Kea 3.1.8
client_message.cc
Go to the documentation of this file.
1// Copyright (C) 2023-2026 Internet Systems Consortium, Inc. ("ISC")
2//
3// This Source Code Form is subject to the terms of the Mozilla Public
4// License, v. 2.0. If a copy of the MPL was not distributed with this
5// file, You can obtain one at http://mozilla.org/MPL/2.0/.
6
7#include <config.h>
8
9#include <client_attribute.h>
10#include <client_message.h>
11#include <radius_log.h>
12#include <cryptolink/crypto_hash.h>
13#include <cryptolink/crypto_hmac.h>
14#include <cryptolink/crypto_rng.h>
15#include <boost/scoped_ptr.hpp>
16#include <cstring>
17#include <sstream>
18
19using namespace isc;
20using namespace isc::asiolink;
21using namespace isc::cryptolink;
22using namespace isc::data;
23using namespace isc::util;
24using namespace std;
25
26namespace isc {
27namespace radius {
28
29string
30msgCodeToText(const uint8_t code) {
31 ostringstream result;
32 switch (code) {
33 case PW_ACCESS_REQUEST:
34 return ("Access-Request");
35 case PW_ACCESS_ACCEPT:
36 return ("Access-Accept");
37 case PW_ACCESS_REJECT:
38 return ("Access-Reject");
39 case PW_ACCOUNTING_REQUEST:
40 return ("Accounting-Request");
41 case PW_ACCOUNTING_RESPONSE:
42 return ("Accounting-Response");
43 case PW_ACCOUNTING_STATUS:
44 return ("Accounting-Status");
45 case PW_PASSWORD_REQUEST:
46 return ("Password-Request");
47 case PW_PASSWORD_ACK:
48 return ("Password-Ack");
49 case PW_PASSWORD_REJECT:
50 return ("Password-Reject");
51 case PW_ACCOUNTING_MESSAGE:
52 return ("Accounting-Message");
53 case PW_ACCESS_CHALLENGE:
54 return ("Access-Challenge");
55 case PW_STATUS_SERVER:
56 return ("Status-Server");
57 case PW_STATUS_CLIENT:
58 return ("Status-Client");
59 default:
60 result << "Message-Code-" << static_cast<unsigned>(code);
61 return (result.str());
62 }
63}
64
65Message::Message(const uint8_t code, uint16_t length,
66 const vector<uint8_t>& auth, const string& secret,
67 const AttributesPtr& attributes)
68 : code_(code), identifier_(0), length_(length), auth_(auth),
69 secret_(secret), attributes_(attributes), buffer_() {
70}
71
72Message::Message(const Message& other)
73 : code_(other.code_),
74 identifier_(other.identifier_),
75 length_(other.length_),
76 auth_(other.auth_),
77 secret_(other.secret_),
78 attributes_(AttributesPtr(new Attributes())),
79 buffer_(other.buffer_) {
80 if (!other.attributes_) {
81 attributes_.reset();
82 } else {
83 for (auto const& attr : *other.attributes_) {
84 attributes_->add(attr);
85 }
86 }
87}
88
89Message::Message(const vector<uint8_t>& buffer,
90 const vector<uint8_t>& auth,
91 const string& secret)
92 : code_(0), identifier_(0), length_(0), auth_(auth), secret_(secret),
93 attributes_(), buffer_(buffer) {
94}
95
96Message::~Message() {
97 if (secret_.size() > 0) {
98 memset(&secret_[0], 0, secret_.size());
99 }
100 secret_.clear();
101}
102
103void
104Message::randomIdentifier() {
105 vector<uint8_t> r = cryptolink::random(1);
106 if (r.size() == 0) {
107 isc_throw(Unexpected, "random failed");
108 }
109 identifier_ = r[0];
110}
111
112void
113Message::setAuth(const vector<uint8_t>& auth) {
114 if (auth.size() != AUTH_VECTOR_LEN) {
115 isc_throw(BadValue, "authenticator must be 16 bytes long");
116 }
117 auth_ = auth;
118}
119
120void
121Message::zeroAuth() {
122 auth_.clear();
123 auth_.resize(AUTH_VECTOR_LEN, 0);
124}
125
126void
127Message::randomAuth() {
128 auth_ = cryptolink::random(AUTH_VECTOR_LEN);
129 if (auth_.size() != AUTH_VECTOR_LEN) {
130 isc_throw(Unexpected, "random failed");
131 }
132}
133
134void
135Message::setSecret(const string& secret) {
136 if (secret.empty()) {
137 isc_throw(BadValue, "empty secret");
138 }
139 secret_ = secret;
140}
141
142vector<uint8_t>
143Message::encode() {
144 if (secret_.empty()) {
145 isc_throw(InvalidOperation, "empty secret");
146 }
147
148 // Header.
