krb5_error_code KRB5_CALLCONV krb5_rd_rep_dce(krb5_context context, krb5_auth_context auth_context, const krb5_data *inbuf, krb5_ui_4 *nonce) { krb5_error_code retval; krb5_ap_rep * reply; krb5_data scratch; krb5_ap_rep_enc_part *repl = NULL; if (!krb5_is_ap_rep(inbuf)) return KRB5KRB_AP_ERR_MSG_TYPE; /* decode it */ if ((retval = decode_krb5_ap_rep(inbuf, &reply))) return retval; /* put together an eblock for this encryption */ scratch.length = reply->enc_part.ciphertext.length; if (!(scratch.data = malloc(scratch.length))) { krb5_free_ap_rep(context, reply); return(ENOMEM); } if ((retval = krb5_k_decrypt(context, auth_context->key, KRB5_KEYUSAGE_AP_REP_ENCPART, 0, &reply->enc_part, &scratch))) goto clean_scratch; /* now decode the decrypted stuff */ retval = decode_krb5_ap_rep_enc_part(&scratch, &repl); if (retval) goto clean_scratch; *nonce = repl->seq_number; if (*nonce != auth_context->local_seq_number) { retval = KRB5_MUTUAL_FAILED; goto clean_scratch; } /* Must be NULL to prevent echoing for client AP-REP */ if (repl->subkey != NULL) { retval = KRB5_MUTUAL_FAILED; goto clean_scratch; } TRACE_RD_REP_DCE(context, repl->ctime, repl->cusec, repl->seq_number); clean_scratch: memset(scratch.data, 0, scratch.length); if (repl != NULL) krb5_free_ap_rep_enc_part(context, repl); krb5_free_ap_rep(context, reply); free(scratch.data); return retval; }
krb5_error_code KRB5_CALLCONV krb5_rd_rep(krb5_context context, krb5_auth_context auth_context, const krb5_data *inbuf, krb5_ap_rep_enc_part **repl) { krb5_error_code retval; krb5_ap_rep * reply; krb5_data scratch; if (!krb5_is_ap_rep(inbuf)) return KRB5KRB_AP_ERR_MSG_TYPE; /* decode it */ if ((retval = decode_krb5_ap_rep(inbuf, &reply))) return retval; /* put together an eblock for this encryption */ scratch.length = reply->enc_part.ciphertext.length; if (!(scratch.data = malloc(scratch.length))) { krb5_free_ap_rep(context, reply); return(ENOMEM); } if ((retval = krb5_c_decrypt(context, auth_context->keyblock, KRB5_KEYUSAGE_AP_REP_ENCPART, 0, &reply->enc_part, &scratch))) goto clean_scratch; /* now decode the decrypted stuff */ retval = decode_krb5_ap_rep_enc_part(&scratch, repl); if (retval) goto clean_scratch; /* Check reply fields */ if (((*repl)->ctime != auth_context->authentp->ctime) || ((*repl)->cusec != auth_context->authentp->cusec)) { retval = KRB5_MUTUAL_FAILED; goto clean_scratch; } /* Set auth subkey */ if ((*repl)->subkey) { if (auth_context->recv_subkey) { krb5_free_keyblock(context, auth_context->recv_subkey); auth_context->recv_subkey = NULL; } retval = krb5_copy_keyblock(context, (*repl)->subkey, &auth_context->recv_subkey); if (retval) goto clean_scratch; if (auth_context->send_subkey) { krb5_free_keyblock(context, auth_context->send_subkey); auth_context->send_subkey = NULL; } retval = krb5_copy_keyblock(context, (*repl)->subkey, &auth_context->send_subkey); if (retval) { krb5_free_keyblock(context, auth_context->send_subkey); auth_context->send_subkey = NULL; } /* not used for anything yet */ auth_context->negotiated_etype = (*repl)->subkey->enctype; } /* Get remote sequence number */ auth_context->remote_seq_number = (*repl)->seq_number; clean_scratch: memset(scratch.data, 0, scratch.length); krb5_free_ap_rep(context, reply); free(scratch.data); return retval; }
krb5_error_code KRB5_CALLCONV krb5_rd_rep(krb5_context context, krb5_auth_context auth_context, const krb5_data *inbuf, krb5_ap_rep_enc_part **repl) { krb5_error_code retval; krb5_ap_rep *reply = NULL; krb5_ap_rep_enc_part *enc = NULL; krb5_data scratch; *repl = NULL; if (!krb5_is_ap_rep(inbuf)) return KRB5KRB_AP_ERR_MSG_TYPE; /* Decode inbuf. */ retval = decode_krb5_ap_rep(inbuf, &reply); if (retval) return retval; /* Put together an eblock for this encryption. */ scratch.length = reply->enc_part.ciphertext.length; scratch.data = malloc(scratch.length); if (scratch.data == NULL) { retval = ENOMEM; goto clean_scratch; } retval = krb5_k_decrypt(context, auth_context->key, KRB5_KEYUSAGE_AP_REP_ENCPART, 0, &reply->enc_part, &scratch); if (retval) goto clean_scratch; /* Now decode the decrypted stuff. */ retval = decode_krb5_ap_rep_enc_part(&scratch, &enc); if (retval) goto clean_scratch; /* Check reply fields. */ if ((enc->ctime != auth_context->authentp->ctime) || (enc->cusec != auth_context->authentp->cusec)) { retval = KRB5_MUTUAL_FAILED; goto clean_scratch; } /* Set auth subkey. */ if (enc->subkey) { retval = krb5_auth_con_setrecvsubkey(context, auth_context, enc->subkey); if (retval) goto clean_scratch; retval = krb5_auth_con_setsendsubkey(context, auth_context, enc->subkey); if (retval) { (void) krb5_auth_con_setrecvsubkey(context, auth_context, NULL); goto clean_scratch; } /* Not used for anything yet. */ auth_context->negotiated_etype = enc->subkey->enctype; } /* Get remote sequence number. */ auth_context->remote_seq_number = enc->seq_number; TRACE_RD_REP(context, enc->ctime, enc->cusec, enc->subkey, enc->seq_number); *repl = enc; enc = NULL; clean_scratch: if (scratch.data) memset(scratch.data, 0, scratch.length); free(scratch.data); krb5_free_ap_rep(context, reply); krb5_free_ap_rep_enc_part(context, enc); return retval; }
void DecryptionManager::PacketHandler::parseSecondMessage(Packet* packet) { // Parse input token from thrift response. unique_ptr<IOBuf> msg = removeThriftHeader(packet); if (!msg) { return; } apache::thrift::sasl::SaslReply saslReply; apache::thrift::sasl::SaslAuthService_authFirstRequest_presult presult; presult.success = &saslReply; std::string methodName; try { methodName = PargsPresultProtoDeserialize( header_->getProtocolId(), presult, msg.get(), T_REPLY).first; } catch (const TProtocolException& e) { if (header_->getProtocolId() == protocol::T_BINARY_PROTOCOL && e.getType() == TProtocolException::BAD_VERSION) { methodName = PargsPresultProtoDeserialize( protocol::T_COMPACT_PROTOCOL, presult, msg.get(), T_REPLY).first; } else { onError("Cannot parse second thrift security negotiation message"); return; } } if (methodName != "authFirstRequest") { onError("Bad auth first reply"); return; } std::string authRep = saslReply.challenge; // Parse encrypted APP_REP from input token. This is mostly // copied from init_sec_context.c. gss_buffer_desc inputToken; inputToken.length = authRep.length(); inputToken.value = (void*)authRep.data(); krb5_data ap_rep; unsigned char *ptr; char *sptr; krb5_ap_rep *reply = nullptr; krb5_ap_rep_enc_part *enc = nullptr; krb5_error_code code; ptr = (unsigned char *) inputToken.value; code = gssint_g_verify_token_header(gss_mech_krb5, //always use krb5 &(ap_rep.length), &ptr, KG_TOK_CTX_AP_REP, inputToken.length, 1); if (code) { onError("Failed to verify ap_rep input token header"); return; } sptr = (char*)ptr; TREAD_STR(sptr, ap_rep.data, ap_rep.length); code = decode_krb5_ap_rep(&ap_rep, &reply); if (code) { onError("Cannot decode ap_rep"); return; } SCOPE_EXIT { krb5_free_ap_rep(ctx_->get(), reply); }; krb5_data scratch; scratch.length = reply->enc_part.ciphertext.length; scratch.data = (char*)malloc(scratch.length); if (!scratch.data) { throw std::runtime_error("Cannot allocate memory"); } SCOPE_EXIT { memset(scratch.data, 0, scratch.length); free(scratch.data); }; code = krb5_c_decrypt(ctx_->get(), sessionKey_, KRB5_KEYUSAGE_AP_REP_ENCPART, 0, &reply->enc_part, &scratch); if (code) { onError("Cannot decrypt ap_rep"); return; } code = decode_krb5_ap_rep_enc_part(&scratch, &enc); if (code) { onError("Cannot decode ap_rep's encrypted part"); return; } SCOPE_EXIT { krb5_free_ap_rep_enc_part(ctx_->get(), enc); }; // If subkey is present in ap_rep, it is used for encrypt/decrypt // application messages. if (enc->subkey) { krb5_copy_keyblock(ctx_->get(), enc->subkey, &subkey_); krb5_free_keyblock(ctx_->get(), sessionKey_); sessionKey_ = nullptr; } }