lib/gssapi/krb5/verify_mic.c

   1 /*
   2  * Copyright (c) 1997 Kungliga Tekniska Högskolan
   3  * (Royal Institute of Technology, Stockholm, Sweden).
   4  * All rights reserved.
   5  *
   6  * Redistribution and use in source and binary forms, with or without
   7  * modification, are permitted provided that the following conditions
   8  * are met:
   9  *
  10  * 1. Redistributions of source code must retain the above copyright
  11  *    notice, this list of conditions and the following disclaimer.
  12  *
  13  * 2. Redistributions in binary form must reproduce the above copyright
  14  *    notice, this list of conditions and the following disclaimer in the
  15  *    documentation and/or other materials provided with the distribution.
  16  *
  17  * 3. Neither the name of the Institute nor the names of its contributors
  18  *    may be used to endorse or promote products derived from this software
  19  *    without specific prior written permission.
  20  *
  21  * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
  22  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  23  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  24  * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
  25  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  26  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  27  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  28  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  29  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  30  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  31  * SUCH DAMAGE.
  32  */
  33
  34 #include "gssapi_locl.h"
  35
  36 RCSID("$Id$");
  37
  38 OM_uint32 gss_verify_mic
  39            (OM_uint32 * minor_status,
  40             const gss_ctx_id_t context_handle,
  41             const gss_buffer_t message_buffer,
  42             const gss_buffer_t token_buffer,
  43             gss_qop_t * qop_state
  44             )
  45 {
  46   u_char *p;
  47   struct md5 md5;
  48   u_char hash[16], seq_data[8];
  49   des_key_schedule schedule;
  50   des_cblock key;
  51   des_cblock zero;
  52   int32_t seq_number;
  53   OM_uint32 ret;
  54
  55   p = token_buffer->value;
  56   ret = gssapi_krb5_verify_header (&p,
  57                                    token_buffer->length,
  58                                    "\x01\x01");
  59   if (ret)
  60       return ret;
  61
  62   if (memcmp(p, "\x00\x00", 2) != 0)
  63       return GSS_S_BAD_SIG;
  64   p += 2;
  65   if (memcmp (p, "\xff\xff\xff\xff", 4) != 0)
  66     return GSS_S_BAD_MIC;
  67   p += 4;
  68   p += 16;
  69
  70   /* verify checksum */
  71   md5_init (&md5);
  72   md5_update (&md5, p - 24, 8);
  73   md5_update (&md5, message_buffer->value,
  74               message_buffer->length);
  75   md5_finito (&md5, hash);
  76
  77   memset (&zero, 0, sizeof(zero));
  78 #if 0
  79   memcpy (&key, context_handle->auth_context->key.keyvalue.data,
  80           sizeof(key));
  81 #endif
  82   memcpy (&key, context_handle->auth_context->remote_subkey->keyvalue.data,
  83           sizeof(key));
  84
  85   des_set_key (&key, schedule);
  86   des_cbc_cksum ((des_cblock *)hash,
  87                  (des_cblock *)hash, sizeof(hash), schedule, &zero);
  88   if (memcmp (p - 8, hash, 8) != 0) {
  89     memset (key, 0, sizeof(key));
  90     memset (schedule, 0, sizeof(schedule));
  91     return GSS_S_BAD_MIC;
  92   }
  93
  94   /* verify sequence number */
  95
  96   krb5_auth_getremoteseqnumber (gssapi_krb5_context,
  97                                 context_handle->auth_context,
  98                                 &seq_number);
  99   seq_data[0] = (seq_number >> 0)  & 0xFF;
 100   seq_data[1] = (seq_number >> 8)  & 0xFF;
 101   seq_data[2] = (seq_number >> 16) & 0xFF;
 102   seq_data[3] = (seq_number >> 24) & 0xFF;
 103   memset (seq_data + 4,
 104           (context_handle->more_flags & LOCAL) ? 0xFF : 0,
 105           4);
 106
 107   p -= 16;
 108   des_set_key (&key, schedule);
 109   des_cbc_encrypt ((des_cblock *)p, (des_cblock *)p, 8,
 110                    schedule, (des_cblock *)hash, DES_DECRYPT);
 111
 112   memset (key, 0, sizeof(key));
 113   memset (schedule, 0, sizeof(schedule));
 114
 115   if (memcmp (p, seq_data, 8) != 0) {
 116     return GSS_S_BAD_MIC;
 117   }
 118
 119   krb5_auth_setremoteseqnumber (gssapi_krb5_context,
 120                                 context_handle->auth_context,
 121                                 ++seq_number);
 122
 123   return GSS_S_COMPLETE;
 124 }