149 buffer_.resize(AUTH_HDR_LEN);
150 buffer_[0] = code_;
151 buffer_[1] = identifier_;
152 buffer_[2] = static_cast<uint8_t>((length_ & 0xff00) >> 8);
153 buffer_[3] = static_cast<uint8_t>(length_ & 0xff);
154 memmove(&buffer_[4], &auth_[0], auth_.size());
155
156 // Fill attributes.
157 size_t msg_auth_ptr = 0;
158 if (attributes_) {
159 for (auto attr : *attributes_) {
160 if (!attr) {
161 continue;
162 }
163 if ((code_ == PW_ACCESS_REQUEST) &&
164 (attr->getType() == PW_USER_PASSWORD)) {
165 attr = encodeUserPassword(attr);
166 }
167 if (attr->getType() == PW_MESSAGE_AUTHENTICATOR) {
168 if (msg_auth_ptr != 0) {
169 isc_throw(BadValue, "2 Message-Authenticator attributes");
170 }
171 if ((attr->getValueType() != PW_TYPE_STRING) ||
172 (attr->getValueLen() != AUTH_VECTOR_LEN)) {
173 isc_throw(BadValue, "bad Message-Authenticator attribute");
174 }
175 msg_auth_ptr = buffer_.size();
176 }
177 vector<uint8_t> binary = attr->toBytes();
178 if (binary.empty()) {
179 continue;
180 }
181 if (buffer_.size() + binary.size() > PW_MAX_MSG_SIZE) {
182 isc_throw(BadValue, "message becomes too large");
183 }
184 buffer_.insert(buffer_.end(), binary.cbegin(), binary.cend());
185 }
186 }
187
188 // Finish.
189 length_ = static_cast<uint16_t>(buffer_.size());
190 buffer_[2] = static_cast<uint8_t>((length_ & 0xff00) >> 8);
191 buffer_[3] = static_cast<uint8_t>(length_ & 0xff);
192
193 // Computed before the Authenticator.
194 if (msg_auth_ptr != 0) {
195 signMessageAuthenticator(msg_auth_ptr);
196 }
197
198 // Compute the Authenticator when it is not a random value.
199 if ((code_ != PW_ACCESS_REQUEST) && (code_ != PW_STATUS_SERVER)) {
200 boost::scoped_ptr<Hash> md(CryptoLink::getCryptoLink().createHash(MD5));
201 md->update(&buffer_[0], buffer_.size());
202 md->update(&secret_[0], secret_.size());
203 md->final(&auth_[0], AUTH_VECTOR_LEN);
204 memmove(&buffer_[4], &auth_[0], auth_.size());
205 }
206 LOG_DEBUG(radius_logger, RADIUS_DBG_TRACE, RADIUS_ENCODE_MESSAGE)
207 .arg(msgCodeToText(code_))
208 .arg(static_cast<unsigned>(code_))
209 .arg(static_cast<unsigned>(identifier_))
210 .arg(length_)
211 .arg(attributes_ ? attributes_->size() : 0);
212 return (buffer_);
213}
214
215void
216Message::decode() {
217 if (secret_.empty()) {
218 isc_throw(InvalidOperation, "empty secret");
219 }
220
221 // Length.
