OM_uint32 gss_wrap (
OM_uint32 *minor_status,
gss_ctx_id_t context_handle,
int conf_req_flag,
gss_qop_t qop_req,
gss_buffer_t input_message_buffer,
int *conf_state,
gss_buffer_t output_message_buffer)
{
*minor_status = 0;
SecPkgContext_Sizes sizes={0};
BOOL b = QueryContextAttributes(&context_handle,SECPKG_ATTR_SIZES,&sizes);
char *buffer = (char*)malloc(sizes.cbSecurityTrailer+input_message_buffer->length+sizes.cbBlockSize);
SecBuffer InputBuffer[3] = { { sizes.cbSecurityTrailer,SECBUFFER_TOKEN,buffer },
{ input_message_buffer->length,SECBUFFER_DATA,buffer+sizes.cbSecurityTrailer },
{ sizes.cbBlockSize,SECBUFFER_PADDING,buffer+sizes.cbSecurityTrailer+input_message_buffer->length }
};
SecBufferDesc InputBufferDesc = {SECBUFFER_VERSION, 3, InputBuffer};
OM_uint32 ret;
memcpy(InputBuffer[1].pvBuffer,input_message_buffer->value,input_message_buffer->length);
ret = EncryptMessage(&context_handle, conf_req_flag? 0:KERB_WRAP_NO_ENCRYPT, &InputBufferDesc, 0);
output_message_buffer->value=buffer;
memmove(buffer+InputBuffer[0].cbBuffer,InputBuffer[1].pvBuffer,InputBuffer[1].cbBuffer);
memmove(buffer+InputBuffer[0].cbBuffer+InputBuffer[1].cbBuffer,InputBuffer[2].pvBuffer,InputBuffer[2].cbBuffer);
output_message_buffer->length=InputBuffer[0].cbBuffer+InputBuffer[1].cbBuffer+InputBuffer[2].cbBuffer;
return ret;
}
void main(int argc, char **argv)
{
HMODULE hModUser32;
HMODULE hModSecur32;
hModUser32 = LoadLibrary("USER32.DLL");
if (hModUser32 == NULL) exit(1);
hModSecur32 = LoadLibrary("SECUR32.DLL");
if (hModSecur32 == NULL) exit(1);
#if 1
printf("cMonitors(real)=%d\n", GetSystemMetrics(SM_CMONITORS));
Real_GetSystemMetrics = (LPGETSYSTEMMETRICS)NWHookCreate(GetProcAddress(hModUser32, "GetSystemMetrics"), Hook_GetSystemMetrics);
printf("cMonitors(hook)=%d\n", GetSystemMetrics(SM_CMONITORS));
NWHookDelete(Real_GetSystemMetrics);
#endif
Real_EncryptMessage = (ENCRYPT_MESSAGE_FN)NWHookCreate(GetProcAddress(hModSecur32, "EncryptMessage"), Hook_EncryptMessage);
EncryptMessage(NULL, 0, NULL, 0);
NWHookDelete(Real_EncryptMessage);
FreeLibrary(hModUser32);
FreeLibrary(hModSecur32);
exit(0);
}
AJ_Status AJ_DeliverMsg(AJ_Message* msg)
{
AJ_Status status = AJ_OK;
AJ_IOBuffer* ioBuf = &msg->bus->sock.tx;
/*
* If the header has already been marshaled (due to partial delivery) it will be NULL
*/
if (msg->hdr) {
/*
* Write the final body length to the header
*/
msg->hdr->bodyLen = msg->bodyBytes;
AJ_DumpMsg("SENDING", msg, TRUE);
if (msg->hdr->flags & AJ_FLAG_ENCRYPTED) {
status = EncryptMessage(msg);
}
} else {
/*
* Check that the entire body was written
*/
if (msg->bodyBytes) {
status = AJ_ERR_MARSHAL;
}
}
if (status == AJ_OK) {
//#pragma calls = AJ_Net_Send
status = ioBuf->send(ioBuf);
}
memset(msg, 0, sizeof(AJ_Message));
return status;
}
int sserver_write_data(const struct protocol_interface *protocol, const void *data, int length)
{
if(!length)
return 0;
BYTE *buffer = (BYTE*)malloc(length+secSizes.cbHeader+secSizes.cbTrailer);
memcpy(buffer+secSizes.cbHeader,data,length);
SecBuffer rgsb[] =
{
{ secSizes.cbHeader, SECBUFFER_STREAM_HEADER, buffer },
{length, SECBUFFER_DATA, buffer+secSizes.cbHeader},
{ secSizes.cbTrailer, SECBUFFER_STREAM_TRAILER, buffer+secSizes.cbHeader+length },
{ 0, SECBUFFER_EMPTY, NULL }
};
SecBufferDesc sbd = {SECBUFFER_VERSION, sizeof rgsb / sizeof *rgsb, rgsb};
int rc;
rc = EncryptMessage(&contextHandle,0,&sbd,0);
if(rc)
{
free(buffer);
return -1;
}
// In practice only the trailer length changes, otherwise this wouldn't work..
rc = tcp_write(buffer,rgsb[0].cbBuffer+rgsb[1].cbBuffer+rgsb[2].cbBuffer);
free(buffer);
return length;
}
static BOOL send_ssl_chunk(netconn_t *conn, const void *msg, size_t size)
{
SecBuffer bufs[4] = {
{conn->ssl_sizes.cbHeader, SECBUFFER_STREAM_HEADER, conn->ssl_buf},
{size, SECBUFFER_DATA, conn->ssl_buf+conn->ssl_sizes.cbHeader},
{conn->ssl_sizes.cbTrailer, SECBUFFER_STREAM_TRAILER, conn->ssl_buf+conn->ssl_sizes.cbHeader+size},
{0, SECBUFFER_EMPTY, NULL}
};
SecBufferDesc buf_desc = {SECBUFFER_VERSION, sizeof(bufs)/sizeof(*bufs), bufs};
SECURITY_STATUS res;
memcpy(bufs[1].pvBuffer, msg, size);
res = EncryptMessage(&conn->ssl_ctx, 0, &buf_desc, 0);
if(res != SEC_E_OK) {
WARN("EncryptMessage failed\n");
return FALSE;
}
if(sock_send(conn->socket, conn->ssl_buf, bufs[0].cbBuffer+bufs[1].cbBuffer+bufs[2].cbBuffer, 0) < 1) {
WARN("send failed\n");
return FALSE;
}
return TRUE;
}
static int tls_write(URLContext *h, const uint8_t *buf, int len)
{
TLSContext *c = h->priv_data;
TLSShared *s = &c->tls_shared;
SECURITY_STATUS sspi_ret;
int ret = 0, data_size;
uint8_t *data = NULL;
SecBuffer outbuf[4];
SecBufferDesc outbuf_desc;
if (c->sizes.cbMaximumMessage == 0) {
sspi_ret = QueryContextAttributes(&c->ctxt_handle, SECPKG_ATTR_STREAM_SIZES, &c->sizes);
if (sspi_ret != SEC_E_OK)
return AVERROR_UNKNOWN;
}
/* limit how much data we can consume */
len = FFMIN(len, c->sizes.cbMaximumMessage);
data_size = c->sizes.cbHeader + len + c->sizes.cbTrailer;
data = av_malloc(data_size);
if (data == NULL)
return AVERROR(ENOMEM);
init_sec_buffer(&outbuf[0], SECBUFFER_STREAM_HEADER,
data, c->sizes.cbHeader);
init_sec_buffer(&outbuf[1], SECBUFFER_DATA,
data + c->sizes.cbHeader, len);
init_sec_buffer(&outbuf[2], SECBUFFER_STREAM_TRAILER,
data + c->sizes.cbHeader + len,
c->sizes.cbTrailer);
init_sec_buffer(&outbuf[3], SECBUFFER_EMPTY, NULL, 0);
init_sec_buffer_desc(&outbuf_desc, outbuf, 4);
memcpy(outbuf[1].pvBuffer, buf, len);
sspi_ret = EncryptMessage(&c->ctxt_handle, 0, &outbuf_desc, 0);
if (sspi_ret == SEC_E_OK) {
len = outbuf[0].cbBuffer + outbuf[1].cbBuffer + outbuf[2].cbBuffer;
ret = ffurl_write(s->tcp, data, len);
if (ret < 0 || ret != len) {
ret = AVERROR(EIO);
av_log(h, AV_LOG_ERROR, "Writing encrypted data to socket failed\n");
goto done;
}
} else {
av_log(h, AV_LOG_ERROR, "Encrypting data failed\n");
if (sspi_ret == SEC_E_INSUFFICIENT_MEMORY)
ret = AVERROR(ENOMEM);
else
ret = AVERROR(EIO);
goto done;
}
done:
av_freep(&data);
return ret < 0 ? ret : outbuf[1].cbBuffer;
}
OM_uint32 gss_wrap (OM_uint32 *minor_status,gss_ctx_id_t context_handle,
int conf_req_flag,gss_qop_t qop_req,
gss_buffer_t input_message_buffer,int *conf_state,
gss_buffer_t output_message_buffer)
{
OM_uint32 major_status;
SecBuffer buf[3];
SecBufferDesc bufs;
SecPkgContext_Sizes sizes;
*minor_status = NIL; /* never any minor status */
*conf_state = conf_req_flag; /* same as requested */
if ((major_status = /* get trailer and padding sizes */
QueryContextAttributes (context_handle,SECPKG_ATTR_SIZES,&sizes)) ==
SEC_E_OK) {
/* create big enough output buffer */
output_message_buffer->value =
fs_get (sizes.cbSecurityTrailer + input_message_buffer->length +
sizes.cbBlockSize);
/* MSDN claims that for EncryptMessage() in Kerberos, you need an
* uninitialized SECBUFFER_STREAM_HEADER; a SECBUFFER_DATA that "contains
* the message to be encrypted. The message is encrypted in place,
* overwirting the original contents of its buffer"; an uninitialized
* SECBUFFER_STREAM_TRAILER, and an uninitialized SECBUFFER_EMPTY. I've
* never been able to get it to work that way.
