1 | // SPDX-License-Identifier: GPL-2.0-or-later |
2 | /******************************************************************************* |
3 | * This file houses the main functions for the iSCSI CHAP support |
4 | * |
5 | * (c) Copyright 2007-2013 Datera, Inc. |
6 | * |
7 | * Author: Nicholas A. Bellinger <nab@linux-iscsi.org> |
8 | * |
9 | ******************************************************************************/ |
10 | |
11 | #include <crypto/hash.h> |
12 | #include <linux/kernel.h> |
13 | #include <linux/string.h> |
14 | #include <linux/err.h> |
15 | #include <linux/random.h> |
16 | #include <linux/scatterlist.h> |
17 | #include <target/iscsi/iscsi_target_core.h> |
18 | #include "iscsi_target_nego.h" |
19 | #include "iscsi_target_auth.h" |
20 | |
21 | static char *chap_get_digest_name(const int digest_type) |
22 | { |
23 | switch (digest_type) { |
24 | case CHAP_DIGEST_MD5: |
25 | return "md5" ; |
26 | case CHAP_DIGEST_SHA1: |
27 | return "sha1" ; |
28 | case CHAP_DIGEST_SHA256: |
29 | return "sha256" ; |
30 | case CHAP_DIGEST_SHA3_256: |
31 | return "sha3-256" ; |
32 | default: |
33 | return NULL; |
34 | } |
35 | } |
36 | |
37 | static int chap_gen_challenge( |
38 | struct iscsit_conn *conn, |
39 | int caller, |
40 | char *c_str, |
41 | unsigned int *c_len) |
42 | { |
43 | int ret; |
44 | unsigned char *challenge_asciihex; |
45 | struct iscsi_chap *chap = conn->auth_protocol; |
46 | |
47 | challenge_asciihex = kzalloc(size: chap->challenge_len * 2 + 1, GFP_KERNEL); |
48 | if (!challenge_asciihex) |
49 | return -ENOMEM; |
50 | |
51 | memset(chap->challenge, 0, MAX_CHAP_CHALLENGE_LEN); |
52 | |
53 | ret = get_random_bytes_wait(buf: chap->challenge, nbytes: chap->challenge_len); |
54 | if (unlikely(ret)) |
55 | goto out; |
56 | |
57 | bin2hex(dst: challenge_asciihex, src: chap->challenge, |
58 | count: chap->challenge_len); |
59 | /* |
60 | * Set CHAP_C, and copy the generated challenge into c_str. |
61 | */ |
62 | *c_len += sprintf(buf: c_str + *c_len, fmt: "CHAP_C=0x%s" , challenge_asciihex); |
63 | *c_len += 1; |
64 | |
65 | pr_debug("[%s] Sending CHAP_C=0x%s\n\n" , (caller) ? "server" : "client" , |
66 | challenge_asciihex); |
67 | |
68 | out: |
69 | kfree(objp: challenge_asciihex); |
70 | return ret; |
71 | } |
72 | |
73 | static int chap_test_algorithm(const char *name) |
74 | { |
75 | struct crypto_shash *tfm; |
76 | |
77 | tfm = crypto_alloc_shash(alg_name: name, type: 0, mask: 0); |
78 | if (IS_ERR(ptr: tfm)) |
79 | return -1; |
80 | |
81 | crypto_free_shash(tfm); |
82 | return 0; |
83 | } |
84 | |
85 | static int chap_check_algorithm(const char *a_str) |
86 | { |
87 | char *tmp, *orig, *token, *digest_name; |
88 | long digest_type; |
89 | int r = CHAP_DIGEST_UNKNOWN; |
90 | |
91 | tmp = kstrdup(s: a_str, GFP_KERNEL); |
92 | if (!tmp) { |
93 | pr_err("Memory allocation failed for CHAP_A temporary buffer\n" ); |
94 | return CHAP_DIGEST_UNKNOWN; |
95 | } |
96 | orig = tmp; |
97 | |
98 | token = strsep(&tmp, "=" ); |
99 | if (!token) |
100 | goto out; |
101 | |
102 | if (strcmp(token, "CHAP_A" )) { |
103 | pr_err("Unable to locate CHAP_A key\n" ); |
