PageRenderTime 43ms CodeModel.GetById 13ms app.highlight 24ms RepoModel.GetById 2ms app.codeStats 0ms

/crypto/heimdal/lib/gssapi/krb5/8003.c

https://bitbucket.org/freebsd/freebsd-head/
C | 245 lines | 171 code | 29 blank | 45 comment | 33 complexity | c7befe3aa77fb8a2f983841d17f77490 MD5 | raw file
  1/*
  2 * Copyright (c) 1997 - 2003 Kungliga Tekniska Hรถgskolan
  3 * (Royal Institute of Technology, Stockholm, Sweden).
  4 * All rights reserved.
  5 *
  6 * Redistribution and use in source and binary forms, with or without
  7 * modification, are permitted provided that the following conditions
  8 * are met:
  9 *
 10 * 1. Redistributions of source code must retain the above copyright
 11 *    notice, this list of conditions and the following disclaimer.
 12 *
 13 * 2. Redistributions in binary form must reproduce the above copyright
 14 *    notice, this list of conditions and the following disclaimer in the
 15 *    documentation and/or other materials provided with the distribution.
 16 *
 17 * 3. Neither the name of the Institute nor the names of its contributors
 18 *    may be used to endorse or promote products derived from this software
 19 *    without specific prior written permission.
 20 *
 21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
 22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 24 * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 31 * SUCH DAMAGE.
 32 */
 33
 34#include "gsskrb5_locl.h"
 35
 36krb5_error_code
 37_gsskrb5_encode_om_uint32(OM_uint32 n, u_char *p)
 38{
 39  p[0] = (n >> 0)  & 0xFF;
 40  p[1] = (n >> 8)  & 0xFF;
 41  p[2] = (n >> 16) & 0xFF;
 42  p[3] = (n >> 24) & 0xFF;
 43  return 0;
 44}
 45
 46krb5_error_code
 47_gsskrb5_encode_be_om_uint32(OM_uint32 n, u_char *p)
 48{
 49  p[0] = (n >> 24) & 0xFF;
 50  p[1] = (n >> 16) & 0xFF;
 51  p[2] = (n >> 8)  & 0xFF;
 52  p[3] = (n >> 0)  & 0xFF;
 53  return 0;
 54}
 55
 56krb5_error_code
 57_gsskrb5_decode_om_uint32(const void *ptr, OM_uint32 *n)
 58{
 59    const u_char *p = ptr;
 60    *n = (p[0] << 0) | (p[1] << 8) | (p[2] << 16) | (p[3] << 24);
 61    return 0;
 62}
 63
 64krb5_error_code
 65_gsskrb5_decode_be_om_uint32(const void *ptr, OM_uint32 *n)
 66{
 67    const u_char *p = ptr;
 68    *n = (p[0] <<24) | (p[1] << 16) | (p[2] << 8) | (p[3] << 0);
 69    return 0;
 70}
 71
 72static krb5_error_code
 73hash_input_chan_bindings (const gss_channel_bindings_t b,
 74			  u_char *p)
 75{
 76  u_char num[4];
 77  EVP_MD_CTX *ctx;
 78
 79  ctx = EVP_MD_CTX_create();
 80  EVP_DigestInit_ex(ctx, EVP_md5(), NULL);
 81
 82  _gsskrb5_encode_om_uint32 (b->initiator_addrtype, num);
 83  EVP_DigestUpdate(ctx, num, sizeof(num));
 84  _gsskrb5_encode_om_uint32 (b->initiator_address.length, num);
 85  EVP_DigestUpdate(ctx, num, sizeof(num));
 86  if (b->initiator_address.length)
 87      EVP_DigestUpdate(ctx,
 88		       b->initiator_address.value,
 89		       b->initiator_address.length);
 90  _gsskrb5_encode_om_uint32 (b->acceptor_addrtype, num);
 91  EVP_DigestUpdate(ctx, num, sizeof(num));
 92  _gsskrb5_encode_om_uint32 (b->acceptor_address.length, num);
 93  EVP_DigestUpdate(ctx, num, sizeof(num));
 94  if (b->acceptor_address.length)
 95      EVP_DigestUpdate(ctx,
 96		       b->acceptor_address.value,
 97		       b->acceptor_address.length);
 98  _gsskrb5_encode_om_uint32 (b->application_data.length, num);
 99  EVP_DigestUpdate(ctx, num, sizeof(num));
100  if (b->application_data.length)
101      EVP_DigestUpdate(ctx,
102		       b->application_data.value,
103		       b->application_data.length);
104  EVP_DigestFinal_ex(ctx, p, NULL);
105  EVP_MD_CTX_destroy(ctx);
106
107  return 0;
108}
109
110/*
111 * create a checksum over the chanel bindings in
112 * `input_chan_bindings', `flags' and `fwd_data' and return it in
