2 * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
17 * 3. Neither the name of the Institute nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
34 #include "gssapi_locl.h"
39 gss_krb5_get_localkey(const gss_ctx_id_t context_handle
,
44 krb5_auth_con_getlocalsubkey(gssapi_krb5_context
,
45 context_handle
->auth_context
,
48 krb5_auth_con_getremotesubkey(gssapi_krb5_context
,
49 context_handle
->auth_context
,
52 krb5_auth_con_getkey(gssapi_krb5_context
,
53 context_handle
->auth_context
,
63 OM_uint32 req_output_size
,
64 OM_uint32
* max_input_size
,
69 size_t len
, total_len
, padlength
;
70 padlength
= blocksize
- (req_output_size
% blocksize
);
71 len
= req_output_size
+ 8 + padlength
+ extrasize
;
72 gssapi_krb5_encap_length(len
, &len
, &total_len
);
73 *max_input_size
= (OM_uint32
)total_len
;
74 return GSS_S_COMPLETE
;
79 OM_uint32
* minor_status
,
80 const gss_ctx_id_t context_handle
,
83 OM_uint32 req_output_size
,
84 OM_uint32
* max_input_size
91 ret
= gss_krb5_get_localkey(context_handle
, &key
);
93 gssapi_krb5_set_error_string ();
97 krb5_enctype_to_keytype (gssapi_krb5_context
, key
->keytype
, &keytype
);
101 ret
= sub_wrap_size(req_output_size
, max_input_size
, 8, 22);
104 ret
= sub_wrap_size(req_output_size
, max_input_size
, 8, 34);
107 *minor_status
= KRB5_PROG_ETYPE_NOSUPP
;
111 krb5_free_keyblock (gssapi_krb5_context
, key
);
117 (OM_uint32
* minor_status
,
118 const gss_ctx_id_t context_handle
,
121 const gss_buffer_t input_message_buffer
,
123 gss_buffer_t output_message_buffer
,
130 des_key_schedule schedule
;
135 size_t len
, total_len
, padlength
, datalen
;
137 padlength
= 8 - (input_message_buffer
->length
% 8);
138 datalen
= input_message_buffer
->length
+ padlength
+ 8;
140 gssapi_krb5_encap_length (len
, &len
, &total_len
);
142 output_message_buffer
->length
= total_len
;
143 output_message_buffer
->value
= malloc (total_len
);
144 if (output_message_buffer
->value
== NULL
)
145 return GSS_S_FAILURE
;
147 p
= gssapi_krb5_make_header(output_message_buffer
->value
,
149 "\x02\x01"); /* TOK_ID */
152 memcpy (p
, "\x00\x00", 2);
156 memcpy (p
, "\x00\x00", 2);
158 memcpy (p
, "\xff\xff", 2);
161 memcpy (p
, "\xff\xff", 2);
168 /* confounder + data + pad */
169 krb5_generate_random_block(p
, 8);
170 memcpy (p
+ 8, input_message_buffer
->value
,
171 input_message_buffer
->length
);
172 memset (p
+ 8 + input_message_buffer
->length
, padlength
, padlength
);
176 MD5_Update (&md5
, p
- 24, 8);
177 MD5_Update (&md5
, p
, datalen
);
178 MD5_Final (hash
, &md5
);
180 memset (&zero
, 0, sizeof(zero
));
181 memcpy (&deskey
, key
->keyvalue
.data
, sizeof(deskey
));
182 des_set_key (&deskey
, schedule
);
183 des_cbc_cksum ((void *)hash
, (void *)hash
, sizeof(hash
),
185 memcpy (p
- 8, hash
, 8);
187 /* sequence number */
188 krb5_auth_con_getlocalseqnumber (gssapi_krb5_context
,
189 context_handle
->auth_context
,
193 p
[0] = (seq_number
>> 0) & 0xFF;
194 p
[1] = (seq_number
>> 8) & 0xFF;
195 p
[2] = (seq_number
>> 16) & 0xFF;
196 p
[3] = (seq_number
>> 24) & 0xFF;
198 (context_handle
->more_flags
& LOCAL
) ? 0 : 0xFF,
201 des_set_key (&deskey
, schedule
);
202 des_cbc_encrypt ((void *)p
, (void *)p
, 8,
203 schedule
, (des_cblock
*)(p
+ 8), DES_ENCRYPT
);
205 krb5_auth_con_setlocalseqnumber (gssapi_krb5_context
,
206 context_handle
->auth_context
,
209 /* encrypt the data */
213 memcpy (&deskey
, key
->keyvalue
.data
, sizeof(deskey
));
215 for (i
= 0; i
< sizeof(deskey
); ++i
)
217 des_set_key (&deskey
, schedule
);
218 memset (&zero
, 0, sizeof(zero
));
219 des_cbc_encrypt ((void *)p
,
226 memset (deskey
, 0, sizeof(deskey
));
227 memset (schedule
, 0, sizeof(schedule
));
229 if(conf_state
!= NULL
)
230 *conf_state
= conf_req_flag
;
231 return GSS_S_COMPLETE
;
236 (OM_uint32
* minor_status
,
237 const gss_ctx_id_t context_handle
,
240 const gss_buffer_t input_message_buffer
,
242 gss_buffer_t output_message_buffer
