2 * Copyright (C) 2004, 2005 Internet Systems Consortium, Inc. ("ISC")
3 * Copyright (C) 1999-2002 Internet Software Consortium.
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
9 * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
10 * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
11 * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
12 * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
13 * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
14 * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
15 * PERFORMANCE OF THIS SOFTWARE.
19 * $Id: tsig.c,v 1.112.2.3.8.6 2005/03/17 03:58:31 marka Exp $
25 #include <isc/buffer.h>
27 #include <isc/print.h>
28 #include <isc/refcount.h>
29 #include <isc/string.h> /* Required for HP/UX (and others?) */
32 #include <dns/keyvalues.h>
34 #include <dns/message.h>
36 #include <dns/rdata.h>
37 #include <dns/rdatalist.h>
38 #include <dns/rdataset.h>
39 #include <dns/rdatastruct.h>
40 #include <dns/result.h>
43 #include <dst/result.h>
45 #define TSIG_MAGIC ISC_MAGIC('T', 'S', 'I', 'G')
46 #define VALID_TSIG_KEY(x) ISC_MAGIC_VALID(x, TSIG_MAGIC)
48 #define is_response(msg) (msg->flags & DNS_MESSAGEFLAG_QR)
49 #define algname_is_allocated(algname) \
50 ((algname) != dns_tsig_hmacmd5_name && \
51 (algname) != dns_tsig_gssapi_name && \
52 (algname) != dns_tsig_gssapims_name)
56 static unsigned char hmacmd5_ndata[] = "\010hmac-md5\007sig-alg\003reg\003int";
57 static unsigned char hmacmd5_offsets[] = { 0, 9, 17, 21, 25 };
59 static dns_name_t hmacmd5 = {
62 DNS_NAMEATTR_READONLY | DNS_NAMEATTR_ABSOLUTE,
63 hmacmd5_offsets, NULL,
64 {(void *)-1, (void *)-1},
68 dns_name_t *dns_tsig_hmacmd5_name = &hmacmd5;
70 static unsigned char gsstsig_ndata[] = "\010gss-tsig";
71 static unsigned char gsstsig_offsets[] = { 0, 9 };
73 static dns_name_t gsstsig = {
76 DNS_NAMEATTR_READONLY | DNS_NAMEATTR_ABSOLUTE,
77 gsstsig_offsets, NULL,
78 {(void *)-1, (void *)-1},
82 LIBDNS_EXTERNAL_DATA dns_name_t *dns_tsig_gssapi_name = &gsstsig;
84 /* It's nice of Microsoft to conform to their own standard. */
85 static unsigned char gsstsigms_ndata[] = "\003gss\011microsoft\003com";
86 static unsigned char gsstsigms_offsets[] = { 0, 4, 14, 18 };
88 static dns_name_t gsstsigms = {
90 gsstsigms_ndata, 19, 4,
91 DNS_NAMEATTR_READONLY | DNS_NAMEATTR_ABSOLUTE,
92 gsstsigms_offsets, NULL,
93 {(void *)-1, (void *)-1},
97 LIBDNS_EXTERNAL_DATA dns_name_t *dns_tsig_gssapims_name = &gsstsigms;
100 tsig_verify_tcp(isc_buffer_t *source, dns_message_t *msg);
103 tsig_log(dns_tsigkey_t *key, int level, const char *fmt, ...)
104 ISC_FORMAT_PRINTF(3, 4);
107 tsig_log(dns_tsigkey_t *key, int level, const char *fmt, ...) {
110 char namestr[DNS_NAME_FORMATSIZE];
112 if (isc_log_wouldlog(dns_lctx, level) == ISC_FALSE)
115 dns_name_format(&key->name, namestr, sizeof(namestr));
117 strcpy(namestr, "<null>");
119 vsnprintf(message, sizeof(message), fmt, ap);
121 isc_log_write(dns_lctx, DNS_LOGCATEGORY_DNSSEC, DNS_LOGMODULE_TSIG,
122 level, "tsig key '%s': %s", namestr, message);
126 dns_tsigkey_createfromkey(dns_name_t *name, dns_name_t *algorithm,
127 dst_key_t *dstkey, isc_boolean_t generated,
128 dns_name_t *creator, isc_stdtime_t inception,
129 isc_stdtime_t expire, isc_mem_t *mctx,
130 dns_tsig_keyring_t *ring, dns_tsigkey_t **key)
134 unsigned int refs = 0;
136 REQUIRE(key == NULL || *key == NULL);
137 REQUIRE(name != NULL);
138 REQUIRE(algorithm != NULL);
139 REQUIRE(mctx != NULL);
141 tkey = (dns_tsigkey_t *) isc_mem_get(mctx, sizeof(dns_tsigkey_t));
143 return (ISC_R_NOMEMORY);
145 dns_name_init(&tkey->name, NULL);
146 ret = dns_name_dup(name, mctx, &tkey->name);
