root/source4/heimdal/lib/gssapi/krb5/8003.c

/* [<][>][^][v][top][bottom][index][help] */

DEFINITIONS

This source file includes following definitions.
  1. _gsskrb5_encode_om_uint32
  2. _gsskrb5_encode_be_om_uint32
  3. _gsskrb5_decode_om_uint32
  4. _gsskrb5_decode_be_om_uint32
  5. hash_input_chan_bindings
  6. _gsskrb5_create_8003_checksum
  7. _gsskrb5_verify_8003_checksum

   1 /*
   2  * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan
   3  * (Royal Institute of Technology, Stockholm, Sweden).
   4  * All rights reserved.
   5  *
   6  * Redistribution and use in source and binary forms, with or without
   7  * modification, are permitted provided that the following conditions
   8  * are met:
   9  *
  10  * 1. Redistributions of source code must retain the above copyright
  11  *    notice, this list of conditions and the following disclaimer.
  12  *
  13  * 2. Redistributions in binary form must reproduce the above copyright
  14  *    notice, this list of conditions and the following disclaimer in the
  15  *    documentation and/or other materials provided with the distribution.
  16  *
  17  * 3. Neither the name of the Institute nor the names of its contributors
  18  *    may be used to endorse or promote products derived from this software
  19  *    without specific prior written permission.
  20  *
  21  * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
  22  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  23  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  24  * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
  25  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  26  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  27  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  28  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  29  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  30  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  31  * SUCH DAMAGE.
  32  */
  33 
  34 #include "krb5/gsskrb5_locl.h"
  35 
  36 RCSID("$Id$");
  37 
  38 krb5_error_code
  39 _gsskrb5_encode_om_uint32(OM_uint32 n, u_char *p)
     /* [<][>][^][v][top][bottom][index][help] */
  40 {
  41   p[0] = (n >> 0)  & 0xFF;
  42   p[1] = (n >> 8)  & 0xFF;
  43   p[2] = (n >> 16) & 0xFF;
  44   p[3] = (n >> 24) & 0xFF;
  45   return 0;
  46 }
  47 
  48 krb5_error_code
  49 _gsskrb5_encode_be_om_uint32(OM_uint32 n, u_char *p)
     /* [<][>][^][v][top][bottom][index][help] */
  50 {
  51   p[0] = (n >> 24) & 0xFF;
  52   p[1] = (n >> 16) & 0xFF;
  53   p[2] = (n >> 8)  & 0xFF;
  54   p[3] = (n >> 0)  & 0xFF;
  55   return 0;
  56 }
  57 
  58 krb5_error_code
  59 _gsskrb5_decode_om_uint32(const void *ptr, OM_uint32 *n)
     /* [<][>][^][v][top][bottom][index][help] */
  60 {
  61     const u_char *p = ptr;
  62     *n = (p[0] << 0) | (p[1] << 8) | (p[2] << 16) | (p[3] << 24);
  63     return 0;
  64 }
  65 
  66 krb5_error_code
  67 _gsskrb5_decode_be_om_uint32(const void *ptr, OM_uint32 *n)
     /* [<][>][^][v][top][bottom][index][help] */
  68 {
  69     const u_char *p = ptr;
  70     *n = (p[0] <<24) | (p[1] << 16) | (p[2] << 8) | (p[3] << 0);
  71     return 0;
  72 }
  73 
  74 static krb5_error_code
  75 hash_input_chan_bindings (const gss_channel_bindings_t b,
     /* [<][>][^][v][top][bottom][index][help] */
  76                           u_char *p)
  77 {
  78   u_char num[4];
  79   MD5_CTX md5;
  80 
  81   MD5_Init(&md5);
  82   _gsskrb5_encode_om_uint32 (b->initiator_addrtype, num);
  83   MD5_Update (&md5, num, sizeof(num));
  84   _gsskrb5_encode_om_uint32 (b->initiator_address.length, num);
  85   MD5_Update (&md5, num, sizeof(num));
  86   if (b->initiator_address.length)
  87     MD5_Update (&md5,
  88                 b->initiator_address.value,
  89                 b->initiator_address.length);
  90   _gsskrb5_encode_om_uint32 (b->acceptor_addrtype, num);
  91   MD5_Update (&md5, num, sizeof(num));
  92   _gsskrb5_encode_om_uint32 (b->acceptor_address.length, num);
  93   MD5_Update (&md5, num, sizeof(num));
  94   if (b->acceptor_address.length)
  95     MD5_Update (&md5,
  96                 b->acceptor_address.value,
  97                 b->acceptor_address.length);
  98   _gsskrb5_encode_om_uint32 (b->application_data.length, num);
  99   MD5_Update (&md5, num, sizeof(num));
 100   if (b->application_data.length)
 101     MD5_Update (&md5,
 102                 b->application_data.value,
 103                 b->application_data.length);
 104   MD5_Final (p, &md5);
 105   return 0;
 106 }
 107 
 108 /*
 109  * create a checksum over the chanel bindings in
 110  * `input_chan_bindings', `flags' and `fwd_data' and return it in
 111  * `result'
 112  */
 113 