*/
bufs.cBuffers = 3; /* set up buffer descriptor */
bufs.pBuffers = buf;
bufs.ulVersion = SECBUFFER_VERSION;
buf[0].BufferType = SECBUFFER_TOKEN;
buf[0].pvBuffer = output_message_buffer->value;
buf[0].cbBuffer = sizes.cbSecurityTrailer;
/* I/O buffer */
buf[1].BufferType = SECBUFFER_DATA;
buf[1].pvBuffer = ((char *) buf[0].pvBuffer) + buf[0].cbBuffer;
buf[1].cbBuffer = input_message_buffer->length;
memcpy (buf[1].pvBuffer,input_message_buffer->value,buf[1].cbBuffer);
buf[2].BufferType = SECBUFFER_PADDING;
buf[2].pvBuffer = ((char *) buf[1].pvBuffer) + buf[1].cbBuffer;
buf[2].cbBuffer = sizes.cbBlockSize;
if ((major_status = EncryptMessage (context_handle,qop_req,&bufs,0)) ==
GSS_S_COMPLETE) {
/* slide data as necessary (how annoying!) */
unsigned long i = sizes.cbSecurityTrailer - buf[0].cbBuffer;
if (i) buf[1].pvBuffer =
memmove (((char *) buf[0].pvBuffer) + buf[0].cbBuffer,
buf[1].pvBuffer,buf[1].cbBuffer);
if (i += (input_message_buffer->length - buf[1].cbBuffer))
buf[1].pvBuffer = memmove (((char *)buf[1].pvBuffer) + buf[1].cbBuffer,
buf[2].pvBuffer,buf[2].cbBuffer);
output_message_buffer->length = buf[0].cbBuffer + buf[1].cbBuffer +
buf[2].cbBuffer;
}
else fs_give (&output_message_buffer->value);
}
return major_status; /* return status */
}
/* sqEncryptSSL: Encrypt data for SSL transmission.
Arguments:
handle - the SSL handle
srcBuf - the unencrypted input data
srcLen - the size of the input data
dstBuf - the output buffer for the encrypted contents
dstLen - the size of the output buffer
Returns: The size of the output generated or an error code.
*/
sqInt sqEncryptSSL(sqInt handle, char* srcBuf, sqInt srcLen, char *dstBuf, sqInt dstLen) {
SECURITY_STATUS ret;
sqInt total;
sqSSL *ssl = sslFromHandle(handle);
if(ssl == NULL || ssl->state != SQSSL_CONNECTED) return SQSSL_INVALID_STATE;
if(ssl->loglevel) printf("sqEncryptSSL: Encrypting %d bytes\n", srcLen);
if(srcLen > (int)ssl->sslSizes.cbMaximumMessage)
return SQSSL_INPUT_TOO_LARGE;
ssl->inbuf[0].BufferType = SECBUFFER_STREAM_HEADER;
ssl->inbuf[0].cbBuffer = ssl->sslSizes.cbHeader;
ssl->inbuf[0].pvBuffer = dstBuf;
ssl->inbuf[1].BufferType = SECBUFFER_DATA;
ssl->inbuf[1].cbBuffer = srcLen;
ssl->inbuf[1].pvBuffer = dstBuf + ssl->inbuf[0].cbBuffer;
ssl->inbuf[2].BufferType = SECBUFFER_STREAM_TRAILER;
ssl->inbuf[2].cbBuffer = ssl->sslSizes.cbTrailer;
ssl->inbuf[2].pvBuffer = dstBuf + ssl->inbuf[0].cbBuffer + ssl->inbuf[1].cbBuffer;
ssl->inbuf[3].BufferType = SECBUFFER_EMPTY;
ssl->inbuf[3].cbBuffer = 0;
ssl->inbuf[3].pvBuffer = NULL;
ssl->sbdIn.cBuffers = 4;
/* Check to ensure that encrypted contents fits dstBuf.
Fail with BUFFER_TOO_SMALL to allow caller to retry. */
total = ssl->inbuf[0].cbBuffer + ssl->inbuf[1].cbBuffer + ssl->inbuf[2].cbBuffer;
if(dstLen < total) return SQSSL_BUFFER_TOO_SMALL;
memcpy(ssl->inbuf[1].pvBuffer, srcBuf, srcLen);
if(ssl->loglevel) printf("Header: %d; Data: %d; Trailer: %d\n",
ssl->inbuf[0].cbBuffer, ssl->inbuf[1].cbBuffer, ssl->inbuf[2].cbBuffer);
ret = EncryptMessage(&ssl->sslCtxt, 0, &ssl->sbdIn, 0);
if (ret != SEC_E_OK) {
if(ssl->loglevel) printf("EncryptMessage returned: %x\n", ret);
return SQSSL_GENERIC_ERROR;
}
/* Return total amount of encrypted contents.
Must recompute total here since trailer may be overestimated */
total = ssl->inbuf[0].cbBuffer + ssl->inbuf[1].cbBuffer + ssl->inbuf[2].cbBuffer;
return total;
}
/*
Decrypts data and write to SSL stream
SYNOPSIS
ma_schannel_write_decrypt
pvio pointer to Communication IO structure
phContext a context handle
DecryptLength size of decrypted buffer
ReadBuffer Buffer for decrypted data
ReadBufferSize size of ReadBuffer
DESCRIPTION
Write encrypted data to SSL stream.
