|
|
|
/*
|
|
|
|
* Copyright 2015 Andrew Smith
|
|
|
|
*
|
|
|
|
* This program is free software; you can redistribute it and/or modify it
|
|
|
|
* under the terms of the GNU General Public License as published by the Free
|
|
|
|
* Software Foundation; either version 3 of the License, or (at your option)
|
|
|
|
* any later version. See COPYING for more details.
|
|
|
|
*/
|
|
|
|
|
|
|
|
#include <openssl/x509.h>
|
|
|
|
#include <openssl/hmac.h>
|
|
|
|
#include "ckdb.h"
|
|
|
|
|
|
|
|
#if (SHA256SIZBIN != SHA256_DIGEST_LENGTH)
|
|
|
|
#error "SHA256SIZBIN must = OpenSSL SHA256_DIGEST_LENGTH"
|
|
|
|
#endif
|
|
|
|
|
|
|
|
static char b32code[] = {
|
|
|
|
'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H',
|
|
|
|
'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P',
|
|
|
|
'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X',
|
|
|
|
'Y', 'Z', '2', '3', '4', '5', '6', '7'
|
|
|
|
};
|
|
|
|
|
|
|
|
#define ASSERT32(condition) __maybe_unused static char b32code_length_must_be_32[(condition)?1:-1]
|
|
|
|
ASSERT32(sizeof(b32code) == 32);
|
|
|
|
|
|
|
|
// bin is bigendian, return buf is bigendian
|
|
|
|
char *_tob32(USERS *users, unsigned char *bin, size_t len, char *name,
|
|
|
|
size_t olen, WHERE_FFL_ARGS)
|
|
|
|
{
|
|
|
|
size_t osiz = (len * 8 + 4) / 5;
|
|
|
|
char *buf, *ptr, *st = NULL;
|
|
|
|
int i, j, bits, ch;
|
|
|
|
|
|
|
|
if (osiz != olen) {
|
|
|
|
LOGEMERG("%s() of '%s' data for '%s' invalid olen=%d != osiz=%d"
|
|
|
|
WHERE_FFL,
|
|
|
|
__func__, name, safe_text_nonull(users->username),
|
|
|
|
(int)olen, (int)osiz, WHERE_FFL_PASS);
|
|
|
|
FREENULL(st);
|
|
|
|
olen = osiz;
|
|
|
|
}
|
|
|
|
|
|
|
|
buf = malloc(olen+1);
|
|
|
|
ptr = buf + olen;
|
|
|
|
*ptr = '\0';
|
|
|
|
i = 0;
|
|
|
|
while (--ptr >= buf) {
|
|
|
|
j = i / 8;
|
|
|
|
bits = (31 << (i % 8));
|
|
|
|
ch = (bin[len-j-1] & bits) >> (i % 8);
|
|
|
|
if (bits > 255)
|
|
|
|
ch |= (bin[len-j-2] & (bits >> 8)) << (8 - (i % 8));
|
|
|
|
// Shouldn't ever happen
|
|
|
|
if (ch < 0 || ch > 31) {
|
|
|
|
char *binstr = bin2hex(bin, len);
|
|
|
|
LOGEMERG("%s() failure of '%s' data for '%s' invalid "
|
|
|
|
"ch=%d, i=%d j=%d bits=%d bin=0x%s len=%d "
|
|
|
|
"olen=%d" WHERE_FFL,
|
|
|
|
__func__, name,
|
|
|
|
safe_text_nonull(users->username), ch, i, j,
|
|
|
|
bits, binstr, (int)len, (int)olen,
|
|
|
|
WHERE_FFL_PASS);
|
|
|
|
FREENULL(st);
|
|
|
|
FREENULL(binstr);
|
|
|
|
ch = 0;
|
|
|
|
}
|
|
|
|
*ptr = b32code[ch];
|
|
|
|
i += 5;
|
|
|
|
}
|
|
|
|
return buf;
|
|
|
|
}
|
|
|
|
|
|
|
|
bool gen_data(__maybe_unused USERS *users, unsigned char *buf, size_t len,
|
|
|
|
int32_t entropy)
|
|
|
|
{
|
|
|
|
unsigned char *ptr;
|
|
|
|
ssize_t ret, want, got;
|
|
|
|
int i;
|
|
|
|
|
|
|
|
int fil = open("/dev/random", O_RDONLY);
|
|
|
|
if (fil == -1)
|
|
|
|
return false;
|
|
|
|
|
|
|
|
want = (ssize_t)len;
|
|
|
|
got = 0;
|
|
|
|
while (got < want) {
|
|
|
|
ret = read(fil, buf+got, want-got);
|
|
|
|
if (ret < 0) {
|
|
|
|
close(fil);
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
got += ret;
|
|
|
|
}
|
|
|
|
close(fil);
|
|
|
|
|
|
|
|
ptr = (unsigned char *)&entropy;