222 if (buffer_.size() < AUTH_HDR_LEN) {
223 isc_throw(BadValue, "message is too short " << buffer_.size()
224 << " < " << AUTH_HDR_LEN);
225 }
226 code_ = buffer_[0];
227 identifier_ = buffer_[1];
228 length_ = static_cast<uint16_t>(buffer_[2]) << 8;
229 length_ |= static_cast<uint16_t>(buffer_[3]);
230 if ((code_ == PW_ACCESS_REQUEST) || (code_ == PW_STATUS_SERVER)) {
231 auth_.resize(AUTH_VECTOR_LEN);
232 memmove(&auth_[0], &buffer_[4], AUTH_VECTOR_LEN);
233 } else if (auth_.size() != AUTH_VECTOR_LEN) {
234 isc_throw(InvalidOperation, "bad authenticator");
235 }
236 if (length_ > buffer_.size()) {
237 isc_throw(BadValue, "truncated " << msgCodeToText(code_)
238 << " length " << length_ << ", got " << buffer_.size());
239 }
240 if (length_ < AUTH_HDR_LEN) {
241 isc_throw(BadValue, "too short " << msgCodeToText(code_)
242 << " length " << length_ << " < " << AUTH_HDR_LEN);
243 }
244 if (length_ > PW_MAX_MSG_SIZE) {
245 isc_throw(BadValue, "too large " << msgCodeToText(code_)
246 << " length " << length_ << " > " << PW_MAX_MSG_SIZE);
247 }
248 if (length_ < buffer_.size()) {
249 buffer_.resize(length_);
250 }
251
252 // Verify authentication.
253 if ((code_ != PW_ACCESS_REQUEST) && (code_ != PW_STATUS_SERVER)) {
254 vector<uint8_t> work = buffer_;
255 memmove(&work[4], &auth_[0], auth_.size());
256 boost::scoped_ptr<Hash> md(CryptoLink::getCryptoLink().createHash(MD5));
257 md->update(&work[0], work.size());
258 md->update(&secret_[0], secret_.size());
259 vector<uint8_t> digest;
260 digest.resize(AUTH_VECTOR_LEN);
261 md->final(&digest[0], AUTH_VECTOR_LEN);
262 if (memcmp(&digest[0], &buffer_[4], AUTH_VECTOR_LEN) != 0) {
263 isc_throw(BadValue, "authentication for " << msgCodeToText(code_)
264 << " failed");
265 }
266 }
267 if (code_ == PW_ACCOUNTING_REQUEST) {
268 auth_.resize(AUTH_VECTOR_LEN);
269 memmove(&auth_[0], &buffer_[4], auth_.size());
270 }
271
272 // Get attributes.
273 attributes_.reset(new Attributes());
274 size_t ptr = AUTH_HDR_LEN;
275 size_t msg_auth_ptr = 0;
276 for (;;) {
277 if (ptr == length_) {
278 break;
279 }
280 if (ptr + 2 > length_) {
281 isc_throw(BadValue, "trailing octet");
282 }
283 const uint8_t type = buffer_[ptr];
284 const uint8_t len = buffer_[ptr + 1];
285 if (ptr + len > length_) {
286 isc_throw(BadValue, "trailing truncated "
287 << AttrDefs::instance().getName(type) << " ("
288 << static_cast<unsigned>(type) << "): length "
289 << static_cast<unsigned>(len) << ", space "
290 << (length_ - ptr));
291 }
292 if (len < 3) {
293 isc_throw(BadValue, "too small attribute length "
294 << static_cast<unsigned>(len) << " < 3");
295 }
296 vector<uint8_t> binary;
297 binary.resize(len);
298 memmove(&binary[0], &buffer_[ptr], binary.size());
299 ConstAttributePtr attr = Attribute::fromBytes(binary);
300 if ((code_ == PW_ACCESS_REQUEST) && attr &&
301 (attr->getType() == PW_USER_PASSWORD)) {
302 attr = decodeUserPassword(attr);
303 }
304 if (attr->getType() == PW_MESSAGE_AUTHENTICATOR) {
305 if (msg_auth_ptr != 0) {
306 isc_throw(BadValue, "2 Message-Authenticator attributes");
307 }
308 msg_auth_ptr = ptr;
309 }
310 attributes_->add(attr);
311 ptr += len;
312 }
313 if (msg_auth_ptr != 0) {
314 verifyMessageAuthenticator(msg_auth_ptr);
315 }
316 if (attributes_->empty()) {
317 attributes_.reset();
318 }
319
320 LOG_DEBUG(radius_logger, RADIUS_DBG_TRACE, RADIUS_DECODE_MESSAGE)
321 .arg(msgCodeToText(code_))
322 .arg(static_cast<unsigned>(code_))
323 .arg(static_cast<unsigned>(identifier_))
324 .arg(length_)
325 .arg(attributes_ ? attributes_->size() : 0);
326}
327
328ConstAttributePtr
329Message::encodeUserPassword(const ConstAttributePtr& attr) {
330 if (!attr || (attr->getValueType() != PW_TYPE_STRING) ||
331 (attr->getValueLen() == 0) ||
332 (auth_.size() != AUTH_VECTOR_LEN)) {
333 isc_throw(Unexpected, "can't encode User-Password");
334 }
335
336 // Get padded password.