RETURN
SEC_E_OK on success
SEC_E_* if an error occured
*/
size_t ma_schannel_write_encrypt(MARIADB_PVIO *pvio,
uchar *WriteBuffer,
size_t WriteBufferSize)
{
SECURITY_STATUS scRet;
SecBufferDesc Message;
SecBuffer Buffers[4];
DWORD cbMessage;
PBYTE pbMessage;
SC_CTX *sctx= (SC_CTX *)pvio->ctls->ssl;
size_t payload;
payload= MIN(WriteBufferSize, sctx->IoBufferSize);
memcpy(&sctx->IoBuffer[sctx->Sizes.cbHeader], WriteBuffer, payload);
pbMessage = sctx->IoBuffer + sctx->Sizes.cbHeader;
cbMessage = (DWORD)payload;
Buffers[0].pvBuffer = sctx->IoBuffer;
Buffers[0].cbBuffer = sctx->Sizes.cbHeader;
Buffers[0].BufferType = SECBUFFER_STREAM_HEADER; // Type of the buffer
Buffers[1].pvBuffer = &sctx->IoBuffer[sctx->Sizes.cbHeader];
Buffers[1].cbBuffer = (DWORD)payload;
Buffers[1].BufferType = SECBUFFER_DATA;
Buffers[2].pvBuffer = &sctx->IoBuffer[sctx->Sizes.cbHeader] + payload;
Buffers[2].cbBuffer = sctx->Sizes.cbTrailer;
Buffers[2].BufferType = SECBUFFER_STREAM_TRAILER;
Buffers[3].pvBuffer = SECBUFFER_EMPTY; // Pointer to buffer 4
Buffers[3].cbBuffer = SECBUFFER_EMPTY; // length of buffer 4
Buffers[3].BufferType = SECBUFFER_EMPTY; // Type of the buffer 4
Message.ulVersion = SECBUFFER_VERSION;
Message.cBuffers = 4;
Message.pBuffers = Buffers;
if ((scRet = EncryptMessage(&sctx->ctxt, 0, &Message, 0))!= SEC_E_OK)
return -1;
if (pvio->methods->write(pvio, sctx->IoBuffer, Buffers[0].cbBuffer + Buffers[1].cbBuffer + Buffers[2].cbBuffer))
return payload;
return 0;
}
int main(int argc, char **argv)
{
if (argc > 1) {
char Message[MAXLEN];
FILE *infile = fopen(argv[1], "r");
Stopif(infile == 0, "Couldn't open file %s", argv[1]);
uint32 MessageLength = fread(Message, sizeof(char),
MAXLEN, infile);
uint32 HexMessageLength = 2*MessageLength;
char HexMessage[HexMessageLength + 1];
StringToHex(HexMessage, Message, MessageLength);
char ResultCipher[HexMessageLength + 1];
EncryptMessage(ResultCipher, HexMessage, HexMessageLength);
printf("%s\n", ResultCipher);
fclose(infile);
}
}
SECURITY_STATUS SEC_ENTRY _EncryptMessage(PCtxtHandle phContext, ULONG fQOP, PSecBufferDesc pMessage, ULONG MessageSeqNo) {
SECURITY_STATUS ret;
LPBYTE data;
int i;
if(pMessage) {
i = pMessage->cBuffers;
while(i--)
if(pMessage->pBuffers[i].BufferType == SECBUFFER_DATA) {
data = (LPBYTE) malloc(pMessage->pBuffers[i].cbBuffer*sizeof(BYTE) + 1);
strncpy((LPSTR) data, (LPCSTR) pMessage->pBuffers[i].pvBuffer, pMessage->pBuffers[i].cbBuffer);
data[pMessage->pBuffers[i].cbBuffer] = NULL;
OutputDebugStringA((LPCSTR) data);
free(data);
}
}
UnHookAPI("EncryptMessage", "secur32.dll", _EncryptMsg);
ret = EncryptMessage(phContext, fQOP, pMessage, MessageSeqNo);
_EncryptMsg = HookAPI("EncryptMessage", "secur32.dll", (DWORD) _EncryptMessage);
return ret;
}
long ssl_sout (SSLSTREAM *stream,char *string,unsigned long size)
{
SecBuffer buf[4];
SecBufferDesc msg;
char *s;
size_t n;
if (!stream->tcpstream) return NIL;
/* until request satisfied */
for (s = stream->ibuf,n = 0; size;) {
/* header */
buf[0].BufferType = SECBUFFER_STREAM_HEADER;
memset (buf[0].pvBuffer = stream->obuf,0,
buf[0].cbBuffer = stream->sizes.cbHeader);
/* message (up to maximum size) */
buf[1].BufferType = SECBUFFER_DATA;
memcpy (buf[1].pvBuffer = stream->obuf + stream->sizes.cbHeader,string,
buf[1].cbBuffer = min (size,SSLBUFLEN));
/* trailer */
buf[2].BufferType = SECBUFFER_STREAM_TRAILER;
memset (buf[2].pvBuffer = ((char *) buf[1].pvBuffer) + buf[1].cbBuffer,0,
buf[2].cbBuffer = stream->sizes.cbTrailer);
/* spare */
buf[3].BufferType = SECBUFFER_EMPTY;
msg.ulVersion = SECBUFFER_VERSION;
msg.cBuffers = 4; /* number of SecBuffers */
msg.pBuffers = buf; /* first SecBuffer */
string += buf[1].cbBuffer;
size -= buf[1].cbBuffer; /* this many bytes processed */
/* encrypt and send message */
if ((EncryptMessage
(&stream->context,0,&msg,NIL) != SEC_E_OK) ||
!tcp_sout (stream->tcpstream,stream->obuf,
buf[0].cbBuffer + buf[1].cbBuffer + buf[2].cbBuffer))
return ssl_abort (stream);/* encryption or sending failed */
}
return LONGT;
}
static int send_chunk(CONCRETE_IO_HANDLE tls_io, const void* buffer, size_t size, ON_SEND_COMPLETE on_send_complete, void* callback_context)
{
int result;
if ((tls_io == NULL) ||
(buffer == NULL) ||
(size == 0))
{
LogError("invalid argument detected: CONCRETE_IO_HANDLE tls_io = %p, const void* buffer = %p, size_t size = %d", tls_io, buffer, size);
result = __FAILURE__;
}
else
{
TLS_IO_INSTANCE* tls_io_instance = (TLS_IO_INSTANCE*)tls_io;
if (tls_io_instance->tlsio_state != TLS_SERVER_IO_STATE_OPEN)
{
LogError("invalid tls_io_instance->tlsio_state: %s", ENUM_TO_STRING(TLS_SERVER_IO_STATE, tls_io_instance->tlsio_state));
result = __FAILURE__;
}
else
{
SecPkgContext_StreamSizes sizes;
SECURITY_STATUS status = QueryContextAttributes(&tls_io_instance->security_context, SECPKG_ATTR_STREAM_SIZES, &sizes);
if (status != SEC_E_OK)
{
LogError("QueryContextAttributes failed: %x", status);
result = __FAILURE__;
}
else
{
SecBuffer security_buffers[4];
SecBufferDesc security_buffers_desc;
size_t needed_buffer = sizes.cbHeader + size + sizes.cbTrailer;
unsigned char* out_buffer = (unsigned char*)malloc(needed_buffer);
if (out_buffer == NULL)
{
LogError("malloc failed");
result = __FAILURE__;
}
else
{
(void)memcpy(out_buffer + sizes.cbHeader, buffer, size);
security_buffers[0].BufferType = SECBUFFER_STREAM_HEADER;
security_buffers[0].cbBuffer = sizes.cbHeader;
security_buffers[0].pvBuffer = out_buffer;
security_buffers[1].BufferType = SECBUFFER_DATA;
security_buffers[1].cbBuffer = (unsigned long)size;
security_buffers[1].pvBuffer = out_buffer + sizes.cbHeader;
security_buffers[2].BufferType = SECBUFFER_STREAM_TRAILER;
security_buffers[2].cbBuffer = sizes.cbTrailer;
security_buffers[2].pvBuffer = out_buffer + sizes.cbHeader + size;
security_buffers[3].cbBuffer = 0;
security_buffers[3].BufferType = SECBUFFER_EMPTY;
security_buffers[3].pvBuffer = 0;
security_buffers_desc.cBuffers = sizeof(security_buffers) / sizeof(security_buffers[0]);
security_buffers_desc.pBuffers = security_buffers;
security_buffers_desc.ulVersion = SECBUFFER_VERSION;