147 if (ret != ISC_R_SUCCESS)
149 (void)dns_name_downcase(&tkey->name, &tkey->name, NULL);
151 if (dns_name_equal(algorithm, DNS_TSIG_HMACMD5_NAME)) {
152 tkey->algorithm = DNS_TSIG_HMACMD5_NAME;
153 if (dstkey != NULL && dst_key_alg(dstkey) != DST_ALG_HMACMD5) {
157 } else if (dns_name_equal(algorithm, DNS_TSIG_GSSAPI_NAME)) {
158 tkey->algorithm = DNS_TSIG_GSSAPI_NAME;
159 if (dstkey != NULL && dst_key_alg(dstkey) != DST_ALG_GSSAPI) {
163 } else if (dns_name_equal(algorithm, DNS_TSIG_GSSAPIMS_NAME)) {
164 tkey->algorithm = DNS_TSIG_GSSAPIMS_NAME;
165 if (dstkey != NULL && dst_key_alg(dstkey) != DST_ALG_GSSAPI) {
170 if (dstkey != NULL) {
174 tkey->algorithm = isc_mem_get(mctx, sizeof(dns_name_t));
175 if (tkey->algorithm == NULL) {
176 ret = ISC_R_NOMEMORY;
179 dns_name_init(tkey->algorithm, NULL);
180 ret = dns_name_dup(algorithm, mctx, tkey->algorithm);
181 if (ret != ISC_R_SUCCESS)
182 goto cleanup_algorithm;
183 (void)dns_name_downcase(tkey->algorithm, tkey->algorithm,
187 if (creator != NULL) {
188 tkey->creator = isc_mem_get(mctx, sizeof(dns_name_t));
189 if (tkey->creator == NULL) {
190 ret = ISC_R_NOMEMORY;
191 goto cleanup_algorithm;
193 dns_name_init(tkey->creator, NULL);
194 ret = dns_name_dup(creator, mctx, tkey->creator);
195 if (ret != ISC_R_SUCCESS) {
196 isc_mem_put(mctx, tkey->creator, sizeof(dns_name_t));
197 goto cleanup_algorithm;
200 tkey->creator = NULL;
206 RWLOCK(&ring->lock, isc_rwlocktype_write);
207 ret = dns_rbt_addname(ring->keys, name, tkey);
208 if (ret != ISC_R_SUCCESS) {
209 RWUNLOCK(&ring->lock, isc_rwlocktype_write);
210 goto cleanup_algorithm;
213 RWUNLOCK(&ring->lock, isc_rwlocktype_write);
218 isc_refcount_init(&tkey->refs, refs);
219 tkey->generated = generated;
220 tkey->inception = inception;
221 tkey->expire = expire;
224 tkey->magic = TSIG_MAGIC;
226 if (dstkey != NULL && dst_key_size(dstkey) < 64) {
227 char namestr[DNS_NAME_FORMATSIZE];
228 dns_name_format(name, namestr, sizeof(namestr));
229 isc_log_write(dns_lctx, DNS_LOGCATEGORY_DNSSEC,
230 DNS_LOGMODULE_TSIG, ISC_LOG_INFO,
231 "the key '%s' is too short to be secure",
237 return (ISC_R_SUCCESS);
240 if (algname_is_allocated(tkey->algorithm)) {
241 if (dns_name_dynamic(tkey->algorithm))
242 dns_name_free(tkey->algorithm, mctx);
243 isc_mem_put(mctx, tkey->algorithm, sizeof(dns_name_t));
246 dns_name_free(&tkey->name, mctx);
248 isc_mem_put(mctx, tkey, sizeof(dns_tsigkey_t));
254 dns_tsigkey_create(dns_name_t *name, dns_name_t *algorithm,
255 unsigned char *secret, int length, isc_boolean_t generated,
256 dns_name_t *creator, isc_stdtime_t inception,
257 isc_stdtime_t expire, isc_mem_t *mctx,
258 dns_tsig_keyring_t *ring, dns_tsigkey_t **key)
260 dst_key_t *dstkey = NULL;
263 REQUIRE(length >= 0);
265 REQUIRE(secret != NULL);
267 if (!dns_name_equal(algorithm, DNS_TSIG_HMACMD5_NAME) && length > 0)
268 return (DNS_R_BADALG);
270 if (secret != NULL) {
273 isc_buffer_init(&b, secret, length);
274 isc_buffer_add(&b, length);
275 result = dst_key_frombuffer(name, DST_ALG_HMACMD5,
280 if (result != ISC_R_SUCCESS)
283 result = dns_tsigkey_createfromkey(name, algorithm, dstkey,
285 inception, expire, mctx, ring, key);
286 if (result != ISC_R_SUCCESS && dstkey != NULL)
287 dst_key_free(&dstkey);
292 dns_tsigkey_attach(dns_tsigkey_t *source, dns_tsigkey_t **targetp) {
293 REQUIRE(VALID_TSIG_KEY(source));
294 REQUIRE(targetp != NULL && *targetp == NULL);
296 isc_refcount_increment(&source->refs, NULL);
301 tsigkey_free(dns_tsigkey_t *key) {
302 REQUIRE(VALID_TSIG_KEY(key));
305 dns_name_free(&key->name, key->mctx);
306 if (algname_is_allocated(key->algorithm)) {