337 vector<uint8_t> password = attr->toBinary();
338 size_t len = password.size();
339 len = (len + AUTH_VECTOR_LEN - 1) & ~(AUTH_VECTOR_LEN - 1);
340 if (len > AUTH_PASS_LEN) {
341 len = AUTH_PASS_LEN;
342 }
343 password.resize(len);
344
345 // Hide password.
346 for (size_t i = 0; i < len; i += AUTH_VECTOR_LEN) {
347 boost::scoped_ptr<Hash> md(CryptoLink::getCryptoLink().createHash(MD5));
348 md->update(&secret_[0], secret_.size());
349
350 uint8_t* to_hash;
351 if (i == 0) {
352 to_hash = &auth_[0];
353 } else {
354 to_hash = &password[i - AUTH_VECTOR_LEN];
355 }
356 md->update(to_hash, AUTH_VECTOR_LEN);
357
358 vector<uint8_t> digest;
359 digest.resize(AUTH_VECTOR_LEN);
360 md->final(&digest[0], AUTH_VECTOR_LEN);
361 for (size_t j = 0; j < AUTH_VECTOR_LEN; j++) {
362 password[i + j] ^= digest[j];
363 }
364 memset(&digest[0], 0, AUTH_VECTOR_LEN);
365 }
366
367 // Return hidden attribute.
368 return (Attribute::fromBinary(PW_USER_PASSWORD, password));
369}
370
371ConstAttributePtr
372Message::decodeUserPassword(const ConstAttributePtr& attr) {
373 if (!attr || (attr->getValueType() != PW_TYPE_STRING) ||
374 (attr->getValueLen() == 0) ||
375 ((attr->getValueLen() % AUTH_VECTOR_LEN) != 0) ||
376 (auth_.size() != AUTH_VECTOR_LEN)) {
377 isc_throw(Unexpected, "can't decode User-Password");
378 }
379
380 // Get hidden password.
381 vector<uint8_t> password = attr->toBinary();
382 size_t len = password.size();
383 if (len > AUTH_PASS_LEN) {
384 len = AUTH_PASS_LEN;
385 password.resize(len);
386 }
387
388 // Get plain text password.
389 size_t i = len;
390 for (;;) {
391 if (i < AUTH_VECTOR_LEN) {
392 break;
393 }
394 i -= AUTH_VECTOR_LEN;
395 boost::scoped_ptr<Hash> md(CryptoLink::getCryptoLink().createHash(MD5));
396 md->update(&secret_[0], secret_.size());
397
398 uint8_t* to_hash;
399 if (i == 0) {
400 to_hash = &auth_[0];
401 } else {
402 to_hash = &password[i - AUTH_VECTOR_LEN];
403 }
404 md->update(to_hash, AUTH_VECTOR_LEN);
405
406 vector<uint8_t> digest;
407 digest.resize(AUTH_VECTOR_LEN);
408 md->final(&digest[0], AUTH_VECTOR_LEN);
409 for (size_t j = 0; j < AUTH_VECTOR_LEN; j++) {
410 password[i + j] ^= digest[j];
411 }
412 memset(&digest[0], 0, AUTH_VECTOR_LEN);
413 }
414
415 // Unpad password (requires no trailing nuls).
416 while (password.back() == 0) {
417 // Never leave an empty password.