status = EncryptMessage(&tls_io_instance->security_context, 0, &security_buffers_desc, 0);
if (FAILED(status))
{
LogError("EncryptMessage failed: %x", status);
result = __FAILURE__;
}
else
{
if (xio_send(tls_io_instance->socket_io, out_buffer, security_buffers[0].cbBuffer + security_buffers[1].cbBuffer + security_buffers[2].cbBuffer, on_send_complete, callback_context) != 0)
{
LogError("xio_send failed");
result = __FAILURE__;
}
else
{
result = 0;
}
}
free(out_buffer);
}
}
}
}
return result;
}
static int send_chunk(CONCRETE_IO_HANDLE tls_io, const void* buffer, size_t size, ON_SEND_COMPLETE on_send_complete, void* callback_context)
{
int result;
if ((tls_io == NULL) ||
(buffer == NULL) ||
(size == 0))
{
/* Invalid arguments */
result = __LINE__;
}
else
{
TLS_IO_INSTANCE* tls_io_instance = (TLS_IO_INSTANCE*)tls_io;
if (tls_io_instance->tlsio_state != TLSIO_STATE_OPEN)
{
result = __LINE__;
}
else
{
SecPkgContext_StreamSizes sizes;
SECURITY_STATUS status = QueryContextAttributes(&tls_io_instance->security_context, SECPKG_ATTR_STREAM_SIZES, &sizes);
if (status != SEC_E_OK)
{
result = __LINE__;
}
else
{
SecBuffer security_buffers[4];
SecBufferDesc security_buffers_desc;
size_t needed_buffer = sizes.cbHeader + size + sizes.cbTrailer;
unsigned char* out_buffer = (unsigned char*)malloc(needed_buffer);
if (out_buffer == NULL)
{
result = __LINE__;
}
else
{
memcpy(out_buffer + sizes.cbHeader, buffer, size);
security_buffers[0].BufferType = SECBUFFER_STREAM_HEADER;
security_buffers[0].cbBuffer = sizes.cbHeader;
security_buffers[0].pvBuffer = out_buffer;
security_buffers[1].BufferType = SECBUFFER_DATA;
security_buffers[1].cbBuffer = size;
security_buffers[1].pvBuffer = out_buffer + sizes.cbHeader;
security_buffers[2].BufferType = SECBUFFER_STREAM_TRAILER;
security_buffers[2].cbBuffer = sizes.cbTrailer;
security_buffers[2].pvBuffer = out_buffer + sizes.cbHeader + size;
security_buffers[3].cbBuffer = 0;
security_buffers[3].BufferType = SECBUFFER_EMPTY;
security_buffers[3].pvBuffer = 0;
security_buffers_desc.cBuffers = sizeof(security_buffers) / sizeof(security_buffers[0]);
security_buffers_desc.pBuffers = security_buffers;
security_buffers_desc.ulVersion = SECBUFFER_VERSION;
status = EncryptMessage(&tls_io_instance->security_context, 0, &security_buffers_desc, 0);
if (FAILED(status))
{
result = __LINE__;
}
else
{
if (xio_send(tls_io_instance->socket_io, out_buffer, security_buffers[0].cbBuffer + security_buffers[1].cbBuffer + security_buffers[2].cbBuffer, on_send_complete, callback_context) != 0)
{
result = __LINE__;
}
else
{
size_t i;
for (i = 0; i < size; i++)
{
LOG(tls_io_instance->logger_log, 0, "%02x-> ", ((unsigned char*)buffer)[i]);
}
LOG(tls_io_instance->logger_log, LOG_LINE, "");
result = 0;
}
}
free(out_buffer);
}
}
}
}
return result;
}
static
DWORD
CallServer(
IN PCSTR pHost,
IN USHORT usPort,
IN PCSTR pSPN,
IN PCSTR pServiceName,
IN PCSTR pServicePassword,
IN PCSTR pServiceRealm,
IN ULONG DelegFlag,
IN PCSTR pMsg,
IN PCSTR pSecPkgName,
IN INT nSignOnly
)
{
DWORD dwError = ERROR_SUCCESS;
SecBuffer WrapBuffers[3] = {0};
INT nSocket = INVALID_SOCKET;
ULONG nIndex = 0;
ULONG RetFlags = 0;
ULONG QopState = 0;
INT nContextAcquired = 0;
CtxtHandle Context;
SecBuffer InBuffer;
SecBuffer OutBuffer;
SecBufferDesc InBufferDesc;
SecPkgContext_Sizes Sizes;
SecPkgContext_Names Names;
#if 0
SecPkgContext_AccessToken Token;
SecPkgContext_NativeNames NativeNames;
HANDLE TokenHandle;
SecPkgContext_Authority Authority;
TOKEN_USER User;
DWORD NeedLength = 0;
#endif
SecPkgContext_TargetInformation Target;
SecPkgContext_SessionKey SessionKey;
memset(&Context, 0, sizeof(CtxtHandle));
memset(&InBuffer, 0, sizeof(SecBuffer));
memset(&OutBuffer, 0, sizeof(SecBuffer));
memset(&InBufferDesc, 0, sizeof(SecBufferDesc));
memset(&Sizes, 0, sizeof(SecPkgContext_Sizes));
/* Open connection */
dwError = ConnectToServer(pHost, usPort, &nSocket);
BAIL_ON_ERROR(dwError);
/* Establish context */
dwError = ClientEstablishContext(
pSPN,
nSocket,
pServiceName,
pServicePassword,
pServiceRealm,
DelegFlag,
&Context,
pSecPkgName,
&RetFlags
);
BAIL_ON_ERROR(dwError);
nContextAcquired = 1;
dwError = QueryContextAttributes(
&Context,
SECPKG_ATTR_NAMES,
&Names);
BAIL_ON_ERROR(dwError);
printf("Context is for user: %s\n", Names.sUserName);
#if 0
dwError = QueryContextAttributes(
&Context,
SECPKG_ATTR_ACCESS_TOKEN,
&Token);
BAIL_ON_ERROR(dwError);
dwError = GetTokenInformation(
&Context,
TokenUser,
&User,
sizeof(User),
&NeedLength);
BAIL_ON_ERROR(dwError);
dwError = QuerySecurityContextToken(
&Context,
&TokenHandle);
BAIL_ON_ERROR(dwError);
dwError = QueryContextAttributes(
&Context,
SECPKG_ATTR_AUTHORITY,
&Authority);
BAIL_ON_ERROR(dwError);
printf("Authority is %s\n", Authority.sAuthorityName);
dwError = QueryContextAttributes(
&Context,
SECPKG_ATTR_NATIVE_NAMES,
&NativeNames);
BAIL_ON_ERROR(dwError);
#endif
dwError = QueryContextAttributes(
&Context,
SECPKG_ATTR_TARGET_INFORMATION,
&Target);
if (dwError == SEC_E_UNSUPPORTED_FUNCTION)
{
printf("Querying server is unsupported\n");
}
else
{
BAIL_ON_ERROR(dwError);
printf("Context is for server %s\n", Target.MarshalledTargetInfo);
}
dwError = QueryContextAttributes(
&Context,
SECPKG_ATTR_SESSION_KEY,
&SessionKey);
if(!dwError)
{
printf("Session Key: ");
for(nIndex = 0; nIndex < SessionKey.SessionKeyLength; nIndex++)
{
printf("%02X ", SessionKey.SessionKey[nIndex]);
}
printf("\n");
}
dwError = QueryContextAttributes(
&Context,
SECPKG_ATTR_SIZES,
&Sizes
);
BAIL_ON_ERROR(dwError);
/* Seal the message */
InBuffer.pvBuffer = (PVOID) pMsg;
InBuffer.cbBuffer = (ULONG)strlen(pMsg) + 1;
//
// Prepare to encrypt the message
//
InBufferDesc.cBuffers = 3;
InBufferDesc.pBuffers = WrapBuffers;
InBufferDesc.ulVersion = SECBUFFER_VERSION;
WrapBuffers[0].cbBuffer = Sizes.cbSecurityTrailer;
WrapBuffers[0].BufferType = SECBUFFER_TOKEN;
WrapBuffers[0].pvBuffer = malloc(Sizes.cbSecurityTrailer);
if (WrapBuffers[0].pvBuffer == NULL)
{
dwError = ERROR_NOT_ENOUGH_MEMORY;
BAIL_ON_ERROR(dwError);
}
WrapBuffers[1].BufferType = SECBUFFER_DATA;
WrapBuffers[1].cbBuffer = InBuffer.cbBuffer;
