
    size_t clen, const void *ra, const char *secret)
{
	size_t		 slen = strlen(secret);
	uint8_t		 b[16], plain0[256], *p, *c;
	size_t		 off;
	MD5_CTX		 ctx;
	unsigned int	 i;

	if (clen < 18 || clen > 255)
		return (-1);
	if ((clen - 2) % 16 != 0)
		return (-1);
	if (*plen < clen - 3)
		return (-1);

	for (off = 0; off < clen - 2; off += 16) {
		c = ((uint8_t *)cipher) + 2 + off;
		p = ((uint8_t *)plain0) + off;
		MD5_Init(&ctx);
		MD5_Update(&ctx, secret, slen);
		if (off == 0) {
			MD5_Update(&ctx, ra, 16);
			MD5_Update(&ctx, cipher, 2);
		} else
			MD5_Update(&ctx, c - 16, 16);
		MD5_Final(b, &ctx);
		for (i = 0; i < 16; i++)
			p[i] = c[i] ^ b[i];
	}

	if (plain0[0] > clen - 3)
		return (-1);
	*plen = plain0[0];
	memcpy(plain, plain0 + 1, *plen);

	return (0);
}

static int
radius_get_mppe_key_attr(const RADIUS_PACKET * packet, uint8_t vtype,
    void *buf, size_t * len, const char *secret)
{
	uint8_t	 cipher[256];
	size_t	 clen = sizeof(cipher);

	if (radius_get_vs_raw_attr(packet, RADIUS_VENDOR_MICROSOFT, vtype,
	    cipher, &clen) != 0)
		return (-1);
	if (radius_decrypt_mppe_key_attr(buf, len, cipher, clen,
		radius_get_request_authenticator_retval(packet), secret) != 0)
		return (-1);
	return (0);
}

static int
radius_put_mppe_key_attr(RADIUS_PACKET * packet, uint8_t vtype,
    const void *buf, size_t len, const char *secret)
{
	uint8_t		 cipher[256];
	size_t		 clen = sizeof(cipher);

	if (radius_encrypt_mppe_key_attr(cipher, &clen, buf, len,
		radius_get_request_authenticator_retval(packet), secret) != 0)
		return (-1);
	if (radius_put_vs_raw_attr(packet, RADIUS_VENDOR_MICROSOFT, vtype,
	    cipher, clen) != 0)
		return (-1);

	return (0);
}

int
radius_get_mppe_send_key_attr(const RADIUS_PACKET * packet, void *buf,
    size_t * len, const char *secret)
{
	return (radius_get_mppe_key_attr(packet, RADIUS_VTYPE_MPPE_SEND_KEY,
	    buf, len, secret));
}

int
radius_put_mppe_send_key_attr(RADIUS_PACKET * packet, const void *buf,
    size_t len, const char *secret)
{
	return (radius_put_mppe_key_attr(packet, RADIUS_VTYPE_MPPE_SEND_KEY,
	    buf, len, secret));
}

int
radius_get_mppe_recv_key_attr(const RADIUS_PACKET * packet, void *buf,
    size_t * len, const char *secret)
{
	return (radius_get_mppe_key_attr(packet, RADIUS_VTYPE_MPPE_RECV_KEY,
	    buf, len, secret));
}

int
radius_put_mppe_recv_key_attr(RADIUS_PACKET * packet, const void *buf,
    size_t len, const char *secret)
{
	return (radius_put_mppe_key_attr(packet, RADIUS_VTYPE_MPPE_RECV_KEY,
	    buf, len, secret));
}


Generated by: GCOVR (Version 3.3)