104 | goto out; |
105 | } |
106 | while (token) { |
107 | token = strsep(&tmp, "," ); |
108 | if (!token) |
109 | goto out; |
110 | |
111 | if (kstrtol(s: token, base: 10, res: &digest_type)) |
112 | continue; |
113 | |
114 | digest_name = chap_get_digest_name(digest_type); |
115 | if (!digest_name) |
116 | continue; |
117 | |
118 | pr_debug("Selected %s Algorithm\n" , digest_name); |
119 | if (chap_test_algorithm(name: digest_name) < 0) { |
120 | pr_err("failed to allocate %s algo\n" , digest_name); |
121 | } else { |
122 | r = digest_type; |
123 | goto out; |
124 | } |
125 | } |
126 | out: |
127 | kfree(objp: orig); |
128 | return r; |
129 | } |
130 | |
131 | static void chap_close(struct iscsit_conn *conn) |
132 | { |
133 | kfree(objp: conn->auth_protocol); |
134 | conn->auth_protocol = NULL; |
135 | } |
136 | |
137 | static struct iscsi_chap *chap_server_open( |
138 | struct iscsit_conn *conn, |
139 | struct iscsi_node_auth *auth, |
140 | const char *a_str, |
141 | char *aic_str, |
142 | unsigned int *aic_len) |
143 | { |
144 | int digest_type; |
145 | struct iscsi_chap *chap; |
146 | |
147 | if (!(auth->naf_flags & NAF_USERID_SET) || |
148 | !(auth->naf_flags & NAF_PASSWORD_SET)) { |
149 | pr_err("CHAP user or password not set for" |
150 | " Initiator ACL\n" ); |
151 | return NULL; |
152 | } |
153 | |
154 | conn->auth_protocol = kzalloc(size: sizeof(struct iscsi_chap), GFP_KERNEL); |
155 | if (!conn->auth_protocol) |
156 | return NULL; |
157 | |
158 | chap = conn->auth_protocol; |
159 | digest_type = chap_check_algorithm(a_str); |
160 | switch (digest_type) { |
161 | case CHAP_DIGEST_MD5: |
162 | chap->digest_size = MD5_SIGNATURE_SIZE; |
163 | break; |
164 | case CHAP_DIGEST_SHA1: |
165 | chap->digest_size = SHA1_SIGNATURE_SIZE; |
166 | break; |
167 | case CHAP_DIGEST_SHA256: |
168 | chap->digest_size = SHA256_SIGNATURE_SIZE; |
169 | break; |
170 | case CHAP_DIGEST_SHA3_256: |
171 | chap->digest_size = SHA3_256_SIGNATURE_SIZE; |
172 | break; |
173 | case CHAP_DIGEST_UNKNOWN: |
174 | default: |
175 | pr_err("Unsupported CHAP_A value\n" ); |
176 | chap_close(conn); |
177 | return NULL; |
178 | } |
179 | |
180 | chap->digest_name = chap_get_digest_name(digest_type); |
181 | |
182 | /* Tie the challenge length to the digest size */ |
183 | chap->challenge_len = chap->digest_size; |
184 | |
185 | pr_debug("[server] Got CHAP_A=%d\n" , digest_type); |
186 | *aic_len = sprintf(buf: aic_str, fmt: "CHAP_A=%d" , digest_type); |
187 | *aic_len += 1; |
188 | pr_debug("[server] Sending CHAP_A=%d\n" , digest_type); |
189 | |
190 | /* |
191 | * Set Identifier. |
192 | */ |
193 | chap->id = conn->tpg->tpg_chap_id++; |
194 | *aic_len += sprintf(buf: aic_str + *aic_len, fmt: "CHAP_I=%d" , chap->id); |
195 | *aic_len += 1; |
196 | pr_debug("[server] Sending CHAP_I=%d\n" , chap->id); |
197 | /* |
198 | * Generate Challenge. |
199 | */ |
200 | if (chap_gen_challenge(conn, caller: 1, c_str: aic_str, c_len: aic_len) < 0) { |
201 | chap_close(conn); |
202 | return NULL; |
203 | } |
204 | |
205 | return chap; |
206 | } |
207 | |
208 | static const char base64_lookup_table[] = |