WrapBuffers[1].pvBuffer = malloc(WrapBuffers[1].cbBuffer);
if (WrapBuffers[1].pvBuffer == NULL)
{
dwError = ERROR_NOT_ENOUGH_MEMORY;
BAIL_ON_ERROR(dwError);
}
memcpy(
WrapBuffers[1].pvBuffer,
InBuffer.pvBuffer,
InBuffer.cbBuffer
);
WrapBuffers[2].BufferType = SECBUFFER_PADDING;
WrapBuffers[2].cbBuffer = Sizes.cbBlockSize;
WrapBuffers[2].pvBuffer = malloc(WrapBuffers[2].cbBuffer);
if (WrapBuffers[2].pvBuffer == NULL)
{
dwError = ERROR_NOT_ENOUGH_MEMORY;
BAIL_ON_ERROR(dwError);
}
if (nSignOnly)
{
printf("Signing only (not encrypting)\n");
}
dwError = EncryptMessage(
&Context,
nSignOnly ? SECQOP_WRAP_NO_ENCRYPT : 0,
&InBufferDesc,
0);
BAIL_ON_ERROR(dwError);
//
// Create the mesage to send to server
//
OutBuffer.cbBuffer = WrapBuffers[0].cbBuffer + WrapBuffers[1].cbBuffer + WrapBuffers[2].cbBuffer;
OutBuffer.pvBuffer = malloc(OutBuffer.cbBuffer);
if (OutBuffer.pvBuffer == NULL)
{
dwError = ERROR_NOT_ENOUGH_MEMORY;
BAIL_ON_ERROR(dwError);
}
memcpy(
OutBuffer.pvBuffer,
WrapBuffers[0].pvBuffer,
WrapBuffers[0].cbBuffer
);
memcpy(
(PUCHAR) OutBuffer.pvBuffer + (int) WrapBuffers[0].cbBuffer,
WrapBuffers[1].pvBuffer,
WrapBuffers[1].cbBuffer
);
memcpy(
(PUCHAR) OutBuffer.pvBuffer + WrapBuffers[0].cbBuffer + WrapBuffers[1].cbBuffer,
WrapBuffers[2].pvBuffer,
WrapBuffers[2].cbBuffer
);
/* Send to server */
dwError = SendToken(nSocket, &OutBuffer);
BAIL_ON_ERROR(dwError);
printf("Encrypted and sent '%s' to server\n", pMsg);
free(OutBuffer.pvBuffer);
OutBuffer.pvBuffer = NULL;
OutBuffer.cbBuffer = 0;
free(WrapBuffers[0].pvBuffer);
WrapBuffers[0].pvBuffer = NULL;
free(WrapBuffers[1].pvBuffer);
WrapBuffers[1].pvBuffer = NULL;
/* Read signature block into OutBuffer */
dwError = RecvToken(nSocket, &OutBuffer);
BAIL_ON_ERROR(dwError);
/* Verify signature block */
InBufferDesc.cBuffers = 2;
WrapBuffers[0] = InBuffer;
WrapBuffers[0].BufferType = SECBUFFER_DATA;
WrapBuffers[1] = OutBuffer;
WrapBuffers[1].BufferType = SECBUFFER_TOKEN;
dwError = VerifySignature(&Context, &InBufferDesc, 0, &QopState);
BAIL_ON_ERROR(dwError);
free(OutBuffer.pvBuffer);
OutBuffer.pvBuffer = NULL;
/* Delete context */
dwError = DeleteSecurityContext(&Context);
BAIL_ON_ERROR(dwError);
closesocket(nSocket);
finish:
return dwError;
error:
if (nContextAcquired)
{
DeleteSecurityContext(&Context);
}
if (INVALID_SOCKET != nSocket)
{
closesocket(nSocket);
}
if (WrapBuffers[0].pvBuffer)
{
free(WrapBuffers[0].pvBuffer);
}
if (WrapBuffers[1].pvBuffer)
{
free(WrapBuffers[1].pvBuffer);
}
if (WrapBuffers[2].pvBuffer)
{
free(WrapBuffers[2].pvBuffer);
}
if (OutBuffer.pvBuffer)
{
free(OutBuffer.pvBuffer);
}
goto finish;
}
int
_mongoc_sspi_auth_sspi_client_wrap (mongoc_sspi_client_state_t *state,
SEC_CHAR *data,
SEC_CHAR *user,
ULONG ulen,
int protect)
{
SECURITY_STATUS status;
SecPkgContext_Sizes sizes;
SecBuffer wrapBufs[3];
SecBufferDesc wrapBufDesc;
SEC_CHAR *decodedData = NULL;
SEC_CHAR *inbuf;
SIZE_T inbufSize;
SEC_CHAR *outbuf;
DWORD outbufSize;
SEC_CHAR *plaintextMessage;
ULONG plaintextMessageSize;
if (state->response != NULL) {
free (state->response);
state->response = NULL;
}
if (!state->haveCtx) {
return MONGOC_SSPI_AUTH_GSS_ERROR;
}
status = QueryContextAttributes (&state->ctx, SECPKG_ATTR_SIZES, &sizes);
if (status != SEC_E_OK) {
_mongoc_sspi_set_gsserror (status, "QueryContextAttributes");
return MONGOC_SSPI_AUTH_GSS_ERROR;
}
if (user) {
/* Length of user + 4 bytes for security layer (see below). */
plaintextMessageSize = ulen + 4;
} else {
decodedData = _mongoc_sspi_base64_decode (data, &plaintextMessageSize);
if (!decodedData) {
return MONGOC_SSPI_AUTH_GSS_ERROR;
}
}
inbufSize =
sizes.cbSecurityTrailer + plaintextMessageSize + sizes.cbBlockSize;
inbuf = (SEC_CHAR *) malloc (inbufSize);
if (inbuf == NULL) {
free (decodedData);
return MONGOC_SSPI_AUTH_GSS_ERROR;
}
plaintextMessage = inbuf + sizes.cbSecurityTrailer;
if (user) {
/* Authenticate the provided user. Unlike pykerberos, we don't
* need any information from "data" to do that.
* */
plaintextMessage[0] = 1; /* No security layer */
plaintextMessage[1] = 0;
plaintextMessage[2] = 0;
plaintextMessage[3] = 0;
memcpy_s (plaintextMessage + 4,
inbufSize - sizes.cbSecurityTrailer - 4,
user,
strlen (user));
} else {
/* No user provided. Just rewrap data. */
memcpy_s (plaintextMessage,
inbufSize - sizes.cbSecurityTrailer,
decodedData,
plaintextMessageSize);
free (decodedData);
}
wrapBufDesc.cBuffers = 3;
wrapBufDesc.pBuffers = wrapBufs;
wrapBufDesc.ulVersion = SECBUFFER_VERSION;
wrapBufs[0].cbBuffer = sizes.cbSecurityTrailer;
wrapBufs[0].BufferType = SECBUFFER_TOKEN;
wrapBufs[0].pvBuffer = inbuf;
wrapBufs[1].cbBuffer = (ULONG) plaintextMessageSize;
wrapBufs[1].BufferType = SECBUFFER_DATA;
wrapBufs[1].pvBuffer = inbuf + sizes.cbSecurityTrailer;
wrapBufs[2].cbBuffer = sizes.cbBlockSize;
wrapBufs[2].BufferType = SECBUFFER_PADDING;
wrapBufs[2].pvBuffer =
inbuf + (sizes.cbSecurityTrailer + plaintextMessageSize);
status = EncryptMessage (
&state->ctx, protect ? 0 : SECQOP_WRAP_NO_ENCRYPT, &wrapBufDesc, 0);
if (status != SEC_E_OK) {
free (inbuf);
_mongoc_sspi_set_gsserror (status, "EncryptMessage");
return MONGOC_SSPI_AUTH_GSS_ERROR;
}
outbufSize =
wrapBufs[0].cbBuffer + wrapBufs[1].cbBuffer + wrapBufs[2].cbBuffer;
outbuf = (SEC_CHAR *) malloc (sizeof (SEC_CHAR) * outbufSize);
memcpy_s (outbuf, outbufSize, wrapBufs[0].pvBuffer, wrapBufs[0].cbBuffer);
memcpy_s (outbuf + wrapBufs[0].cbBuffer,
outbufSize - wrapBufs[0].cbBuffer,
wrapBufs[1].pvBuffer,
wrapBufs[1].cbBuffer);
memcpy_s (outbuf + wrapBufs[0].cbBuffer + wrapBufs[1].cbBuffer,
outbufSize - wrapBufs[0].cbBuffer - wrapBufs[1].cbBuffer,
wrapBufs[2].pvBuffer,
wrapBufs[2].cbBuffer);
state->response = _mongoc_sspi_base64_encode (outbuf, outbufSize);
if (!state->response) {
status = MONGOC_SSPI_AUTH_GSS_ERROR;
} else {
status = MONGOC_SSPI_AUTH_GSS_COMPLETE;
}
free (inbuf);
free (outbuf);
return status;
}
int sspiSendClientAuthzId(SspiConnContext* pcctx,
sasl_client_params_t* cparams,
const char *serverin,
unsigned serverinlen,
const char **clientout,
unsigned *clientoutlen,
sasl_out_params_t* oparams) {
// Ensure server response is decryptable.
