2 * Copyright (c) 1997, 1998 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
17 * 3. All advertising materials mentioning features or use of this software
18 * must display the following acknowledgement:
19 * This product includes software developed by Kungliga Tekniska
20 * Högskolan and its contributors.
22 * 4. Neither the name of the Institute nor the names of its contributors
23 * may be used to endorse or promote products derived from this software
24 * without specific prior written permission.
26 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
27 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
28 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
29 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
39 #include "gssapi_locl.h"
44 gss_krb5_getsomekey(const gss_ctx_id_t context_handle
,
47 /* XXX this is ugly, and probably incorrect... */
49 krb5_auth_con_getlocalsubkey(gssapi_krb5_context
,
50 context_handle
->auth_context
,
53 krb5_auth_con_getremotesubkey(gssapi_krb5_context
,
54 context_handle
->auth_context
,
57 krb5_auth_con_getkey(gssapi_krb5_context
,
58 context_handle
->auth_context
,
62 memcpy(key
, skey
->keyvalue
.data
, sizeof(*key
));
63 krb5_free_keyblock(gssapi_krb5_context
, skey
);
68 (OM_uint32
* minor_status
,
69 const gss_ctx_id_t context_handle
,
70 const gss_buffer_t input_message_buffer
,
71 gss_buffer_t output_message_buffer
,
79 u_char hash
[16], seq_data
[8];
80 des_key_schedule schedule
;
89 p
= input_message_buffer
->value
;
90 ret
= gssapi_krb5_verify_header (&p
,
91 input_message_buffer
->length
,
96 if (memcmp (p
, "\x00\x00", 2) != 0)
99 if (memcmp (p
, "\x00\x00", 2) == 0) {
101 } else if (memcmp (p
, "\xFF\xFF", 2) == 0) {
104 return GSS_S_BAD_MIC
;
106 if(conf_state
!= NULL
)
107 *conf_state
= cstate
;
108 if (memcmp (p
, "\xff\xff", 2) != 0)
109 return GSS_S_DEFECTIVE_TOKEN
;
113 len
= p
- (u_char
*)input_message_buffer
->value
;
117 gss_krb5_getsomekey(context_handle
, &key
);
118 for (i
= 0; i
< sizeof(key
); ++i
)
120 des_set_key (&key
, schedule
);
121 memset (&zero
, 0, sizeof(zero
));
122 des_cbc_encrypt ((des_cblock
*)p
,
124 input_message_buffer
->length
- len
,
129 memset (key
, 0, sizeof(key
));
130 memset (schedule
, 0, sizeof(schedule
));
134 pad
= (u_char
*)input_message_buffer
->value
+ input_message_buffer
->length
- 1;
137 for (i
= padlength
; i
> 0 && *pad
== padlength
; i
--, pad
--)
140 return GSS_S_BAD_MIC
;
143 md5_update (&md5
, p
- 24, 8);
144 md5_update (&md5
, p
, input_message_buffer
->length
- len
);
145 md5_finito (&md5
, hash
);
147 memset (&zero
, 0, sizeof(zero
));
148 gss_krb5_getsomekey(context_handle
, &key
);
149 des_set_key (&key
, schedule
);
150 des_cbc_cksum ((des_cblock
*)hash
,
151 (des_cblock
*)hash
, sizeof(hash
), schedule
, &zero
);
152 if (memcmp (p
- 8, hash
, 8) != 0)
153 return GSS_S_BAD_MIC
;
155 /* verify sequence number */
157 krb5_auth_getremoteseqnumber (gssapi_krb5_context
,
158 context_handle
->auth_context
,
160 seq_data
[0] = (seq_number
>> 0) & 0xFF;
161 seq_data
[1] = (seq_number
>> 8) & 0xFF;
162 seq_data
[2] = (seq_number
>> 16) & 0xFF;
163 seq_data
[3] = (seq_number
>> 24) & 0xFF;
164 memset (seq_data
+ 4,
165 (context_handle
->more_flags
& LOCAL
) ? 0xFF : 0,
169 des_set_key (&key
, schedule
);
170 des_cbc_encrypt ((des_cblock
*)p
, (des_cblock
*)p
, 8,
171 schedule
, (des_cblock
*)hash
, DES_DECRYPT
);
173 memset (key
, 0, sizeof(key
));
174 memset (schedule
, 0, sizeof(schedule
));
176 if (memcmp (p
, seq_data
, 8) != 0) {
177 return GSS_S_BAD_MIC
;
180 krb5_auth_setremoteseqnumber (gssapi_krb5_context
,
181 context_handle
->auth_context
,
186 output_message_buffer
->length
= input_message_buffer
->length
187 - len
- 8 - padlength
;
188 output_message_buffer
->value
= malloc(output_message_buffer
->length
);
189 if(output_message_buffer
->length
!= 0 && output_message_buffer
->value
== NULL
)
190 return GSS_S_FAILURE
;
191 memcpy (output_message_buffer
->value
,
193 output_message_buffer
->length
);
194 return GSS_S_COMPLETE
;