209 | "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/" ; |
210 | |
211 | static int chap_base64_decode(u8 *dst, const char *src, size_t len) |
212 | { |
213 | int i, bits = 0, ac = 0; |
214 | const char *p; |
215 | u8 *cp = dst; |
216 | |
217 | for (i = 0; i < len; i++) { |
218 | if (src[i] == '=') |
219 | return cp - dst; |
220 | |
221 | p = strchr(base64_lookup_table, src[i]); |
222 | if (p == NULL || src[i] == 0) |
223 | return -2; |
224 | |
225 | ac <<= 6; |
226 | ac += (p - base64_lookup_table); |
227 | bits += 6; |
228 | if (bits >= 8) { |
229 | *cp++ = (ac >> (bits - 8)) & 0xff; |
230 | ac &= ~(BIT(16) - BIT(bits - 8)); |
231 | bits -= 8; |
232 | } |
233 | } |
234 | if (ac) |
235 | return -1; |
236 | |
237 | return cp - dst; |
238 | } |
239 | |
240 | static int chap_server_compute_hash( |
241 | struct iscsit_conn *conn, |
242 | struct iscsi_node_auth *auth, |
243 | char *nr_in_ptr, |
244 | char *nr_out_ptr, |
245 | unsigned int *nr_out_len) |
246 | { |
247 | unsigned long id; |
248 | unsigned char id_as_uchar; |
249 | unsigned char type; |
250 | unsigned char identifier[10], *initiatorchg = NULL; |
251 | unsigned char *initiatorchg_binhex = NULL; |
252 | unsigned char *digest = NULL; |
253 | unsigned char *response = NULL; |
254 | unsigned char *client_digest = NULL; |
255 | unsigned char *server_digest = NULL; |
256 | unsigned char chap_n[MAX_CHAP_N_SIZE], chap_r[MAX_RESPONSE_LENGTH]; |
257 | size_t compare_len; |
258 | struct iscsi_chap *chap = conn->auth_protocol; |
259 | struct crypto_shash *tfm = NULL; |
260 | struct shash_desc *desc = NULL; |
261 | int auth_ret = -1, ret, initiatorchg_len; |
262 | |
263 | digest = kzalloc(size: chap->digest_size, GFP_KERNEL); |
264 | if (!digest) { |
265 | pr_err("Unable to allocate the digest buffer\n" ); |
266 | goto out; |
267 | } |
268 | |
269 | response = kzalloc(size: chap->digest_size * 2 + 2, GFP_KERNEL); |
270 | if (!response) { |
271 | pr_err("Unable to allocate the response buffer\n" ); |
272 | goto out; |
273 | } |
274 | |
275 | client_digest = kzalloc(size: chap->digest_size, GFP_KERNEL); |
276 | if (!client_digest) { |
277 | pr_err("Unable to allocate the client_digest buffer\n" ); |
278 | goto out; |
279 | } |
280 | |
281 | server_digest = kzalloc(size: chap->digest_size, GFP_KERNEL); |
282 | if (!server_digest) { |
283 | pr_err("Unable to allocate the server_digest buffer\n" ); |
284 | goto out; |
285 | } |
286 | |
287 | memset(identifier, 0, 10); |
288 | memset(chap_n, 0, MAX_CHAP_N_SIZE); |
289 | memset(chap_r, 0, MAX_RESPONSE_LENGTH); |
290 | |
291 | initiatorchg = kzalloc(CHAP_CHALLENGE_STR_LEN, GFP_KERNEL); |
292 | if (!initiatorchg) { |
293 | pr_err("Unable to allocate challenge buffer\n" ); |
294 | goto out; |
295 | } |
296 | |
297 | initiatorchg_binhex = kzalloc(CHAP_CHALLENGE_STR_LEN, GFP_KERNEL); |
298 | if (!initiatorchg_binhex) { |
299 | pr_err("Unable to allocate initiatorchg_binhex buffer\n" ); |
300 | goto out; |
301 | } |
302 | /* |
303 | * Extract CHAP_N. |
304 | */ |
305 | if (extract_param(nr_in_ptr, "CHAP_N" , MAX_CHAP_N_SIZE, chap_n, |
306 | &type) < 0) { |