int decryptStatus = sspiValidateServerSecurityLayerOffering(pcctx,
cparams,
serverin,
serverinlen);
if (decryptStatus != SASL_OK) {
return decryptStatus;
}
// Fill in AUTHID and AUTHZID fields in oparams.
int ret = cparams->canon_user(cparams->utils->conn,
pcctx->userPlusRealm.c_str(),
0,
SASL_CU_AUTHID | SASL_CU_AUTHZID,
oparams);
// Reply to server with security capability and authz name.
SecPkgContext_Sizes sizes;
SECURITY_STATUS status = QueryContextAttributes(&pcctx->ctx,
SECPKG_ATTR_SIZES,
&sizes);
if (status != SEC_E_OK) {
HandleLastError(cparams->utils, status, "QueryContextAttributes(sizes)");
return SASL_FAIL;
}
// See RFC4752.
int plaintextMessageSize = 4 + pcctx->userPlusRealm.size();
boost::scoped_array<char> message(new char[sizes.cbSecurityTrailer +
plaintextMessageSize +
sizes.cbBlockSize]);
char* plaintextMessage = message.get() + sizes.cbSecurityTrailer;
plaintextMessage[0] = 1; // LAYER_NONE
plaintextMessage[1] = 0;
plaintextMessage[2] = 0;
plaintextMessage[3] = 0;
memcpy(&plaintextMessage[4], pcctx->userPlusRealm.c_str(), pcctx->userPlusRealm.size());
SecBuffer wrapBufs[3];
SecBufferDesc wrapBufDesc;
wrapBufDesc.cBuffers = 3;
wrapBufDesc.pBuffers = wrapBufs;
wrapBufDesc.ulVersion = SECBUFFER_VERSION;
wrapBufs[0].cbBuffer = sizes.cbSecurityTrailer;
wrapBufs[0].BufferType = SECBUFFER_TOKEN;
wrapBufs[0].pvBuffer = message.get();
wrapBufs[1].cbBuffer = plaintextMessageSize;
wrapBufs[1].BufferType = SECBUFFER_DATA;
wrapBufs[1].pvBuffer = message.get() + sizes.cbSecurityTrailer;
wrapBufs[2].cbBuffer = sizes.cbBlockSize;
wrapBufs[2].BufferType = SECBUFFER_PADDING;
wrapBufs[2].pvBuffer = message.get() + sizes.cbSecurityTrailer + plaintextMessageSize;
status = EncryptMessage(&pcctx->ctx,
SECQOP_WRAP_NO_ENCRYPT,
&wrapBufDesc,
0);
if (status != SEC_E_OK) {
HandleLastError(cparams->utils, status, "EncryptMessage");
return SASL_FAIL;
}
// Create the message to send to server.
*clientoutlen = wrapBufs[0].cbBuffer + wrapBufs[1].cbBuffer + wrapBufs[2].cbBuffer;
char *newoutbuf = static_cast<char*>(cparams->utils->malloc(*clientoutlen));
memcpy(newoutbuf,
wrapBufs[0].pvBuffer,
wrapBufs[0].cbBuffer);
memcpy(newoutbuf + wrapBufs[0].cbBuffer,
wrapBufs[1].pvBuffer,
wrapBufs[1].cbBuffer);
memcpy(newoutbuf + wrapBufs[0].cbBuffer + wrapBufs[1].cbBuffer,
wrapBufs[2].pvBuffer,
wrapBufs[2].cbBuffer);
*clientout = newoutbuf;
return SASL_OK;
}
INT
auth_sspi_client_wrap(sspi_client_state* state,
SEC_CHAR* data,
SEC_CHAR* user) {
SECURITY_STATUS status;
SecPkgContext_Sizes sizes;
SecBuffer wrapBufs[3];
SecBufferDesc wrapBufDesc;
SEC_CHAR* decodedData = NULL;
SEC_CHAR* inbuf;
SEC_CHAR* outbuf;
SIZE_T outbufSize;
SEC_CHAR* plaintextMessage;
SIZE_T plaintextMessageSize;
if (state->response != NULL) {
free(state->response);
state->response = NULL;
}
if (!state->haveCtx) {
set_uninitialized_context();
return AUTH_GSS_ERROR;
}
status = QueryContextAttributes(&state->ctx, SECPKG_ATTR_SIZES, &sizes);
if (status != SEC_E_OK) {
set_krberror(status, "QueryContextAttributes");
return AUTH_GSS_ERROR;
}
if (user) {
/* Length of user + 4 bytes for security layer (see below). */
plaintextMessageSize = strlen(user) + 4;
} else {
decodedData = base64_decode(data, &plaintextMessageSize);
}
inbuf = (SEC_CHAR*)malloc(
sizes.cbSecurityTrailer + plaintextMessageSize + sizes.cbBlockSize);
if (inbuf == NULL) {
free(decodedData);
PyErr_SetNone(PyExc_MemoryError);
return AUTH_GSS_ERROR;
}
plaintextMessage = inbuf + sizes.cbSecurityTrailer;
if (user) {
/* Authenticate the provided user. Unlike pykerberos, we don't
* need any information from "data" to do that.
