src/sip-sec.c

   1 /**
   2  * @file sip-sec.c
   3  *
   4  * pidgin-sipe
   5  *
   6  * Copyright (C) 2009 pier11 <pier11@kinozal.tv>
   7  *
   8  *
   9  * This program is free software; you can redistribute it and/or modify
  10  * it under the terms of the GNU General Public License as published by
  11  * the Free Software Foundation; either version 2 of the License, or
  12  * (at your option) any later version.
  13  *
  14  * This program is distributed in the hope that it will be useful,
  15  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  16  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  17  * GNU General Public License for more details.
  18  *
  19  * You should have received a copy of the GNU General Public License
  20  * along with this program; if not, write to the Free Software
  21  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
  22  */
  23
  24 #include <glib.h>
  25 #include <stdlib.h>
  26 #include <string.h>
  27 #include <stdio.h>
  28 #include "debug.h"
  29 #include "sip-sec.h"
  30 //#include "sip-sec-mech.h"
  31
  32 #ifndef _WIN32
  33 #include "sip-sec-ntlm.h"
  34 #define sip_sec_acquire_cred__NTLM      sip_sec_acquire_cred__ntlm
  35 //#include "sip-sec-krb5.h"
  36 #define sip_sec_acquire_cred__Kerberos  NULL
  37
  38 #else //_WIN32
  39 #if 0 //with SSPI
  40 #include "sip-sec-sspi.h"
  41 #define sip_sec_acquire_cred__NTLM      sip_sec_acquire_cred__sspi
  42 #define sip_sec_acquire_cred__Kerberos  sip_sec_acquire_cred__sspi
  43
  44 #else //with SSPI
  45 #include "sip-sec-ntlm.h"
  46 #define sip_sec_acquire_cred__NTLM      sip_sec_acquire_cred__ntlm
  47 #define sip_sec_acquire_cred__Kerberos  NULL
  48 #endif //with SSPI
  49
  50 #endif //_WIN32
  51
  52
  53 gchar *purple_base64_encode(const guchar *data, gsize len);
  54 guchar *purple_base64_decode(const char *str, gsize *ret_len);
  55
  56 /* sip_sec API method */
  57 char * sip_sec_init_context(SipSecContext *context, const char *mech,
  58                             const char *domain, const char *username, const char *password,
  59                             const char *target,
  60                             const char *input_toked_base64)
  61 {
  62         SipSecCred cred_handle_p;
  63         sip_uint32 ret2;
  64
  65         sip_sec_acquire_cred_func acquire_cred_func = !strncmp("Kerberos", mech, strlen(mech)) ?
  66                                                 sip_sec_acquire_cred__Kerberos : sip_sec_acquire_cred__NTLM;
  67
  68         ret2 = (*acquire_cred_func)(&cred_handle_p, context, domain, username, password);
  69
  70         char *service_name;
  71         sip_uint32 ret3, ret4;
  72
  73         SipSecBuffer in_buff;
  74         in_buff.length = 0;
  75         in_buff.value = NULL;
  76
  77         SipSecBuffer out_buff;
  78         gchar *out_buff_base64;
  79
  80         ret3 = (*((struct sip_sec_context_struct *) *context)->init_context_func)(cred_handle_p, *context,
  81                                                                                   in_buff,
  82                                                                                   &out_buff,
  83                                                                                   target);
  84         out_buff_base64 = purple_base64_encode(out_buff.value, out_buff.length);
  85         //Type1 (empty) to send
  86
  87         if (ret3 == SIP_SEC_I_CONTINUE_NEEDED) {
  88                 SipSecBuffer in_buff;
  89                 SipSecBuffer out_buff;
  90
  91                 //answer (Type2)
  92                 in_buff.value = purple_base64_decode(input_toked_base64, &(in_buff.length));
  93
  94                 ret4 = (*((struct sip_sec_context_struct *) *context)->init_context_func)(cred_handle_p, *context,
  95                                                                                           in_buff,
  96                                                                                           &out_buff,
  97                                                                                           target);
  98
  99                 // Type 3 to send
 100                 g_free(out_buff_base64);
 101                 out_buff_base64 = purple_base64_encode(out_buff.value, out_buff.length);
 102         }
 103
 104         return out_buff_base64;
 105 }
 106
 107 void
 108 sip_sec_destroy_context(SipSecContext context)
 109 {
 110         if (context) (*((struct sip_sec_context_struct *) context)->destroy_context_func)(context);
 111 }
 112
 113 char * sip_sec_make_signature(SipSecContext context, const char *message)
 114 {
 115         SipSecBuffer signature;
 116
 117         if(((*((struct sip_sec_context_struct *) context)->make_signature_func)(context,        message, &signature)) != SIP_SEC_E_OK) {
 118                 purple_debug_info("sipe", "ERROR: sip_sec_make_signature failed. Unable to sign message!\n");
 119                 return NULL;
 120         }
 121         char *signature_hex = bytes_to_hex_str(&signature);
 122         free_bytes_buffer(&signature);
 123         return signature_hex;
 124 }
 125
 126 int sip_sec_verify_signature(SipSecContext context, const char* message, const char* signature_hex)
 127 {
 128         SipSecBuffer signature;
 129
 130         sip_uint32 res = SIP_SEC_E_INTERNAL_ERROR;
 131
 132         hex_str_to_bytes(signature_hex, &signature);
 133         res = (*((struct sip_sec_context_struct *) context)->verify_signature_func)(context, message, signature);
 134         free_bytes_buffer(&signature);
 135         return res;
 136 }
 137
 138
 139 // Utility Methods //
 140
 141 void hex_str_to_bytes(const char *hex_str, SipSecBuffer *bytes)
 142 {
 143         guint8 *buff;
 144         char two_digits[3];
 145         int i;
 146
 147         bytes->length = strlen(hex_str)/2;
 148         bytes->value = g_malloc(bytes->length);
 149
 150         buff = (guint8 *)bytes->value;
 151         for (i = 0; i < bytes->length; i++) {
 152                 two_digits[0] = hex_str[i * 2];
 153                 two_digits[1] = hex_str[i * 2 + 1];
 154                 two_digits[2] = '\0';
 155                 guint8 tmp = (guint8)strtoul(two_digits, NULL, 16);
 156                 buff[i] = tmp;
 157         }
 158 }
 159
 160 void free_bytes_buffer(SipSecBuffer *bytes)
 161 {
 162         g_free(bytes->value);
 163 }
 164
 165 char *bytes_to_hex_str(SipSecBuffer *bytes)
 166 {
 167         guint8 *buff = (guint8 *)bytes->value;
 168         char *res    = g_malloc(bytes->length * 2 + 1);
 169         int i, j;
 170         for (i = 0, j = 0; i < bytes->length; i++, j+=2) {
 171                 sprintf(&res[j], "%02X", buff[i]);
 172         }
 173         res[j] = '\0';
 174         return res;
 175 }