307 dns_name_free(key->algorithm, key->mctx);
308 isc_mem_put(key->mctx, key->algorithm, sizeof(dns_name_t));
310 if (key->key != NULL)
311 dst_key_free(&key->key);
312 if (key->creator != NULL) {
313 dns_name_free(key->creator, key->mctx);
314 isc_mem_put(key->mctx, key->creator, sizeof(dns_name_t));
316 isc_refcount_destroy(&key->refs);
317 isc_mem_put(key->mctx, key, sizeof(dns_tsigkey_t));
321 dns_tsigkey_detach(dns_tsigkey_t **keyp) {
325 REQUIRE(keyp != NULL);
326 REQUIRE(VALID_TSIG_KEY(*keyp));
329 isc_refcount_decrement(&key->refs, &refs);
338 dns_tsigkey_setdeleted(dns_tsigkey_t *key) {
339 REQUIRE(VALID_TSIG_KEY(key));
340 REQUIRE(key->ring != NULL);
342 RWLOCK(&key->ring->lock, isc_rwlocktype_write);
343 (void)dns_rbt_deletename(key->ring->keys, &key->name, ISC_FALSE);
344 RWUNLOCK(&key->ring->lock, isc_rwlocktype_write);
348 buffer_putuint48(isc_buffer_t *b, isc_uint64_t val) {
352 valhi = (isc_uint16_t)(val >> 32);
353 vallo = (isc_uint32_t)(val & 0xFFFFFFFF);
354 isc_buffer_putuint16(b, valhi);
355 isc_buffer_putuint32(b, vallo);
359 dns_tsig_sign(dns_message_t *msg) {
361 dns_rdata_any_tsig_t tsig, querytsig;
362 unsigned char data[128];
363 isc_buffer_t databuf, sigbuf;
364 isc_buffer_t *dynbuf;
367 dns_rdatalist_t *datalist;
368 dns_rdataset_t *dataset;
372 dst_context_t *ctx = NULL;
374 unsigned char badtimedata[BADTIMELEN];
375 unsigned int sigsize = 0;
377 REQUIRE(msg != NULL);
378 REQUIRE(VALID_TSIG_KEY(dns_message_gettsigkey(msg)));
381 * If this is a response, there should be a query tsig.
383 if (is_response(msg) && msg->querytsig == NULL)
384 return (DNS_R_EXPECTEDTSIG);
389 key = dns_message_gettsigkey(msg);
392 tsig.common.rdclass = dns_rdataclass_any;
393 tsig.common.rdtype = dns_rdatatype_tsig;
394 ISC_LINK_INIT(&tsig.common, link);
395 dns_name_init(&tsig.algorithm, NULL);
396 dns_name_clone(key->algorithm, &tsig.algorithm);
398 isc_stdtime_get(&now);
399 tsig.timesigned = now + msg->timeadjust;
400 tsig.fudge = DNS_TSIG_FUDGE;
402 tsig.originalid = msg->id;
404 isc_buffer_init(&databuf, data, sizeof(data));
406 if (is_response(msg))
407 tsig.error = msg->querytsigstatus;
409 tsig.error = dns_rcode_noerror;
411 if (tsig.error != dns_tsigerror_badtime) {
415 isc_buffer_t otherbuf;
417 tsig.otherlen = BADTIMELEN;
418 tsig.other = badtimedata;
419 isc_buffer_init(&otherbuf, tsig.other, tsig.otherlen);
420 buffer_putuint48(&otherbuf, tsig.timesigned);
423 if (key->key != NULL && tsig.error != dns_tsigerror_badsig) {
424 unsigned char header[DNS_MESSAGE_HEADERLEN];
425 isc_buffer_t headerbuf;
427 ret = dst_context_create(key->key, mctx, &ctx);
428 if (ret != ISC_R_SUCCESS)
432 * If this is a response, digest the query signature.
434 if (is_response(msg)) {
435 dns_rdata_t querytsigrdata = DNS_RDATA_INIT;
437 ret = dns_rdataset_first(msg->querytsig);
438 if (ret != ISC_R_SUCCESS)
439 goto cleanup_context;
440 dns_rdataset_current(msg->querytsig, &querytsigrdata);
441 ret = dns_rdata_tostruct(&querytsigrdata, &querytsig,
443 if (ret != ISC_R_SUCCESS)
444 goto cleanup_context;
445 isc_buffer_putuint16(&databuf, querytsig.siglen);
446 if (isc_buffer_availablelength(&databuf) <
450 goto cleanup_context;
452 isc_buffer_putmem(&databuf, querytsig.signature,
454 isc_buffer_usedregion(&databuf, &r);
455 ret = dst_context_adddata(ctx, &r);
456 if (ret != ISC_R_SUCCESS)
457 goto cleanup_context;
463 isc_buffer_init(&headerbuf, header, sizeof(header));
464 dns_message_renderheader(msg, &headerbuf);
465 isc_buffer_usedregion(&headerbuf, &r);
466 ret = dst_context_adddata(ctx, &r);
467 if (ret != ISC_R_SUCCESS)
468 goto cleanup_context;
471 * Digest the remainder of the message.