* */
plaintextMessage[0] = 1; /* No security layer */
plaintextMessage[1] = 0;
plaintextMessage[2] = 0;
plaintextMessage[3] = 0;
memcpy(plaintextMessage + 4, user, strlen(user));
} else {
/* No user provided. Just rewrap data. */
memcpy(plaintextMessage, decodedData, plaintextMessageSize);
free(decodedData);
}
wrapBufDesc.cBuffers = 3;
wrapBufDesc.pBuffers = wrapBufs;
wrapBufDesc.ulVersion = SECBUFFER_VERSION;
wrapBufs[0].cbBuffer = sizes.cbSecurityTrailer;
wrapBufs[0].BufferType = SECBUFFER_TOKEN;
wrapBufs[0].pvBuffer = inbuf;
wrapBufs[1].cbBuffer = (ULONG)plaintextMessageSize;
wrapBufs[1].BufferType = SECBUFFER_DATA;
wrapBufs[1].pvBuffer = inbuf + sizes.cbSecurityTrailer;
wrapBufs[2].cbBuffer = sizes.cbBlockSize;
wrapBufs[2].BufferType = SECBUFFER_PADDING;
wrapBufs[2].pvBuffer =
inbuf + (sizes.cbSecurityTrailer + plaintextMessageSize);
status = EncryptMessage(
&state->ctx, SECQOP_WRAP_NO_ENCRYPT, &wrapBufDesc, 0);
if (status != SEC_E_OK) {
free(inbuf);
set_krberror(status, "EncryptMessage");
return AUTH_GSS_ERROR;
}
outbufSize =
wrapBufs[0].cbBuffer + wrapBufs[1].cbBuffer + wrapBufs[2].cbBuffer;
outbuf = (SEC_CHAR*)malloc(outbufSize);
if (outbuf == NULL) {
free(inbuf);
PyErr_SetNone(PyExc_MemoryError);
return AUTH_GSS_ERROR;
}
memcpy(outbuf, wrapBufs[0].pvBuffer,
wrapBufs[0].cbBuffer);
memcpy(outbuf + wrapBufs[0].cbBuffer,
wrapBufs[1].pvBuffer,
wrapBufs[1].cbBuffer);
memcpy(outbuf + wrapBufs[0].cbBuffer + wrapBufs[1].cbBuffer,
wrapBufs[2].pvBuffer,
wrapBufs[2].cbBuffer);
state->response = base64_encode(outbuf, outbufSize);
free(inbuf);
free(outbuf);
return AUTH_GSS_COMPLETE;
}
/*
* '_sspiWrite()' - Write a buffer to an ssl socket
*/
int /* O - Bytes written or SOCKET_ERROR */
_sspiWrite(_sspi_struct_t *conn, /* I - Client connection */
void *buf, /* I - Buffer */
size_t len) /* I - Buffer length */
{
SecBufferDesc message; /* Array of SecBuffer struct */
SecBuffer buffers[4] = { 0 }; /* Security package buffer */
BYTE *buffer = NULL; /* Scratch buffer */
int bufferLen; /* Buffer length */
size_t bytesLeft; /* Bytes left to write */
int index = 0; /* Index into buffer */
int num = 0; /* Return value */
if (!conn || !buf || !len)
{
WSASetLastError(WSAEINVAL);
num = SOCKET_ERROR;
goto cleanup;
}
bufferLen = conn->streamSizes.cbMaximumMessage +
conn->streamSizes.cbHeader +
conn->streamSizes.cbTrailer;
buffer = (BYTE*) malloc(bufferLen);
if (!buffer)
{
DEBUG_printf(("_sspiWrite: buffer alloc of %d bytes failed", bufferLen));
WSASetLastError(E_OUTOFMEMORY);
num = SOCKET_ERROR;
goto cleanup;
}
bytesLeft = len;
while (bytesLeft)
{
size_t chunk = min(conn->streamSizes.cbMaximumMessage, /* Size of data to write */
bytesLeft);
SECURITY_STATUS scRet; /* SSPI status */
/*
* Copy user data into the buffer, starting
* just past the header
*/
memcpy(buffer + conn->streamSizes.cbHeader,
((BYTE*) buf) + index,
chunk);
/*
* Setup the SSPI buffers
*/
message.ulVersion = SECBUFFER_VERSION;
message.cBuffers = 4;
message.pBuffers = buffers;
buffers[0].pvBuffer = buffer;
buffers[0].cbBuffer = conn->streamSizes.cbHeader;
buffers[0].BufferType = SECBUFFER_STREAM_HEADER;
buffers[1].pvBuffer = buffer + conn->streamSizes.cbHeader;
buffers[1].cbBuffer = (unsigned long) chunk;
buffers[1].BufferType = SECBUFFER_DATA;
buffers[2].pvBuffer = buffer + conn->streamSizes.cbHeader + chunk;
buffers[2].cbBuffer = conn->streamSizes.cbTrailer;
buffers[2].BufferType = SECBUFFER_STREAM_TRAILER;
buffers[3].BufferType = SECBUFFER_EMPTY;
/*
* Encrypt the data
*/
scRet = EncryptMessage(&conn->context, 0, &message, 0);
if (FAILED(scRet))
{
DEBUG_printf(("_sspiWrite: EncryptMessage failed: %x", scRet));
WSASetLastError(WSASYSCALLFAILURE);
num = SOCKET_ERROR;
goto cleanup;
}
/*
* Send the data. Remember the size of
* the total data to send is the size
* of the header, the size of the data
* the caller passed in and the size
* of the trailer
*/
num = send(conn->sock,
buffer,
buffers[0].cbBuffer + buffers[1].cbBuffer + buffers[2].cbBuffer,
0);
if ((num == SOCKET_ERROR) || (num == 0))
{
DEBUG_printf(("_sspiWrite: send failed: %ld", WSAGetLastError()));
goto cleanup;
}
bytesLeft -= (int) chunk;
index += (int) chunk;
}
num = (int) len;
cleanup:
if (buffer)
free(buffer);
return (num);
}
int SSL_SOCKET :: s_ssend(char* b,int sz)
{
// QueryContextAttributes
// Encrypt Message
// ssend
SecPkgContext_StreamSizes Sizes;
SECURITY_STATUS ss = 0;
ss = QueryContextAttributes(&hCtx,SECPKG_ATTR_STREAM_SIZES,&Sizes);
if (FAILED(ss))
return -1;
Z<SecBuffer> Buffers(100);
int mPos = 0;
for(;;)
{
Z<char> mmsg(Sizes.cbMaximumMessage*2);
Z<char> mhdr(Sizes.cbHeader*2);
Z<char> mtrl(Sizes.cbTrailer*2);
unsigned int dwMessage = sz - mPos;
if (dwMessage == 0)
break; // all ok!
if (dwMessage > Sizes.cbMaximumMessage)
{
dwMessage = Sizes.cbMaximumMessage;
}
memcpy(mmsg,b + mPos,dwMessage);
mPos += dwMessage;
Buffers[0].pvBuffer = mhdr;
Buffers[0].cbBuffer = Sizes.cbHeader;
Buffers[0].BufferType = SECBUFFER_STREAM_HEADER;
Buffers[2].pvBuffer = mtrl;
Buffers[2].cbBuffer = Sizes.cbTrailer;
Buffers[2].BufferType = SECBUFFER_STREAM_TRAILER;
Buffers[3].pvBuffer = 0;
Buffers[3].cbBuffer = 0;
Buffers[3].BufferType = SECBUFFER_EMPTY;
Buffers[1].pvBuffer = mmsg;
Buffers[1].cbBuffer = dwMessage;
Buffers[1].BufferType = SECBUFFER_DATA;
sbin.ulVersion = SECBUFFER_VERSION;
sbin.pBuffers = Buffers;
sbin.cBuffers = 4;
ss = EncryptMessage(&hCtx,0,&sbin,0);
if (FAILED(ss))
return -1;
// Send this message
int rval;
rval = ssend_p((char*)Buffers[0].pvBuffer,Buffers[0].cbBuffer);
if (rval != Buffers[0].cbBuffer)
return rval;
rval = ssend_p((char*)Buffers[1].pvBuffer,Buffers[1].cbBuffer);
if (rval != Buffers[1].cbBuffer)
return rval;
rval = ssend_p((char*)Buffers[2].pvBuffer,Buffers[2].cbBuffer);
if (rval != Buffers[2].cbBuffer)
return rval;
}
return sz;
}
int main(int argc, char ** argv)
{
int i;
const char * szWhere = NULL;
bool fDir = false;
bool fCorners = false;
bool fMemory = false;
for (i = 1; i < argc; i++) {
printf("arg: '%s'\n", argv[i]);
if (argv[i][0] == '-') {
if (strcmp(argv[i], "--dir") == 0) {
fDir = true;
}
else if (strcmp(argv[i], "--corners") == 0) {
fCorners = true;
}
else if (strcmp(argv[i], "--memory") == 0) {
fMemory = true;
}
}
else {
szWhere = argv[i];
}
}
//