307 | pr_err("Could not find CHAP_N.\n" ); |
308 | goto out; |
309 | } |
310 | if (type == HEX) { |
311 | pr_err("Could not find CHAP_N.\n" ); |
312 | goto out; |
313 | } |
314 | |
315 | /* Include the terminating NULL in the compare */ |
316 | compare_len = strlen(auth->userid) + 1; |
317 | if (strncmp(chap_n, auth->userid, compare_len) != 0) { |
318 | pr_err("CHAP_N values do not match!\n" ); |
319 | goto out; |
320 | } |
321 | pr_debug("[server] Got CHAP_N=%s\n" , chap_n); |
322 | /* |
323 | * Extract CHAP_R. |
324 | */ |
325 | if (extract_param(nr_in_ptr, "CHAP_R" , MAX_RESPONSE_LENGTH, chap_r, |
326 | &type) < 0) { |
327 | pr_err("Could not find CHAP_R.\n" ); |
328 | goto out; |
329 | } |
330 | |
331 | switch (type) { |
332 | case HEX: |
333 | if (strlen(chap_r) != chap->digest_size * 2) { |
334 | pr_err("Malformed CHAP_R\n" ); |
335 | goto out; |
336 | } |
337 | if (hex2bin(dst: client_digest, src: chap_r, count: chap->digest_size) < 0) { |
338 | pr_err("Malformed CHAP_R: invalid HEX\n" ); |
339 | goto out; |
340 | } |
341 | break; |
342 | case BASE64: |
343 | if (chap_base64_decode(dst: client_digest, src: chap_r, strlen(chap_r)) != |
344 | chap->digest_size) { |
345 | pr_err("Malformed CHAP_R: invalid BASE64\n" ); |
346 | goto out; |
347 | } |
348 | break; |
349 | default: |
350 | pr_err("Could not find CHAP_R\n" ); |
351 | goto out; |
352 | } |
353 | |
354 | pr_debug("[server] Got CHAP_R=%s\n" , chap_r); |
355 | |
356 | tfm = crypto_alloc_shash(alg_name: chap->digest_name, type: 0, mask: 0); |
357 | if (IS_ERR(ptr: tfm)) { |
358 | tfm = NULL; |
359 | pr_err("Unable to allocate struct crypto_shash\n" ); |
360 | goto out; |
361 | } |
362 | |
363 | desc = kmalloc(size: sizeof(*desc) + crypto_shash_descsize(tfm), GFP_KERNEL); |
364 | if (!desc) { |
365 | pr_err("Unable to allocate struct shash_desc\n" ); |
366 | goto out; |
367 | } |
368 | |
369 | desc->tfm = tfm; |
370 | |
371 | ret = crypto_shash_init(desc); |
372 | if (ret < 0) { |
373 | pr_err("crypto_shash_init() failed\n" ); |
374 | goto out; |
375 | } |
376 | |
377 | ret = crypto_shash_update(desc, data: &chap->id, len: 1); |
378 | if (ret < 0) { |
379 | pr_err("crypto_shash_update() failed for id\n" ); |
380 | goto out; |
381 | } |
382 | |
383 | ret = crypto_shash_update(desc, data: (char *)&auth->password, |
384 | strlen(auth->password)); |
385 | if (ret < 0) { |
386 | pr_err("crypto_shash_update() failed for password\n" ); |
387 | goto out; |
388 | } |
389 | |
390 | ret = crypto_shash_finup(desc, data: chap->challenge, |
391 | len: chap->challenge_len, out: server_digest); |
392 | if (ret < 0) { |
393 | pr_err("crypto_shash_finup() failed for challenge\n" ); |
394 | goto out; |
395 | } |
396 | |
397 | bin2hex(dst: response, src: server_digest, count: chap->digest_size); |
398 | pr_debug("[server] %s Server Digest: %s\n" , |
399 | chap->digest_name, response); |
400 | |
401 | if (memcmp(p: server_digest, q: client_digest, size: chap->digest_size) != 0) { |
402 | pr_debug("[server] %s Digests do not match!\n\n" , |
403 | chap->digest_name); |
404 | goto out; |
405 | } else |