418 if (password.size() == 1) {
419 break;
420 }
421 password.pop_back();
422 }
423
424 // Return plain text attribute.
425 return (Attribute::fromBinary(PW_USER_PASSWORD, password));
426}
427
428void
429Message::signMessageAuthenticator(size_t ptr) {
430 if ((ptr < AUTH_HDR_LEN) || (ptr > buffer_.size() - 2 - AUTH_VECTOR_LEN) ||
431 (buffer_[ptr + 1] != 2 + AUTH_VECTOR_LEN) ||
432 (auth_.size() != AUTH_VECTOR_LEN)) {
433 isc_throw(Unexpected, "can't sign Message-Authenticator");
434 }
435
436 boost::scoped_ptr<HMAC> hmac(
437 CryptoLink::getCryptoLink().createHMAC(&secret_[0], secret_.size(), MD5));
438
439 // Compute Message-Authenticator content.
440 std::vector<uint8_t> to_sign = buffer_;
441 memmove(&to_sign[4], &auth_[0], auth_.size());
442 memset(&to_sign[ptr + 2], 0, AUTH_VECTOR_LEN);
443 hmac->update(&to_sign[0], to_sign.size());
444 vector<uint8_t> sign = hmac->sign(AUTH_VECTOR_LEN);
445 memmove(&buffer_[ptr + 2], &sign[0], sign.size());
446}
447
448void
449Message::verifyMessageAuthenticator(size_t ptr) {
450 if ((ptr < AUTH_HDR_LEN) || (ptr > buffer_.size() - 2 - AUTH_VECTOR_LEN) ||
451 (buffer_[ptr + 1] != 2 + AUTH_VECTOR_LEN) ||
452 (auth_.size() != AUTH_VECTOR_LEN)) {
453 isc_throw(BadValue, "can't verify Message-Authenticator");
454 }
455
456 vector<uint8_t> sign;
457 sign.resize(AUTH_VECTOR_LEN);
458 memmove(&sign[0], &buffer_[ptr + 2], sign.size());
459
460 boost::scoped_ptr<HMAC> hmac(
461 CryptoLink::getCryptoLink().createHMAC(&secret_[0], secret_.size(), MD5));
462
463 // Build to_verify buffer.
464 std::vector<uint8_t> to_verify = buffer_;
465 memmove(&to_verify[4], &auth_[0], auth_.size());
466 memset(&to_verify[ptr + 2], 0, AUTH_VECTOR_LEN);
467
468 hmac->update(&to_verify[0], to_verify.size());
469 if (!hmac->verify(&sign[0], sign.size())) {
470 isc_throw(BadValue, "bad Message-Authenticator signature");
471 }
472}
473
474} // end of namespace isc::radius
475} // end of namespace isc
isc::BadValue
A generic exception that is thrown if a parameter given to a method is considered invalid in that con...
Definition exceptions/exceptions.h:132
isc::InvalidOperation
A generic exception that is thrown if a function is called in a prohibited way.
Definition exceptions/exceptions.h:143
isc::Unexpected
A generic exception that is thrown when an unexpected error condition occurs.
Definition exceptions/exceptions.h:153
isc::radius::AttrDefs::instance
static AttrDefs & instance()
Returns a single instance.
Definition client_dictionary.cc:65
isc::radius::Attribute::fromBytes
static AttributePtr fromBytes(const std::vector< uint8_t > &bytes)
Generic factories.
Definition client_attribute.cc:75
isc::radius::Attribute::fromBinary
static AttributePtr fromBinary(const uint8_t type, const std::vector< uint8_t > &value)
From binary with type.
Definition client_attribute.cc:147
isc::radius::Attributes
Collection of attributes.
Definition client_attribute.h:819
isc::radius::Message::auth_
std::vector< uint8_t > auth_
Authenticator: header[4] (16 octets).
Definition client_message.h:249
isc::radius::Message::setAuth
void setAuth(const std::vector< uint8_t > &auth)
Set authenticator.
Definition client_message.cc:113
isc::radius::Message::encodeUserPassword
ConstAttributePtr encodeUserPassword(const ConstAttributePtr &attr)
Encode User-Password in an Access-Request.