473 isc_buffer_usedregion(msg->buffer, &r);
474 isc_region_consume(&r, DNS_MESSAGE_HEADERLEN);
475 ret = dst_context_adddata(ctx, &r);
476 if (ret != ISC_R_SUCCESS)
477 goto cleanup_context;
479 if (msg->tcp_continuation == 0) {
481 * Digest the name, class, ttl, alg.
483 dns_name_toregion(&key->name, &r);
484 ret = dst_context_adddata(ctx, &r);
485 if (ret != ISC_R_SUCCESS)
486 goto cleanup_context;
488 isc_buffer_clear(&databuf);
489 isc_buffer_putuint16(&databuf, dns_rdataclass_any);
490 isc_buffer_putuint32(&databuf, 0); /* ttl */
491 isc_buffer_usedregion(&databuf, &r);
492 ret = dst_context_adddata(ctx, &r);
493 if (ret != ISC_R_SUCCESS)
494 goto cleanup_context;
496 dns_name_toregion(&tsig.algorithm, &r);
497 ret = dst_context_adddata(ctx, &r);
498 if (ret != ISC_R_SUCCESS)
499 goto cleanup_context;
502 /* Digest the timesigned and fudge */
503 isc_buffer_clear(&databuf);
504 if (tsig.error == dns_tsigerror_badtime)
505 tsig.timesigned = querytsig.timesigned;
506 buffer_putuint48(&databuf, tsig.timesigned);
507 isc_buffer_putuint16(&databuf, tsig.fudge);
508 isc_buffer_usedregion(&databuf, &r);
509 ret = dst_context_adddata(ctx, &r);
510 if (ret != ISC_R_SUCCESS)
511 goto cleanup_context;
513 if (msg->tcp_continuation == 0) {
515 * Digest the error and other data length.
517 isc_buffer_clear(&databuf);
518 isc_buffer_putuint16(&databuf, tsig.error);
519 isc_buffer_putuint16(&databuf, tsig.otherlen);
521 isc_buffer_usedregion(&databuf, &r);
522 ret = dst_context_adddata(ctx, &r);
523 if (ret != ISC_R_SUCCESS)
524 goto cleanup_context;
527 * Digest the error and other data.
529 if (tsig.otherlen > 0) {
530 r.length = tsig.otherlen;
532 ret = dst_context_adddata(ctx, &r);
533 if (ret != ISC_R_SUCCESS)
534 goto cleanup_context;
538 ret = dst_key_sigsize(key->key, &sigsize);
539 if (ret != ISC_R_SUCCESS)
540 goto cleanup_context;
541 tsig.signature = (unsigned char *) isc_mem_get(mctx, sigsize);
542 if (tsig.signature == NULL) {
543 ret = ISC_R_NOMEMORY;
544 goto cleanup_context;
547 isc_buffer_init(&sigbuf, tsig.signature, sigsize);
548 ret = dst_context_sign(ctx, &sigbuf);
549 if (ret != ISC_R_SUCCESS)
550 goto cleanup_signature;
551 dst_context_destroy(&ctx);
552 tsig.siglen = isc_buffer_usedlength(&sigbuf);
555 tsig.signature = NULL;
559 ret = dns_message_gettemprdata(msg, &rdata);
560 if (ret != ISC_R_SUCCESS)
561 goto cleanup_signature;
562 ret = isc_buffer_allocate(msg->mctx, &dynbuf, 512);
563 if (ret != ISC_R_SUCCESS)
564 goto cleanup_signature;
565 ret = dns_rdata_fromstruct(rdata, dns_rdataclass_any,
566 dns_rdatatype_tsig, &tsig, dynbuf);
567 if (ret != ISC_R_SUCCESS)
570 dns_message_takebuffer(msg, &dynbuf);
572 if (tsig.signature != NULL) {
573 isc_mem_put(mctx, tsig.signature, sigsize);
574 tsig.signature = NULL;
578 ret = dns_message_gettempname(msg, &owner);
579 if (ret != ISC_R_SUCCESS)
581 dns_name_init(owner, NULL);
582 ret = dns_name_dup(&key->name, msg->mctx, owner);
583 if (ret != ISC_R_SUCCESS)
587 ret = dns_message_gettemprdatalist(msg, &datalist);
588 if (ret != ISC_R_SUCCESS)
590 datalist->rdclass = dns_rdataclass_any;
591 datalist->type = dns_rdatatype_tsig;
592 datalist->covers = 0;
594 ISC_LIST_INIT(datalist->rdata);
595 ISC_LIST_APPEND(datalist->rdata, rdata, link);
597 ret = dns_message_gettemprdataset(msg, &dataset);
598 if (ret != ISC_R_SUCCESS)
600 dns_rdataset_init(dataset);
601 RUNTIME_CHECK(dns_rdatalist_tordataset(datalist, dataset)
604 msg->tsigname = owner;
606 return (ISC_R_SUCCESS);
610 dns_message_puttempname(msg, &owner);
613 isc_buffer_free(&dynbuf);
615 if (tsig.signature != NULL)
616 isc_mem_put(mctx, tsig.signature, sigsize);
619 dst_context_destroy(&ctx);
624 dns_tsig_verify(isc_buffer_t *source, dns_message_t *msg,
625 dns_tsig_keyring_t *ring1, dns_tsig_keyring_t *ring2)
627 dns_rdata_any_tsig_t tsig, querytsig;
628 isc_region_t r, source_r, header_r, sig_r;
629 isc_buffer_t databuf;
630 unsigned char data[32];
632 dns_rdata_t rdata = DNS_RDATA_INIT;
635 dns_tsigkey_t *tsigkey;
636 dst_key_t *key = NULL;
637 unsigned char header[DNS_MESSAGE_HEADERLEN];
638 dst_context_t *ctx = NULL;
640 isc_uint16_t addcount, id;
642 REQUIRE(source != NULL);
643 REQUIRE(DNS_MESSAGE_VALID(msg));
644 tsigkey = dns_message_gettsigkey(msg);
645 REQUIRE(tsigkey == NULL || VALID_TSIG_KEY(tsigkey));
647 msg->verify_attempted = 1;
649 if (msg->tcp_continuation)
650 return (tsig_verify_tcp(source, msg));
653 * There should be a TSIG record...