|
|
|
|
for (i = 0; i < (int)sizeof(entropy) && (i + sizeof(entropy)) < len; i++)
|
|
|
|
buf[i+sizeof(entropy)] ^= *(ptr + i);
|
|
|
|
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
K_ITEM *gen_2fa_key(K_ITEM *old_u_item, int32_t entropy, char *by, char *code,
|
|
|
|
char *inet, tv_t *cd, K_TREE *trf_root)
|
|
|
|
{
|
|
|
|
unsigned char key[TOTPAUTH_KEYSIZE];
|
|
|
|
K_ITEM *u_item = NULL;
|
|
|
|
USERS *old_users, *users;
|
|
|
|
bool ok;
|
|
|
|
|
|
|
|
DATA_USERS(old_users, old_u_item);
|
|
|
|
ok = gen_data(old_users, key, sizeof(key), entropy);
|
|
|
|
if (ok) {
|
|
|
|
K_WLOCK(users_free);
|
|
|
|
u_item = k_unlink_head(users_free);
|
|
|
|
K_WUNLOCK(users_free);
|
|
|
|
DATA_USERS(users, u_item);
|
|
|
|
copy_users(users, old_users);
|
|
|
|
users_userdata_add_bin(users, USER_TOTPAUTH_NAME,
|
|
|
|
USER_TOTPAUTH, key, sizeof(key));
|
|
|
|
users_userdata_add_txt(users, USER_TEST2FA_NAME,
|
|
|
|
USER_TEST2FA, "Y");
|
|
|
|
ok = users_replace(NULL, u_item, old_u_item, by, code, inet, cd,
|
|
|
|
trf_root);
|
|
|
|
if (!ok) {
|
|
|
|
// u_item was cleaned up in user_replace()
|
|
|
|
u_item = NULL;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return u_item;
|
|
|
|
}
|
|
|
|
|
|
|
|
bool check_2fa(USERS *users, int32_t value)
|
|
|
|
{
|
|
|
|
char *st = NULL, *tmp1 = NULL, *tmp2 = NULL, *tmp3 = NULL;
|
|
|
|
unsigned char tim[sizeof(int64_t)], *bin, *hash;
|
|
|
|
unsigned int reslen;
|
|
|
|
size_t binlen;
|
|
|
|
HMAC_CTX ctx;
|
|
|
|
int64_t now;
|
|
|
|
int32_t otp;
|
|
|
|
int i, offset;
|
|
|
|
|
|
|
|
now = (int64_t)time(NULL) / TOTPAUTH_TIME;
|
|
|
|
bin = users_userdata_get_bin(users, USER_TOTPAUTH_NAME,
|
|
|
|
USER_TOTPAUTH, &binlen);
|
|
|
|
if (binlen != TOTPAUTH_KEYSIZE) {
|
|
|
|
LOGERR("%s() invalid key for '%s/%s "
|
|
|
|
"len(%d) != %d",
|
|
|
|
__func__,
|
|
|
|
st = safe_text_nonull(users->username),
|
|
|
|
USER_TOTPAUTH_NAME, (int)binlen,
|
|
|
|
TOTPAUTH_KEYSIZE);
|
|
|
|
FREENULL(st);
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
for (i = 0; i < (int)sizeof(int64_t); i++)
|
|
|
|
tim[i] = (now >> 8 * ((sizeof(int64_t) - 1) - i)) & 0xff;
|
|
|
|
|
|
|
|
LOGDEBUG("%s() '%s/%s tim=%"PRId64"=%s key=%s=%s", __func__,
|
|
|
|
st = safe_text_nonull(users->username),
|
|
|
|
USER_TOTPAUTH_NAME, now,
|
|
|
|
tmp1 = (char *)bin2hex(&tim, sizeof(tim)),
|
|
|
|
tmp2 = (char *)bin2hex(bin, TOTPAUTH_KEYSIZE),
|
|
|
|
tmp3 = tob32(users, bin, binlen,USER_TOTPAUTH_NAME, TOTPAUTH_DSP_KEYSIZE));
|
|
|
|
FREENULL(tmp3);
|
|
|
|
FREENULL(tmp2);
|
|
|
|
FREENULL(tmp1);
|
|
|
|
FREENULL(st);
|
|
|
|
|
|
|
|
hash = malloc(SHA256_DIGEST_LENGTH);
|
|
|
|
if (!hash)
|
|
|
|
quithere(1, "malloc OOM");
|
|
|
|
|
|
|
|
HMAC_CTX_init(&ctx);
|
|
|
|
HMAC_Init_ex(&ctx, bin, binlen, EVP_sha256(), NULL);
|
|
|
|
HMAC_Update(&ctx, (unsigned char *)&tim, sizeof(tim));
|
|
|
|
HMAC_Final(&ctx, hash, &reslen);
|
|
|
|
|
|
|
|
LOGDEBUG("%s() '%s/%s hash=%s", __func__,
|
|
|
|
st = safe_text_nonull(users->username),
|
|
|
|
USER_TOTPAUTH_NAME,
|
|
|
|
tmp1 = (char *)bin2hex(hash, SHA256_DIGEST_LENGTH));
|
|
|
|
FREENULL(tmp1);
|
|
|
|
FREENULL(st);
|
|
|
|
|
|
|