Definition client_message.cc:329
isc::radius::Message::decodeUserPassword
ConstAttributePtr decodeUserPassword(const ConstAttributePtr &attr)
Decode User-Password in an Access-Request.
Definition client_message.cc:372
isc::radius::Message::signMessageAuthenticator
void signMessageAuthenticator(size_t ptr)
Encode Message-Authenticator in an Status-Server.
Definition client_message.cc:429
isc::radius::Message::Message
Message(const uint8_t code, uint16_t length, const std::vector< uint8_t > &auth, const std::string &secret, const AttributesPtr &attributes)
Constructor.
Definition client_message.cc:65
isc::radius::Message::identifier_
uint8_t identifier_
Identifier (random): header[1].
Definition client_message.h:243
isc::radius::Message::randomAuth
void randomAuth()
Randomize authenticator.
Definition client_message.cc:127
isc::radius::Message::encode
std::vector< uint8_t > encode()
Encode a message.
Definition client_message.cc:143
isc::radius::Message::buffer_
std::vector< uint8_t > buffer_
Buffer (message content).
Definition client_message.h:258
isc::radius::Message::code_
uint8_t code_
Code (useful values in MsgCode): header[0].
Definition client_message.h:240
isc::radius::Message::decode
void decode()
Decode a message.
Definition client_message.cc:216
isc::radius::Message::attributes_
AttributesPtr attributes_
Attributes: header[20]...
Definition client_message.h:255
isc::radius::Message::length_
uint16_t length_
Length: header[2] (16 bits, network order).
Definition client_message.h:246
isc::radius::Message::secret_
std::string secret_
Secret (not empty).
Definition client_message.h:252
isc::radius::Message::zeroAuth
void zeroAuth()
Fill authenticator with 0.
Definition client_message.cc:121
isc::radius::Message::~Message
virtual ~Message()
Destructor.
Definition client_message.cc:96
isc::radius::Message::verifyMessageAuthenticator
void verifyMessageAuthenticator(size_t ptr)
Decode Message-Authenticator in an Status-Server.
Definition client_message.cc:449
isc::radius::Message::setSecret
void setSecret(const std::string &secret)
Set secret.
Definition client_message.cc:135
isc::radius::Message::randomIdentifier
void randomIdentifier()
Randomize identifier.
Definition client_message.cc:104
client_attribute.h
client_message.h
crypto_hash.h
crypto_hmac.h
crypto_rng.h
isc_throw
#define isc_throw(type, stream)
A shortcut macro to insert known values into exception arguments.
Definition exceptions/exceptions.h:210
LOG_DEBUG
#define LOG_DEBUG(LOGGER, LEVEL, MESSAGE)
Macro to conveniently test debug output and log it.
Definition macros.h:14
isc::radius::PW_MESSAGE_AUTHENTICATOR
@ PW_MESSAGE_AUTHENTICATOR
string.
Definition hooks/dhcp/radius/client.h:96
isc::radius::AttributesPtr
boost::shared_ptr< Attributes > AttributesPtr
Shared pointers to attribute collection.
Definition client_attribute.h:963
isc::radius::ConstAttributePtr
boost::shared_ptr< const Attribute > ConstAttributePtr
Definition client_attribute.h:40
isc::radius::RADIUS_DECODE_MESSAGE
const isc::log::MessageID RADIUS_DECODE_MESSAGE
Definition radius_messages.h:55
isc::radius::msgCodeToText
string msgCodeToText(const uint8_t code)
MsgCode value -> name function.
Definition client_message.cc:30
isc::radius::RADIUS_DBG_TRACE
const int RADIUS_DBG_TRACE
Radius logging levels.
Definition radius_log.h:26
isc::radius::RADIUS_ENCODE_MESSAGE
const isc::log::MessageID RADIUS_ENCODE_MESSAGE
Definition radius_messages.h:57
isc::radius::radius_logger
isc::log::Logger radius_logger("radius-hooks")
Radius Logger.
Definition radius_log.h:35
isc
Defines the logger used by the top-level component of kea-lfc.
Definition check_exists_add.cc:18
radius_log.h