,
249 size_t len
, total_len
, padlength
, datalen
;
255 padlength
= 8 - (input_message_buffer
->length
% 8);
256 datalen
= input_message_buffer
->length
+ padlength
+ 8;
258 gssapi_krb5_encap_length (len
, &len
, &total_len
);
260 output_message_buffer
->length
= total_len
;
261 output_message_buffer
->value
= malloc (total_len
);
262 if (output_message_buffer
->value
== NULL
)
263 return GSS_S_FAILURE
;
265 p
= gssapi_krb5_make_header(output_message_buffer
->value
,
267 "\x02\x01"); /* TOK_ID */
270 memcpy (p
, "\x04\x00", 2); /* HMAC SHA1 DES3-KD */
274 memcpy (p
, "\x02\x00", 2); /* DES3-KD */
276 memcpy (p
, "\xff\xff", 2);
279 memcpy (p
, "\xff\xff", 2);
282 /* calculate checksum (the above + confounder + data + pad) */
284 memcpy (p
+ 20, p
- 8, 8);
285 krb5_generate_random_block(p
+ 28, 8);
286 memcpy (p
+ 28 + 8, input_message_buffer
->value
,
287 input_message_buffer
->length
);
288 memset (p
+ 28 + 8 + input_message_buffer
->length
, padlength
, padlength
);
290 ret
= krb5_crypto_init(gssapi_krb5_context
, key
, 0, &crypto
);
292 gssapi_krb5_set_error_string ();
293 free (output_message_buffer
->value
);
295 return GSS_S_FAILURE
;
298 ret
= krb5_create_checksum (gssapi_krb5_context
,
305 krb5_crypto_destroy (gssapi_krb5_context
, crypto
);
307 gssapi_krb5_set_error_string ();
308 free (output_message_buffer
->value
);
310 return GSS_S_FAILURE
;
313 /* zero out SND_SEQ + SGN_CKSUM in case */
316 memcpy (p
+ 8, cksum
.checksum
.data
, cksum
.checksum
.length
);
317 free_Checksum (&cksum
);
319 /* sequence number */
320 krb5_auth_con_getlocalseqnumber (gssapi_krb5_context
,
321 context_handle
->auth_context
,
324 seq
[0] = (seq_number
>> 0) & 0xFF;
325 seq
[1] = (seq_number
>> 8) & 0xFF;
326 seq
[2] = (seq_number
>> 16) & 0xFF;
327 seq
[3] = (seq_number
>> 24) & 0xFF;
329 (context_handle
->more_flags
& LOCAL
) ? 0 : 0xFF,
333 ret
= krb5_crypto_init(gssapi_krb5_context
, key
, ETYPE_DES3_CBC_NONE_IVEC
,
336 free (output_message_buffer
->value
);
338 return GSS_S_FAILURE
;
344 memcpy (&ivec
, p
+ 8, 8);
345 ret
= krb5_encrypt_ivec (gssapi_krb5_context
,
351 krb5_crypto_destroy (gssapi_krb5_context
, crypto
);
353 gssapi_krb5_set_error_string ();
354 free (output_message_buffer
->value
);
356 return GSS_S_FAILURE
;
359 assert (encdata
.length
== 8);
361 memcpy (p
, encdata
.data
, encdata
.length
);
362 krb5_data_free (&encdata
);
364 krb5_auth_con_setlocalseqnumber (gssapi_krb5_context
,
365 context_handle
->auth_context
,
368 /* encrypt the data */
374 ret
= krb5_crypto_init(gssapi_krb5_context
, key
,
375 ETYPE_DES3_CBC_NONE
, &crypto
);
377 gssapi_krb5_set_error_string ();
378 free (output_message_buffer
->value
);
380 return GSS_S_FAILURE
;
382 ret
= krb5_encrypt(gssapi_krb5_context
, crypto
, KRB5_KU_USAGE_SEAL
,
384 krb5_crypto_destroy(gssapi_krb5_context
, crypto
);
386 gssapi_krb5_set_error_string ();
387 free (output_message_buffer
->value
);
389 return GSS_S_FAILURE
;
391 assert (tmp
.length
== datalen
);
393 memcpy (p
, tmp
.data
, datalen
);
394 krb5_data_free(&tmp
);
396 if(conf_state
!= NULL
)
397 *conf_state
= conf_req_flag
;
398 return GSS_S_COMPLETE
;
402 (OM_uint32
* minor_status
,
403 const gss_ctx_id_t context_handle
,
406 const gss_buffer_t input_message_buffer
,
408 gss_buffer_t output_message_buffer
413 krb5_keytype keytype
;
415 ret
= gss_krb5_get_localkey(context_handle
, &key
);
417 gssapi_krb5_set_error_string ();
419 return GSS_S_FAILURE
;
421 krb5_enctype_to_keytype (gssapi_krb5_context
, key
->keytype
, &keytype
);
425 ret
= wrap_des (minor_status
, context_handle
, conf_req_flag
,
426 qop_req
, input_message_buffer
, conf_state
,
427 output_message_buffer
, key
);
430 ret
= wrap_des3 (minor_status
, context_handle
, conf_req_flag
,
431 qop_req
, input_message_buffer
, conf_state
,
432 output_message_buffer
, key
);
435 *minor_status
= KRB5_PROG_ETYPE_NOSUPP
;
439 krb5_free_keyblock (gssapi_krb5_context
, key
);