 114 OM_uint32
 115 _gsskrb5_create_8003_checksum (
     /* [<][>][^][v][top][bottom][index][help] */
 116                       OM_uint32 *minor_status,
 117                       const gss_channel_bindings_t input_chan_bindings,
 118                       OM_uint32 flags,
 119                       const krb5_data *fwd_data,
 120                       Checksum *result)
 121 {
 122     u_char *p;
 123 
 124     /*
 125      * see rfc1964 (section 1.1.1 (Initial Token), and the checksum value
 126      * field's format) */
 127     result->cksumtype = CKSUMTYPE_GSSAPI;
 128     if (fwd_data->length > 0 && (flags & GSS_C_DELEG_FLAG))
 129         result->checksum.length = 24 + 4 + fwd_data->length;
 130     else
 131         result->checksum.length = 24;
 132     result->checksum.data   = malloc (result->checksum.length);
 133     if (result->checksum.data == NULL) {
 134         *minor_status = ENOMEM;
 135         return GSS_S_FAILURE;
 136     }
 137 
 138     p = result->checksum.data;
 139     _gsskrb5_encode_om_uint32 (16, p);
 140     p += 4;
 141     if (input_chan_bindings == GSS_C_NO_CHANNEL_BINDINGS) {
 142         memset (p, 0, 16);
 143     } else {
 144         hash_input_chan_bindings (input_chan_bindings, p);
 145     }
 146     p += 16;
 147     _gsskrb5_encode_om_uint32 (flags, p);
 148     p += 4;
 149 
 150     if (fwd_data->length > 0 && (flags & GSS_C_DELEG_FLAG)) {
 151 
 152         *p++ = (1 >> 0) & 0xFF;                   /* DlgOpt */ /* == 1 */
 153         *p++ = (1 >> 8) & 0xFF;                   /* DlgOpt */ /* == 0 */
 154         *p++ = (fwd_data->length >> 0) & 0xFF;    /* Dlgth  */
 155         *p++ = (fwd_data->length >> 8) & 0xFF;    /* Dlgth  */
 156         memcpy(p, (unsigned char *) fwd_data->data, fwd_data->length);
 157 
 158         p += fwd_data->length;
 159     }
 160 
 161     return GSS_S_COMPLETE;
 162 }
 163 
 164 /*
 165  * verify the checksum in `cksum' over `input_chan_bindings'
 166  * returning  `flags' and `fwd_data'
 167  */
 168 
 169 OM_uint32
 170 _gsskrb5_verify_8003_checksum(
     /* [<][>][^][v][top][bottom][index][help] */
 171                       OM_uint32 *minor_status,
 172                       const gss_channel_bindings_t input_chan_bindings,
 173                       const Checksum *cksum,
 174                       OM_uint32 *flags,
 175                       krb5_data *fwd_data)
 176 {
 177     unsigned char hash[16];
 178     unsigned char *p;
 179     OM_uint32 length;
 180     int DlgOpt;
 181     static unsigned char zeros[16];
 182 
 183     if (cksum == NULL) {
 184         *minor_status = 0;
 185         return GSS_S_BAD_BINDINGS;
 186     }
 187 
 188     /* XXX should handle checksums > 24 bytes */
 189     if(cksum->cksumtype != CKSUMTYPE_GSSAPI || cksum->checksum.length < 24) {
 190         *minor_status = 0;
 191         return GSS_S_BAD_BINDINGS;
 192     }
 193 
 194     p = cksum->checksum.data;
 195     _gsskrb5_decode_om_uint32(p, &length);
 196     if(length != sizeof(hash)) {
 197         *minor_status = 0;
 198         return GSS_S_BAD_BINDINGS;
 199     }
 200 
 201     p += 4;
 202 
 203     if (input_chan_bindings != GSS_C_NO_CHANNEL_BINDINGS
 204         && memcmp(p, zeros, sizeof(zeros)) != 0) {
 205         if(hash_input_chan_bindings(input_chan_bindings, hash) != 0) {
 206             *minor_status = 0;
 207             return GSS_S_BAD_BINDINGS;
 208         }
 209         if(memcmp(hash, p, sizeof(hash)) != 0) {
 210             *minor_status = 0;
 211             return GSS_S_BAD_BINDINGS;
 212         }
 213     }
 214 
 215     p += sizeof(hash);
 216 
 217     _gsskrb5_decode_om_uint32(p, flags);
 218     p += 4;
 219 
 220     if (cksum->checksum.length > 24 && (*flags & GSS_C_DELEG_FLAG)) {
 221         if(cksum->checksum.length < 28) {
 222             *minor_status = 0;
 223             return GSS_S_BAD_BINDINGS;
 224         }
 225 
 226         DlgOpt = (p[0] << 0) | (p[1] << 8);
 227         p += 2;
 228         if (DlgOpt != 1) {
 229             *minor_status = 0;
 230             return GSS_S_BAD_BINDINGS;
 231         }
 232 
 233         fwd_data->length = (p[0] << 0) | (p[1] << 8);
 234         p += 2;
 235         if(cksum->checksum.length < 28 + fwd_data->length) {
 236             *minor_status = 0;
 237             return GSS_S_BAD_BINDINGS;
 238         }
 239         fwd_data->data = malloc(fwd_data->length);
 240         if (fwd_data->data == NULL) {
 241             *minor_status = ENOMEM;
 242             return GSS_S_FAILURE;
 243         }
 244         memcpy(fwd_data->data, p, fwd_data->length);
 245     }
 246 
 247     return GSS_S_COMPLETE;
 248 }

/* [<][>][^][v][top][bottom][index][help] */