113 * `result'
114 */
115
116OM_uint32
117_gsskrb5_create_8003_checksum (
118		      OM_uint32 *minor_status,
119		      const gss_channel_bindings_t input_chan_bindings,
120		      OM_uint32 flags,
121		      const krb5_data *fwd_data,
122		      Checksum *result)
123{
124    u_char *p;
125
126    /*
127     * see rfc1964 (section 1.1.1 (Initial Token), and the checksum value
128     * field's format) */
129    result->cksumtype = CKSUMTYPE_GSSAPI;
130    if (fwd_data->length > 0 && (flags & GSS_C_DELEG_FLAG))
131	result->checksum.length = 24 + 4 + fwd_data->length;
132    else
133	result->checksum.length = 24;
134    result->checksum.data   = malloc (result->checksum.length);
135    if (result->checksum.data == NULL) {
136	*minor_status = ENOMEM;
137	return GSS_S_FAILURE;
138    }
139
140    p = result->checksum.data;
141    _gsskrb5_encode_om_uint32 (16, p);
142    p += 4;
143    if (input_chan_bindings == GSS_C_NO_CHANNEL_BINDINGS) {
144	memset (p, 0, 16);
145    } else {
146	hash_input_chan_bindings (input_chan_bindings, p);
147    }
148    p += 16;
149    _gsskrb5_encode_om_uint32 (flags, p);
150    p += 4;
151
152    if (fwd_data->length > 0 && (flags & GSS_C_DELEG_FLAG)) {
153
154	*p++ = (1 >> 0) & 0xFF;                   /* DlgOpt */ /* == 1 */
155	*p++ = (1 >> 8) & 0xFF;                   /* DlgOpt */ /* == 0 */
156	*p++ = (fwd_data->length >> 0) & 0xFF;    /* Dlgth  */
157	*p++ = (fwd_data->length >> 8) & 0xFF;    /* Dlgth  */
158	memcpy(p, (unsigned char *) fwd_data->data, fwd_data->length);
159
160	p += fwd_data->length;
161    }
162
163    return GSS_S_COMPLETE;
164}
165
166/*
167 * verify the checksum in `cksum' over `input_chan_bindings'
168 * returning  `flags' and `fwd_data'
169 */
170
171OM_uint32
172_gsskrb5_verify_8003_checksum(
173		      OM_uint32 *minor_status,
174		      const gss_channel_bindings_t input_chan_bindings,
175		      const Checksum *cksum,
176		      OM_uint32 *flags,
177		      krb5_data *fwd_data)
178{
179    unsigned char hash[16];
180    unsigned char *p;
181    OM_uint32 length;
182    int DlgOpt;
183    static unsigned char zeros[16];
184
185    /* XXX should handle checksums > 24 bytes */
186    if(cksum->cksumtype != CKSUMTYPE_GSSAPI || cksum->checksum.length < 24) {
187	*minor_status = 0;
188	return GSS_S_BAD_BINDINGS;
189    }
190
191    p = cksum->checksum.data;
192    _gsskrb5_decode_om_uint32(p, &length);
193    if(length != sizeof(hash)) {
194	*minor_status = 0;
195	return GSS_S_BAD_BINDINGS;
196    }
197
198    p += 4;
199
200    if (input_chan_bindings != GSS_C_NO_CHANNEL_BINDINGS
201	&& memcmp(p, zeros, sizeof(zeros)) != 0) {
202	if(hash_input_chan_bindings(input_chan_bindings, hash) != 0) {
203	    *minor_status = 0;
204	    return GSS_S_BAD_BINDINGS;
205	}
206	if(ct_memcmp(hash, p, sizeof(hash)) != 0) {
207	    *minor_status = 0;
208	    return GSS_S_BAD_BINDINGS;
209	}
210    }
211
212    p += sizeof(hash);
213
214    _gsskrb5_decode_om_uint32(p, flags);
215    p += 4;
216
217    if (cksum->checksum.length > 24 && (*flags & GSS_C_DELEG_FLAG)) {
218	if(cksum->checksum.length < 28) {
219	    *minor_status = 0;
220	    return GSS_S_BAD_BINDINGS;
221	}
222
223	DlgOpt = (p[0] << 0) | (p[1] << 8);
224	p += 2;
225	if (DlgOpt != 1) {
226	    *minor_status = 0;
227	    return GSS_S_BAD_BINDINGS;
228	}
229
230	fwd_data->length = (p[0] << 0) | (p[1] << 8);
231	p += 2;
232	if(cksum->checksum.length < 28 + fwd_data->length) {
233	    *minor_status = 0;
234	    return GSS_S_BAD_BINDINGS;
235	}
236	fwd_data->data = malloc(fwd_data->length);
237	if (fwd_data->data == NULL) {
238	    *minor_status = ENOMEM;
239	    return GSS_S_FAILURE;
240	}
241	memcpy(fwd_data->data, p, fwd_data->length);
242    }
243
244    return GSS_S_COMPLETE;
245}