655 if (msg->tsig == NULL)
656 return (DNS_R_EXPECTEDTSIG);
659 * If this is a response and there's no key or query TSIG, there
660 * shouldn't be one on the response.
662 if (is_response(msg) &&
663 (tsigkey == NULL || msg->querytsig == NULL))
664 return (DNS_R_UNEXPECTEDTSIG);
669 * If we're here, we know the message is well formed and contains a
673 keyname = msg->tsigname;
674 ret = dns_rdataset_first(msg->tsig);
675 if (ret != ISC_R_SUCCESS)
677 dns_rdataset_current(msg->tsig, &rdata);
678 ret = dns_rdata_tostruct(&rdata, &tsig, NULL);
679 if (ret != ISC_R_SUCCESS)
681 dns_rdata_reset(&rdata);
682 if (is_response(msg)) {
683 ret = dns_rdataset_first(msg->querytsig);
684 if (ret != ISC_R_SUCCESS)
686 dns_rdataset_current(msg->querytsig, &rdata);
687 ret = dns_rdata_tostruct(&rdata, &querytsig, NULL);
688 if (ret != ISC_R_SUCCESS)
693 * Do the key name and algorithm match that of the query?
695 if (is_response(msg) &&
696 (!dns_name_equal(keyname, &tsigkey->name) ||
697 !dns_name_equal(&tsig.algorithm, &querytsig.algorithm)))
699 msg->tsigstatus = dns_tsigerror_badkey;
700 tsig_log(msg->tsigkey, 2,
701 "key name and algorithm do not match");
702 return (DNS_R_TSIGVERIFYFAILURE);
706 * Get the current time.
708 isc_stdtime_get(&now);
711 * Find dns_tsigkey_t based on keyname.
713 if (tsigkey == NULL) {
714 ret = ISC_R_NOTFOUND;
716 ret = dns_tsigkey_find(&tsigkey, keyname,
717 &tsig.algorithm, ring1);
718 if (ret == ISC_R_NOTFOUND && ring2 != NULL)
719 ret = dns_tsigkey_find(&tsigkey, keyname,
720 &tsig.algorithm, ring2);
721 if (ret != ISC_R_SUCCESS) {
722 msg->tsigstatus = dns_tsigerror_badkey;
723 ret = dns_tsigkey_create(keyname, &tsig.algorithm,
724 NULL, 0, ISC_FALSE, NULL,
726 mctx, NULL, &msg->tsigkey);
727 if (ret != ISC_R_SUCCESS)
729 tsig_log(msg->tsigkey, 2, "unknown key");
730 return (DNS_R_TSIGVERIFYFAILURE);
732 msg->tsigkey = tsigkey;
740 if (now + msg->timeadjust > tsig.timesigned + tsig.fudge) {
741 msg->tsigstatus = dns_tsigerror_badtime;
742 tsig_log(msg->tsigkey, 2, "signature has expired");
743 return (DNS_R_CLOCKSKEW);
744 } else if (now + msg->timeadjust < tsig.timesigned - tsig.fudge) {
745 msg->tsigstatus = dns_tsigerror_badtime;
746 tsig_log(msg->tsigkey, 2, "signature is in the future");
747 return (DNS_R_CLOCKSKEW);
750 if (tsig.siglen > 0) {
751 sig_r.base = tsig.signature;
752 sig_r.length = tsig.siglen;
754 ret = dst_context_create(key, mctx, &ctx);
755 if (ret != ISC_R_SUCCESS)
758 if (is_response(msg)) {
759 isc_buffer_init(&databuf, data, sizeof(data));
760 isc_buffer_putuint16(&databuf, querytsig.siglen);
761 isc_buffer_usedregion(&databuf, &r);
762 ret = dst_context_adddata(ctx, &r);
763 if (ret != ISC_R_SUCCESS)
764 goto cleanup_context;
765 if (querytsig.siglen > 0) {
766 r.length = querytsig.siglen;
767 r.base = querytsig.signature;
768 ret = dst_context_adddata(ctx, &r);
769 if (ret != ISC_R_SUCCESS)
770 goto cleanup_context;
775 * Extract the header.