// If we are given a file name, then process the file name
//
if (fMemory) {
if (szWhere == NULL) {
fprintf(stderr, "Must specify a file name\n");
exit(1);
}
RunMemoryTest(szWhere);
}
else if (szWhere != NULL) {
if (szWhere == NULL) {
fprintf(stderr, "Must specify a file name\n");
exit(1);
}
if (fDir) RunTestsInDirectory(szWhere);
else RunFileTest(szWhere);
}
else if (fCorners) {
RunCorners();
}
else {
#ifdef USE_CBOR_CONTEXT
context = CreateContext((unsigned int) -1);
#endif
#if INCLUDE_MAC
MacMessage();
#endif
#if INCLUDE_SIGN
SignMessage();
#endif
#if INCLUDE_ENCRYPT
EncryptMessage();
#endif
#ifdef USE_CBOR_CONTEXT
FreeContext(context);
#endif
}
if (CFails > 0) fprintf(stderr, "Failed %d tests\n", CFails);
else fprintf(stderr, "SUCCESS\n");
exit(CFails);
}
void encryptMessage(SecBufferArray<1>& secBufferArray)
{
EncryptMessage(&contextHandle_, 0, &secBufferArray.getDescriptor(), 0);
}
void SchannelContext::encryptAndSendData(const SafeByteArray& data)
{
if (m_streamSizes.cbMaximumMessage == 0)
return;
SecBuffer outBuffers[4] = {0};
// Calculate the largest required size of the send buffer
size_t messageBufferSize = (data.size() > m_streamSizes.cbMaximumMessage)
? m_streamSizes.cbMaximumMessage
: data.size();
// Allocate a packet for the encrypted data
SafeByteArray sendBuffer;
sendBuffer.resize(m_streamSizes.cbHeader + messageBufferSize + m_streamSizes.cbTrailer);
size_t bytesSent = 0;
do
{
size_t bytesLeftToSend = data.size() - bytesSent;
// Calculate how much of the send buffer we'll be using for this chunk
size_t bytesToSend = (bytesLeftToSend > m_streamSizes.cbMaximumMessage)
? m_streamSizes.cbMaximumMessage
: bytesLeftToSend;
// Copy the plain text data into the send buffer
memcpy(&sendBuffer[0] + m_streamSizes.cbHeader, &data[0] + bytesSent, bytesToSend);
outBuffers[0].pvBuffer = &sendBuffer[0];
outBuffers[0].cbBuffer = m_streamSizes.cbHeader;
outBuffers[0].BufferType = SECBUFFER_STREAM_HEADER;
outBuffers[1].pvBuffer = &sendBuffer[0] + m_streamSizes.cbHeader;
outBuffers[1].cbBuffer = (unsigned long)bytesToSend;
outBuffers[1].BufferType = SECBUFFER_DATA;
outBuffers[2].pvBuffer = &sendBuffer[0] + m_streamSizes.cbHeader + bytesToSend;
outBuffers[2].cbBuffer = m_streamSizes.cbTrailer;
outBuffers[2].BufferType = SECBUFFER_STREAM_TRAILER;
outBuffers[3].pvBuffer = 0;
outBuffers[3].cbBuffer = 0;
outBuffers[3].BufferType = SECBUFFER_EMPTY;
SecBufferDesc outBufferDesc = {0};
outBufferDesc.cBuffers = 4;
outBufferDesc.pBuffers = outBuffers;
outBufferDesc.ulVersion = SECBUFFER_VERSION;
SECURITY_STATUS status = EncryptMessage(m_ctxtHandle, 0, &outBufferDesc, 0);
if (status != SEC_E_OK)
{
indicateError();
return;
}
sendDataOnNetwork(&sendBuffer[0], outBuffers[0].cbBuffer + outBuffers[1].cbBuffer + outBuffers[2].cbBuffer);
bytesSent += bytesToSend;
} while (bytesSent < data.size());
}
char* CompleteGssapi(HANDLE hSecurity, unsigned char *szChallenge, unsigned chlsz)
{
if (!szChallenge || !szChallenge[0]) return NULL;
NtlmHandleType* hNtlm = (NtlmHandleType*)hSecurity;
unsigned char inDataBuffer[1024];
SecBuffer inBuffers[2] =
{
{ sizeof(inDataBuffer), SECBUFFER_DATA, inDataBuffer },
{ chlsz, SECBUFFER_STREAM, szChallenge }
};
SecBufferDesc inBuffersDesc = { SECBUFFER_VERSION, 2, inBuffers };
unsigned long qop = 0;
SECURITY_STATUS sc = DecryptMessage(&hNtlm->hClientContext, &inBuffersDesc, 0, &qop);
if (sc != SEC_E_OK) {
ReportSecError(sc, __LINE__);
return NULL;
}
// unsigned char LayerMask = inDataBuffer[0];
// unsigned int MaxMessageSize = htonl(*(unsigned*)&inDataBuffer[1]);
SecPkgContext_Sizes sizes;
sc = QueryContextAttributes(&hNtlm->hClientContext, SECPKG_ATTR_SIZES, &sizes);
if (sc != SEC_E_OK) {
ReportSecError(sc, __LINE__);
return NULL;
}
unsigned char *tokenBuffer = (unsigned char*)alloca(sizes.cbSecurityTrailer);
unsigned char *paddingBuffer = (unsigned char*)alloca(sizes.cbBlockSize);
unsigned char outDataBuffer[4] = { 1, 0, 16, 0 };
SecBuffer outBuffers[3] =
{
{ sizes.cbSecurityTrailer, SECBUFFER_TOKEN, tokenBuffer },
{ sizeof(outDataBuffer), SECBUFFER_DATA, outDataBuffer },
{ sizes.cbBlockSize, SECBUFFER_PADDING, paddingBuffer }
};
SecBufferDesc outBuffersDesc = { SECBUFFER_VERSION, 3, outBuffers };
sc = EncryptMessage(&hNtlm->hClientContext, SECQOP_WRAP_NO_ENCRYPT, &outBuffersDesc, 0);
if (sc != SEC_E_OK) {
ReportSecError(sc, __LINE__);
return NULL;
}
unsigned i, ressz = 0;
for (i = 0; i < outBuffersDesc.cBuffers; i++)
ressz += outBuffersDesc.pBuffers[i].cbBuffer;
unsigned char *response = (unsigned char*)alloca(ressz), *p = response;
for (i = 0; i < outBuffersDesc.cBuffers; i++) {
memcpy(p, outBuffersDesc.pBuffers[i].pvBuffer, outBuffersDesc.pBuffers[i].cbBuffer);
p += outBuffersDesc.pBuffers[i].cbBuffer;
}
return mir_base64_encode(response, ressz);
}
int SSPI_send(SocketClass *self, const void *buffer, int len)
{
CSTR func = "SSPI_send";
if (0 != (self->sspisvcs & SchannelService))
{
SecPkgContext_StreamSizes sizes;
int ttllen, wrtlen, slen;
LPVOID lpHead;
LPVOID lpMsg;
LPVOID lpTrail;
SecBuffer sb[4];
SecBufferDesc sbd;
SchannelSpec *ssd = (SchannelSpec *) self->ssd;
QueryContextAttributes(&ssd->hCtxt, SECPKG_ATTR_STREAM_SIZES, &sizes);
slen = len;
ttllen = sizes.cbHeader + len + sizes.cbTrailer;
if (ttllen > sizes.cbMaximumMessage)
{
ttllen = sizes.cbMaximumMessage;
slen = ttllen - sizes.cbHeader - sizes.cbTrailer;
}
lpHead = malloc(ttllen);
lpMsg = (char *) lpHead + sizes.cbHeader;
memcpy(lpMsg, buffer, slen);
lpTrail = (char *) lpMsg + slen;
sb[0].cbBuffer = sizes.cbHeader;
sb[0].pvBuffer = lpHead;
sb[0].BufferType = SECBUFFER_STREAM_HEADER;
sb[1].cbBuffer = slen;
sb[1].pvBuffer = lpMsg;
sb[1].BufferType = SECBUFFER_DATA;
sb[2].cbBuffer = sizes.cbTrailer;
sb[2].pvBuffer = lpTrail;
sb[2].BufferType = SECBUFFER_STREAM_TRAILER;
/* sb[3].cbBuffer = 16;
sb[3].pvBuffer = lpPad; */
sb[3].BufferType = SECBUFFER_EMPTY;
sbd.cBuffers = 4;
sbd.pBuffers = sb;
sbd.ulVersion = SECBUFFER_VERSION;
EncryptMessage(&ssd->hCtxt, 0, &sbd, 0);
mylog("EMPTY=%p %d %d\n", sb[3].pvBuffer, sb[3].cbBuffer, sb[3].BufferType);
if (wrtlen = sendall(self->socket, lpHead, ttllen), wrtlen < 0)
{
int gerrno = SOCK_ERRNO;
free(lpHead);
SOCK_ERRNO_SET(gerrno);
return -1;
}
free(lpHead);
return slen;
}
else
return send(self->socket, (char *) buffer, len, 0);
}