406 | pr_debug("[server] %s Digests match, CHAP connection" |
407 | " successful.\n\n" , chap->digest_name); |
408 | /* |
409 | * One way authentication has succeeded, return now if mutual |
410 | * authentication is not enabled. |
411 | */ |
412 | if (!auth->authenticate_target) { |
413 | auth_ret = 0; |
414 | goto out; |
415 | } |
416 | /* |
417 | * Get CHAP_I. |
418 | */ |
419 | ret = extract_param(nr_in_ptr, "CHAP_I" , 10, identifier, &type); |
420 | if (ret == -ENOENT) { |
421 | pr_debug("Could not find CHAP_I. Initiator uses One way authentication.\n" ); |
422 | auth_ret = 0; |
423 | goto out; |
424 | } |
425 | if (ret < 0) { |
426 | pr_err("Could not find CHAP_I.\n" ); |
427 | goto out; |
428 | } |
429 | |
430 | if (type == HEX) |
431 | ret = kstrtoul(s: &identifier[2], base: 0, res: &id); |
432 | else |
433 | ret = kstrtoul(s: identifier, base: 0, res: &id); |
434 | |
435 | if (ret < 0) { |
436 | pr_err("kstrtoul() failed for CHAP identifier: %d\n" , ret); |
437 | goto out; |
438 | } |
439 | if (id > 255) { |
440 | pr_err("chap identifier: %lu greater than 255\n" , id); |
441 | goto out; |
442 | } |
443 | /* |
444 | * RFC 1994 says Identifier is no more than octet (8 bits). |
445 | */ |
446 | pr_debug("[server] Got CHAP_I=%lu\n" , id); |
447 | /* |
448 | * Get CHAP_C. |
449 | */ |
450 | if (extract_param(nr_in_ptr, "CHAP_C" , CHAP_CHALLENGE_STR_LEN, |
451 | initiatorchg, &type) < 0) { |
452 | pr_err("Could not find CHAP_C.\n" ); |
453 | goto out; |
454 | } |
455 | |
456 | switch (type) { |
457 | case HEX: |
458 | initiatorchg_len = DIV_ROUND_UP(strlen(initiatorchg), 2); |
459 | if (!initiatorchg_len) { |
460 | pr_err("Unable to convert incoming challenge\n" ); |
461 | goto out; |
462 | } |
463 | if (initiatorchg_len > 1024) { |
464 | pr_err("CHAP_C exceeds maximum binary size of 1024 bytes\n" ); |
465 | goto out; |
466 | } |
467 | |
468 | if (hex2bin(dst: initiatorchg_binhex, src: initiatorchg, |
469 | count: initiatorchg_len) < 0) { |
470 | pr_err("Malformed CHAP_C: invalid HEX\n" ); |
471 | goto out; |
472 | } |
473 | break; |
474 | case BASE64: |
475 | initiatorchg_len = chap_base64_decode(dst: initiatorchg_binhex, |
476 | src: initiatorchg, |
477 | strlen(initiatorchg)); |
478 | if (initiatorchg_len < 0) { |
479 | pr_err("Malformed CHAP_C: invalid BASE64\n" ); |
480 | goto out; |
481 | } |
482 | if (!initiatorchg_len) { |
483 | pr_err("Unable to convert incoming challenge\n" ); |
484 | goto out; |
485 | } |
486 | if (initiatorchg_len > 1024) { |
487 | pr_err("CHAP_C exceeds maximum binary size of 1024 bytes\n" ); |
488 | goto out; |
489 | } |
490 | break; |
491 | default: |
492 | pr_err("Could not find CHAP_C.\n" ); |
493 | goto out; |
494 | } |
495 | |
496 | pr_debug("[server] Got CHAP_C=%s\n" , initiatorchg); |
497 | /* |
498 | * During mutual authentication, the CHAP_C generated by the |
499 | * initiator must not match the original CHAP_C generated by |
500 | * the target. |
501 | */ |
502 | if (initiatorchg_len == chap->challenge_len && |
503 | !memcmp(p: initiatorchg_binhex, q: chap->challenge, |
504 | size: initiatorchg_len)) { |