777 isc_buffer_usedregion(source, &r);
778 memcpy(header, r.base, DNS_MESSAGE_HEADERLEN);
779 isc_region_consume(&r, DNS_MESSAGE_HEADERLEN);
782 * Decrement the additional field counter.
784 memcpy(&addcount, &header[DNS_MESSAGE_HEADERLEN - 2], 2);
785 addcount = htons((isc_uint16_t)(ntohs(addcount) - 1));
786 memcpy(&header[DNS_MESSAGE_HEADERLEN - 2], &addcount, 2);
789 * Put in the original id.
791 id = htons(tsig.originalid);
792 memcpy(&header[0], &id, 2);
795 * Digest the modified header.
797 header_r.base = (unsigned char *) header;
798 header_r.length = DNS_MESSAGE_HEADERLEN;
799 ret = dst_context_adddata(ctx, &header_r);
800 if (ret != ISC_R_SUCCESS)
801 goto cleanup_context;
804 * Digest all non-TSIG records.
806 isc_buffer_usedregion(source, &source_r);
807 r.base = source_r.base + DNS_MESSAGE_HEADERLEN;
808 r.length = msg->sigstart - DNS_MESSAGE_HEADERLEN;
809 ret = dst_context_adddata(ctx, &r);
810 if (ret != ISC_R_SUCCESS)
811 goto cleanup_context;
814 * Digest the key name.
816 dns_name_toregion(&tsigkey->name, &r);
817 ret = dst_context_adddata(ctx, &r);
818 if (ret != ISC_R_SUCCESS)
819 goto cleanup_context;
821 isc_buffer_init(&databuf, data, sizeof(data));
822 isc_buffer_putuint16(&databuf, tsig.common.rdclass);
823 isc_buffer_putuint32(&databuf, msg->tsig->ttl);
824 isc_buffer_usedregion(&databuf, &r);
825 ret = dst_context_adddata(ctx, &r);
826 if (ret != ISC_R_SUCCESS)
827 goto cleanup_context;
830 * Digest the key algorithm.
832 dns_name_toregion(tsigkey->algorithm, &r);
833 ret = dst_context_adddata(ctx, &r);
834 if (ret != ISC_R_SUCCESS)
835 goto cleanup_context;
837 isc_buffer_clear(&databuf);
838 buffer_putuint48(&databuf, tsig.timesigned);
839 isc_buffer_putuint16(&databuf, tsig.fudge);
840 isc_buffer_putuint16(&databuf, tsig.error);
841 isc_buffer_putuint16(&databuf, tsig.otherlen);
842 isc_buffer_usedregion(&databuf, &r);
843 ret = dst_context_adddata(ctx, &r);
844 if (ret != ISC_R_SUCCESS)
845 goto cleanup_context;
847 if (tsig.otherlen > 0) {
849 r.length = tsig.otherlen;
850 ret = dst_context_adddata(ctx, &r);
851 if (ret != ISC_R_SUCCESS)
852 goto cleanup_context;
855 ret = dst_context_verify(ctx, &sig_r);
856 if (ret == DST_R_VERIFYFAILURE) {
857 msg->tsigstatus = dns_tsigerror_badsig;
858 ret = DNS_R_TSIGVERIFYFAILURE;
859 tsig_log(msg->tsigkey, 2,
860 "signature failed to verify");
861 goto cleanup_context;
862 } else if (ret != ISC_R_SUCCESS)
863 goto cleanup_context;
865 dst_context_destroy(&ctx);
866 } else if (tsig.error != dns_tsigerror_badsig &&
867 tsig.error != dns_tsigerror_badkey)
869 msg->tsigstatus = dns_tsigerror_badsig;
870 tsig_log(msg->tsigkey, 2, "signature was empty");
871 return (DNS_R_TSIGVERIFYFAILURE);
874 msg->tsigstatus = dns_rcode_noerror;
876 if (tsig.error != dns_rcode_noerror) {
877 if (tsig.error == dns_tsigerror_badtime)
878 return (DNS_R_CLOCKSKEW);
880 return (DNS_R_TSIGERRORSET);
883 msg->verified_sig = 1;
885 return (ISC_R_SUCCESS);
889 dst_context_destroy(&ctx);
895 tsig_verify_tcp(isc_buffer_t *source, dns_message_t *msg) {
896 dns_rdata_any_tsig_t tsig, querytsig;
897 isc_region_t r, source_r, header_r, sig_r;
898 isc_buffer_t databuf;
899 unsigned char data[32];
901 dns_rdata_t rdata = DNS_RDATA_INIT;
904 dns_tsigkey_t *tsigkey;
905 dst_key_t *key = NULL;
906 unsigned char header[DNS_MESSAGE_HEADERLEN];
907 isc_uint16_t addcount, id;
908 isc_boolean_t has_tsig = ISC_FALSE;
911 REQUIRE(source != NULL);
912 REQUIRE(msg != NULL);
913 REQUIRE(dns_message_gettsigkey(msg) != NULL);
914 REQUIRE(msg->tcp_continuation == 1);
915 REQUIRE(msg->querytsig != NULL);
917 if (!is_response(msg))
918 return (DNS_R_EXPECTEDRESPONSE);
922 tsigkey = dns_message_gettsigkey(msg);
925 * Extract and parse the previous TSIG
927 ret = dns_rdataset_first(msg->querytsig);
928 if (ret != ISC_R_SUCCESS)
930 dns_rdataset_current(msg->querytsig, &rdata);
931 ret = dns_rdata_tostruct(&rdata, &querytsig, NULL);
932 if (ret != ISC_R_SUCCESS)
934 dns_rdata_reset(&rdata);
937 * If there is a TSIG in this message, do some checks.