Line	Branch	Exec	Source
1			/* $OpenBSD: radius_mppe.c,v 1.1 2015/07/20 23:52:29 yasuoka Exp $ */
2
3			/*-
4			* Copyright (c) 2013 Internet Initiative Japan Inc.
5			* All rights reserved.
6			*
7			* Redistribution and use in source and binary forms, with or without
8			* modification, are permitted provided that the following conditions
9			* are met:
10			* 1. Redistributions of source code must retain the above copyright
11			* notice, this list of conditions and the following disclaimer.
12			* 2. Redistributions in binary form must reproduce the above copyright
13			* notice, this list of conditions and the following disclaimer in the
14			* documentation and/or other materials provided with the distribution.
15			*
16			* THIS SOFTWARE IS PROVIDED BY THE"AUTHOR" AND CONTRIBUTORS AS IS'' AND
17			* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18			* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19			* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20			* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21			* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22			* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23			* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24			* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25			* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26			* SUCH DAMAGE.
27			*/
28
29			#include <sys/types.h>
30			#include <sys/socket.h>
31			#include <netinet/in.h>
32
33			#include <stdbool.h>
34			#include <stdio.h>
35			#include <stdlib.h>
36			#include <string.h>
37
38			#include <openssl/md5.h>
39
40			#include "radius.h"
41
42			#include "radius_local.h"
43
44			int
45			radius_encrypt_mppe_key_attr(void cipher, size_t clen, const void *plain,
46			size_t plen, const void ra, const char secret)
47			{
48		32	size_t slen = strlen(secret);
49		16	uint8_t b[16], plain0[256], p, c;
50			size_t off;
51		16	MD5_CTX ctx;
52			unsigned int i;
53			uint16_t salt;
54
55	✗✓	16	if (plen > 239)
56			return (-1);
57	✓✓	16	if (*clen < ROUNDUP(plen + 1, 16) + 2)
58		4	return (-1);
59
60		12	salt = arc4random();
61		12	plain0[0] = plen;
62		12	memcpy(plain0 + 1, plain, plen);
63		12	memset(plain0 + 1 + plen, 0, ROUNDUP(plen + 1, 16) - (plen + 1));
64
65		12	*clen = ROUNDUP(plen + 1, 16) + 2;
66		12	memcpy(cipher, &salt, 2);
67	✓✓	72	for (off = 0; off < *clen - 2; off += 16) {
68		24	c = ((uint8_t *)cipher) + 2 + off;
69		24	p = ((uint8_t *)plain0) + off;
70		24	MD5_Init(&ctx);
71		24	MD5_Update(&ctx, secret, slen);
72	✓✓	24	if (off == 0) {
73		12	MD5_Update(&ctx, ra, 16);
74		12	MD5_Update(&ctx, cipher, 2);
75		12	} else
76		12	MD5_Update(&ctx, c - 16, 16);
77		24	MD5_Final(b, &ctx);
78	✓✓	816	for (i = 0; i < 16; i++)
79		384	c[i] = p[i] ^ b[i];
80			}
81
82		12	return (0);
83		16	}
84
85			int
86			radius_decrypt_mppe_key_attr(void plain, size_t plen, const void *cipher,
87			size_t clen, const void ra, const char secret)
88			{
89		64	size_t slen = strlen(secret);
90		32	uint8_t b[16], plain0[256], p, c;
91			size_t off;
92		32	MD5_CTX ctx;
93			unsigned int i;
94
95	✗✓	32	if (clen < 18 \|\| clen > 255)
96			return (-1);
97	✓✓	32	if ((clen - 2) % 16 != 0)
98		4	return (-1);
99	✓✓	28	if (*plen < clen - 3)
100		4	return (-1);
101
102	✓✓	144	for (off = 0; off < clen - 2; off += 16) {
103		48	c = ((uint8_t *)cipher) + 2 + off;
104		48	p = ((uint8_t *)plain0) + off;
105		48	MD5_Init(&ctx);
106		48	MD5_Update(&ctx, secret, slen);
107	✓✓	48	if (off == 0) {
108		24	MD5_Update(&ctx, ra, 16);
109		24	MD5_Update(&ctx, cipher, 2);
110		24	} else
111		24	MD5_Update(&ctx, c - 16, 16);
112		48	MD5_Final(b, &ctx);
113	✓✓	1632	for (i = 0; i < 16; i++)
114		768	p[i] = c[i] ^ b[i];
115			}
116
117	✗✓	24	if (plain0[0] > clen - 3)
118			return (-1);
119		24	*plen = plain0[0];
120		24	memcpy(plain, plain0 + 1, *plen);
121
122		24	return (0);
123		32	}
124
125			static int
126			radius_get_mppe_key_attr(const RADIUS_PACKET * packet, uint8_t vtype,
127			void buf, size_t len, const char *secret)
128			{
129		16	uint8_t cipher[256];
130		8	size_t clen = sizeof(cipher);
131
132	✗✓	16	if (radius_get_vs_raw_attr(packet, RADIUS_VENDOR_MICROSOFT, vtype,
133		16	cipher, &clen) != 0)
134			return (-1);
135	✗✓	24	if (radius_decrypt_mppe_key_attr(buf, len, cipher, clen,
136		16	radius_get_request_authenticator_retval(packet), secret) != 0)
137			return (-1);
138		8	return (0);
139		8	}
140
141			static int
142			radius_put_mppe_key_attr(RADIUS_PACKET * packet, uint8_t vtype,
143			const void buf, size_t len, const char secret)
144			{
145		16	uint8_t cipher[256];
146		8	size_t clen = sizeof(cipher);
147
148	✗✓	24	if (radius_encrypt_mppe_key_attr(cipher, &clen, buf, len,
149		16	radius_get_request_authenticator_retval(packet), secret) != 0)
150			return (-1);
151	✗✓	16	if (radius_put_vs_raw_attr(packet, RADIUS_VENDOR_MICROSOFT, vtype,
152		16	cipher, clen) != 0)
153			return (-1);
154
155		8	return (0);
156		8	}
157
158			int
159			radius_get_mppe_send_key_attr(const RADIUS_PACKET * packet, void *buf,
160			size_t * len, const char *secret)
161			{
162		8	return (radius_get_mppe_key_attr(packet, RADIUS_VTYPE_MPPE_SEND_KEY,
163			buf, len, secret));
164			}
165
166			int
167			radius_put_mppe_send_key_attr(RADIUS_PACKET * packet, const void *buf,
168			size_t len, const char *secret)
169			{
170		8	return (radius_put_mppe_key_attr(packet, RADIUS_VTYPE_MPPE_SEND_KEY,
171			buf, len, secret));
172			}
173
174			int
175			radius_get_mppe_recv_key_attr(const RADIUS_PACKET * packet, void *buf,
176			size_t * len, const char *secret)
177			{
178		8	return (radius_get_mppe_key_attr(packet, RADIUS_VTYPE_MPPE_RECV_KEY,
179			buf, len, secret));
180			}
181
182			int
183			radius_put_mppe_recv_key_attr(RADIUS_PACKET * packet, const void *buf,
184			size_t len, const char *secret)
185			{
186		8	return (radius_put_mppe_key_attr(packet, RADIUS_VTYPE_MPPE_RECV_KEY,
187			buf, len, secret));
188			}