505 | pr_err("initiator CHAP_C matches target CHAP_C, failing" |
506 | " login attempt\n" ); |
507 | goto out; |
508 | } |
509 | /* |
510 | * Generate CHAP_N and CHAP_R for mutual authentication. |
511 | */ |
512 | ret = crypto_shash_init(desc); |
513 | if (ret < 0) { |
514 | pr_err("crypto_shash_init() failed\n" ); |
515 | goto out; |
516 | } |
517 | |
518 | /* To handle both endiannesses */ |
519 | id_as_uchar = id; |
520 | ret = crypto_shash_update(desc, data: &id_as_uchar, len: 1); |
521 | if (ret < 0) { |
522 | pr_err("crypto_shash_update() failed for id\n" ); |
523 | goto out; |
524 | } |
525 | |
526 | ret = crypto_shash_update(desc, data: auth->password_mutual, |
527 | strlen(auth->password_mutual)); |
528 | if (ret < 0) { |
529 | pr_err("crypto_shash_update() failed for" |
530 | " password_mutual\n" ); |
531 | goto out; |
532 | } |
533 | /* |
534 | * Convert received challenge to binary hex. |
535 | */ |
536 | ret = crypto_shash_finup(desc, data: initiatorchg_binhex, len: initiatorchg_len, |
537 | out: digest); |
538 | if (ret < 0) { |
539 | pr_err("crypto_shash_finup() failed for ma challenge\n" ); |
540 | goto out; |
541 | } |
542 | |
543 | /* |
544 | * Generate CHAP_N and CHAP_R. |
545 | */ |
546 | *nr_out_len = sprintf(buf: nr_out_ptr, fmt: "CHAP_N=%s" , auth->userid_mutual); |
547 | *nr_out_len += 1; |
548 | pr_debug("[server] Sending CHAP_N=%s\n" , auth->userid_mutual); |
549 | /* |
550 | * Convert response from binary hex to ascii hext. |
551 | */ |
552 | bin2hex(dst: response, src: digest, count: chap->digest_size); |
553 | *nr_out_len += sprintf(buf: nr_out_ptr + *nr_out_len, fmt: "CHAP_R=0x%s" , |
554 | response); |
555 | *nr_out_len += 1; |
556 | pr_debug("[server] Sending CHAP_R=0x%s\n" , response); |
557 | auth_ret = 0; |
558 | out: |
559 | kfree_sensitive(objp: desc); |
560 | if (tfm) |
561 | crypto_free_shash(tfm); |
562 | kfree(objp: initiatorchg); |
563 | kfree(objp: initiatorchg_binhex); |
564 | kfree(objp: digest); |
565 | kfree(objp: response); |
566 | kfree(objp: server_digest); |
567 | kfree(objp: client_digest); |
568 | return auth_ret; |
569 | } |
570 | |
571 | u32 chap_main_loop( |
572 | struct iscsit_conn *conn, |
573 | struct iscsi_node_auth *auth, |
574 | char *in_text, |
575 | char *out_text, |
576 | int *in_len, |
577 | int *out_len) |
578 | { |
579 | struct iscsi_chap *chap = conn->auth_protocol; |
580 | |
581 | if (!chap) { |
582 | chap = chap_server_open(conn, auth, a_str: in_text, aic_str: out_text, aic_len: out_len); |
583 | if (!chap) |
584 | return 2; |
585 | chap->chap_state = CHAP_STAGE_SERVER_AIC; |
586 | return 0; |
587 | } else if (chap->chap_state == CHAP_STAGE_SERVER_AIC) { |
588 | convert_null_to_semi(in_text, *in_len); |
589 | if (chap_server_compute_hash(conn, auth, nr_in_ptr: in_text, nr_out_ptr: out_text, |
590 | nr_out_len: out_len) < 0) { |
591 | chap_close(conn); |
592 | return 2; |
593 | } |
594 | if (auth->authenticate_target) |
595 | chap->chap_state = CHAP_STAGE_SERVER_NR; |
596 | else |
597 | *out_len = 0; |
598 | chap_close(conn); |
599 | return 1; |
600 | } |
601 | |
602 | return 2; |
603 | } |
604 | |