939 if (msg->tsig != NULL) {
942 keyname = msg->tsigname;
943 ret = dns_rdataset_first(msg->tsig);
944 if (ret != ISC_R_SUCCESS)
945 goto cleanup_querystruct;
946 dns_rdataset_current(msg->tsig, &rdata);
947 ret = dns_rdata_tostruct(&rdata, &tsig, NULL);
948 if (ret != ISC_R_SUCCESS)
949 goto cleanup_querystruct;
952 * Do the key name and algorithm match that of the query?
954 if (!dns_name_equal(keyname, &tsigkey->name) ||
955 !dns_name_equal(&tsig.algorithm, &querytsig.algorithm))
957 msg->tsigstatus = dns_tsigerror_badkey;
958 ret = DNS_R_TSIGVERIFYFAILURE;
959 tsig_log(msg->tsigkey, 2,
960 "key name and algorithm do not match");
961 goto cleanup_querystruct;
967 isc_stdtime_get(&now);
969 if (now + msg->timeadjust > tsig.timesigned + tsig.fudge) {
970 msg->tsigstatus = dns_tsigerror_badtime;
971 tsig_log(msg->tsigkey, 2, "signature has expired");
972 ret = DNS_R_CLOCKSKEW;
973 goto cleanup_querystruct;
974 } else if (now + msg->timeadjust <
975 tsig.timesigned - tsig.fudge)
977 msg->tsigstatus = dns_tsigerror_badtime;
978 tsig_log(msg->tsigkey, 2,
979 "signature is in the future");
980 ret = DNS_R_CLOCKSKEW;
981 goto cleanup_querystruct;
987 if (msg->tsigctx == NULL) {
988 ret = dst_context_create(key, mctx, &msg->tsigctx);
989 if (ret != ISC_R_SUCCESS)
990 goto cleanup_querystruct;
993 * Digest the length of the query signature
995 isc_buffer_init(&databuf, data, sizeof(data));
996 isc_buffer_putuint16(&databuf, querytsig.siglen);
997 isc_buffer_usedregion(&databuf, &r);
998 ret = dst_context_adddata(msg->tsigctx, &r);
999 if (ret != ISC_R_SUCCESS)
1000 goto cleanup_context;
1003 * Digest the data of the query signature
1005 if (querytsig.siglen > 0) {
1006 r.length = querytsig.siglen;
1007 r.base = querytsig.signature;
1008 ret = dst_context_adddata(msg->tsigctx, &r);
1009 if (ret != ISC_R_SUCCESS)
1010 goto cleanup_context;
1015 * Extract the header.
1017 isc_buffer_usedregion(source, &r);
1018 memcpy(header, r.base, DNS_MESSAGE_HEADERLEN);
1019 isc_region_consume(&r, DNS_MESSAGE_HEADERLEN);
1022 * Decrement the additional field counter if necessary.
1025 memcpy(&addcount, &header[DNS_MESSAGE_HEADERLEN - 2], 2);
1026 addcount = htons((isc_uint16_t)(ntohs(addcount) - 1));
1027 memcpy(&header[DNS_MESSAGE_HEADERLEN - 2], &addcount, 2);
1031 * Put in the original id.
1033 /* XXX Can TCP transfers be forwarded? How would that work? */
1035 id = htons(tsig.originalid);
1036 memcpy(&header[0], &id, 2);
1040 * Digest the modified header.
1042 header_r.base = (unsigned char *) header;
1043 header_r.length = DNS_MESSAGE_HEADERLEN;
1044 ret = dst_context_adddata(msg->tsigctx, &header_r);
1045 if (ret != ISC_R_SUCCESS)
1046 goto cleanup_context;
1049 * Digest all non-TSIG records.
1051 isc_buffer_usedregion(source, &source_r);
1052 r.base = source_r.base + DNS_MESSAGE_HEADERLEN;
1054 r.length = msg->sigstart - DNS_MESSAGE_HEADERLEN;
1056 r.length = source_r.length - DNS_MESSAGE_HEADERLEN;
1057 ret = dst_context_adddata(msg->tsigctx, &r);
1058 if (ret != ISC_R_SUCCESS)
1059 goto cleanup_context;
1062 * Digest the time signed and fudge.