|
offset = hash[reslen-1] & 0xf;
|
|
|
|
|
|
|
|
otp = ((hash[offset] & 0x7f) << 24) | ((hash[offset+1] & 0xff) << 16) |
|
|
|
|
((hash[offset+2] & 0xff) << 8) | (hash[offset+3] & 0xff);
|
|
|
|
|
|
|
|
otp %= 1000000;
|
|
|
|
|
|
|
|
LOGDEBUG("%s() '%s/%s offset=%d otp=%"PRId32" value=%"PRId32
|
|
|
|
" lastvalue=%"PRId32,
|
|
|
|
__func__, st = safe_text_nonull(users->username),
|
|
|
|
USER_TOTPAUTH_NAME, offset, otp, value, users->lastvalue);
|
|
|
|
FREENULL(st);
|
|
|
|
FREENULL(hash);
|
|
|
|
|
|
|
|
/* Disallow 0 since that's the default value
|
|
|
|
* If it is 0, that means wait another TOTPAUTH_TIME and try again
|
|
|
|
* 0 is only one in a million tests for all users
|
|
|
|
* For security reasons, we can't allow using the same value twice,
|
|
|
|
* N.B. a ckdb restart will forget lastvalue, but a restart should
|
|
|
|
* take long enough to resolve that issue */
|
|
|
|
if (otp == value && otp != 0 && otp != users->lastvalue) {
|
|
|
|
users->lastvalue = otp;
|
|
|
|
return true;
|
|
|
|
} else
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
bool tst_2fa(K_ITEM *old_u_item, int32_t value, char *by, char *code,
|
|
|
|
char *inet, tv_t *cd, K_TREE *trf_root)
|
|
|
|
{
|
|
|
|
K_ITEM *u_item;
|
|
|
|
USERS *old_users, *users;
|
|
|
|
bool ok;
|
|
|
|
|
|
|
|
DATA_USERS(old_users, old_u_item);
|
|
|
|
ok = check_2fa(old_users, value);
|
|
|
|
if (ok) {
|
|
|
|
K_WLOCK(users_free);
|
|
|
|
u_item = k_unlink_head(users_free);
|
|
|
|
K_WUNLOCK(users_free);
|
|
|
|
DATA_USERS(users, u_item);
|
|
|
|
copy_users(users, old_users);
|
|
|
|
users_userdata_del(users, USER_TEST2FA_NAME, USER_TEST2FA);
|
|
|
|
ok = users_replace(NULL, u_item, old_u_item, by, code, inet, cd,
|
|
|
|
trf_root);
|
|
|
|
// if !ok : u_item was cleaned up in user_replace()
|
|
|
|
}
|
|
|
|
return ok;
|
|
|
|
}
|
|
|
|
|
|
|
|
K_ITEM *remove_2fa(K_ITEM *old_u_item, int32_t value, char *by, char *code,
|
|
|
|
char *inet, tv_t *cd, K_TREE *trf_root)
|
|
|
|
{
|
|
|
|
K_ITEM *u_item = NULL;
|
|
|
|
USERS *old_users, *users;
|
|
|
|
bool ok, did = false;
|
|
|
|
|
|
|
|
DATA_USERS(old_users, old_u_item);
|
|
|
|
ok = check_2fa(old_users, value);
|
|
|
|
if (ok) {
|
|
|
|
K_WLOCK(users_free);
|
|
|
|
u_item = k_unlink_head(users_free);
|
|
|
|
K_WUNLOCK(users_free);
|
|
|
|
DATA_USERS(users, u_item);
|
|
|
|
copy_users(users, old_users);
|
|
|
|
if (users->databits & USER_TEST2FA) {
|
|
|
|
users_userdata_del(users, USER_TEST2FA_NAME, USER_TEST2FA);
|
|
|
|
did = true;
|
|
|
|
}
|
|
|
|
if (users->databits & USER_TOTPAUTH) {
|
|
|
|
users_userdata_del(users, USER_TOTPAUTH_NAME, USER_TOTPAUTH);
|
|
|
|
did = true;
|
|
|
|
}
|
|
|
|
if (did) {
|
|
|
|
ok = users_replace(NULL, u_item, old_u_item, by, code, inet, cd,
|
|
|
|
trf_root);
|
|
|
|
if (!ok) {
|
|
|
|
// u_item was cleaned up in user_replace()
|
|
|
|
u_item = NULL;
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
K_WLOCK(users_free);
|
|
|
|
free_users_data(u_item);
|
|
|
|
k_add_head(users_free, u_item);
|
|
|
|
K_WUNLOCK(users_free);
|
|
|
|
u_item = NULL;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return u_item;
|
|
|
|
}
|