1065 isc_buffer_init(&databuf, data, sizeof(data));
1066 buffer_putuint48(&databuf, tsig.timesigned);
1067 isc_buffer_putuint16(&databuf, tsig.fudge);
1068 isc_buffer_usedregion(&databuf, &r);
1069 ret = dst_context_adddata(msg->tsigctx, &r);
1070 if (ret != ISC_R_SUCCESS)
1071 goto cleanup_context;
1073 sig_r.base = tsig.signature;
1074 sig_r.length = tsig.siglen;
1075 if (tsig.siglen == 0) {
1076 if (tsig.error != dns_rcode_noerror) {
1077 if (tsig.error == dns_tsigerror_badtime)
1078 ret = DNS_R_CLOCKSKEW;
1080 ret = DNS_R_TSIGERRORSET;
1082 tsig_log(msg->tsigkey, 2,
1083 "signature is empty");
1084 ret = DNS_R_TSIGVERIFYFAILURE;
1086 goto cleanup_context;
1089 ret = dst_context_verify(msg->tsigctx, &sig_r);
1090 if (ret == DST_R_VERIFYFAILURE) {
1091 msg->tsigstatus = dns_tsigerror_badsig;
1092 tsig_log(msg->tsigkey, 2,
1093 "signature failed to verify");
1094 ret = DNS_R_TSIGVERIFYFAILURE;
1095 goto cleanup_context;
1097 else if (ret != ISC_R_SUCCESS)
1098 goto cleanup_context;
1100 dst_context_destroy(&msg->tsigctx);
1103 msg->tsigstatus = dns_rcode_noerror;
1104 return (ISC_R_SUCCESS);
1107 dst_context_destroy(&msg->tsigctx);
1109 cleanup_querystruct:
1110 dns_rdata_freestruct(&querytsig);
1117 dns_tsigkey_find(dns_tsigkey_t **tsigkey, dns_name_t *name,
1118 dns_name_t *algorithm, dns_tsig_keyring_t *ring)
1122 isc_result_t result;
1124 REQUIRE(tsigkey != NULL);
1125 REQUIRE(*tsigkey == NULL);
1126 REQUIRE(name != NULL);
1127 REQUIRE(ring != NULL);
1129 isc_stdtime_get(&now);
1130 RWLOCK(&ring->lock, isc_rwlocktype_read);
1132 result = dns_rbt_findname(ring->keys, name, 0, NULL, (void *)&key);
1133 if (result == DNS_R_PARTIALMATCH || result == ISC_R_NOTFOUND) {
1134 RWUNLOCK(&ring->lock, isc_rwlocktype_read);
1135 return (ISC_R_NOTFOUND);
1137 if (algorithm != NULL && !dns_name_equal(key->algorithm, algorithm)) {
1138 RWUNLOCK(&ring->lock, isc_rwlocktype_read);
1139 return (ISC_R_NOTFOUND);
1141 if (key->inception != key->expire && key->expire < now) {
1143 * The key has expired.
1145 RWUNLOCK(&ring->lock, isc_rwlocktype_read);
1146 RWLOCK(&ring->lock, isc_rwlocktype_write);
1147 (void) dns_rbt_deletename(ring->keys, name, ISC_FALSE);
1148 RWUNLOCK(&ring->lock, isc_rwlocktype_write);
1149 return (ISC_R_NOTFOUND);
1152 isc_refcount_increment(&key->refs, NULL);
1153 RWUNLOCK(&ring->lock, isc_rwlocktype_read);
1155 return (ISC_R_SUCCESS);
1159 free_tsignode(void *node, void *_unused) {
1164 REQUIRE(node != NULL);
1167 dns_tsigkey_detach(&key);
1171 dns_tsigkeyring_create(isc_mem_t *mctx, dns_tsig_keyring_t **ringp) {
1172 isc_result_t result;
1173 dns_tsig_keyring_t *ring;
1175 REQUIRE(mctx != NULL);
1176 REQUIRE(ringp != NULL);
1177 REQUIRE(*ringp == NULL);
1179 ring = isc_mem_get(mctx, sizeof(dns_tsig_keyring_t));
1181 return (ISC_R_NOMEMORY);
1183 result = isc_rwlock_init(&ring->lock, 0, 0);
1184 if (result != ISC_R_SUCCESS) {
1185 UNEXPECTED_ERROR(__FILE__, __LINE__,
1186 "isc_rwlock_init() failed: %s",
1187 isc_result_totext(result));
1188 return (ISC_R_UNEXPECTED);
1192 result = dns_rbt_create(mctx, free_tsignode, NULL, &ring->keys);
1193 if (result != ISC_R_SUCCESS) {
1194 isc_rwlock_destroy(&ring->lock);
1195 isc_mem_put(mctx, ring, sizeof(dns_tsig_keyring_t));
1202 return (ISC_R_SUCCESS);
1206 dns_tsigkeyring_destroy(dns_tsig_keyring_t **ringp) {
1207 dns_tsig_keyring_t *ring;
1209 REQUIRE(ringp != NULL);
1210 REQUIRE(*ringp != NULL);
1215 dns_rbt_destroy(&ring->keys);
1216 isc_rwlock_destroy(&ring->lock);
1217 isc_mem_put(ring->mctx, ring, sizeof(dns_tsig_keyring_t));