OM_uint32 GSSAPI_CALLCONV
_gsskrb5_export_sec_context (
OM_uint32 * minor_status,
gss_ctx_id_t * context_handle,
gss_buffer_t interprocess_token
)
{
krb5_context context;
const gsskrb5_ctx ctx = (const gsskrb5_ctx) *context_handle;
krb5_storage *sp;
krb5_auth_context ac;
OM_uint32 ret = GSS_S_COMPLETE;
krb5_data data;
gss_buffer_desc buffer;
int flags;
OM_uint32 minor;
krb5_error_code kret;
GSSAPI_KRB5_INIT (&context);
HEIMDAL_MUTEX_lock(&ctx->ctx_id_mutex);
if (!(ctx->flags & GSS_C_TRANS_FLAG)) {
HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex);
*minor_status = 0;
return GSS_S_UNAVAILABLE;
}
sp = krb5_storage_emem ();
if (sp == NULL) {
HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex);
*minor_status = ENOMEM;
return GSS_S_FAILURE;
}
ac = ctx->auth_context;
/* flagging included fields */
flags = 0;
if (ac->local_address)
flags |= SC_LOCAL_ADDRESS;
if (ac->remote_address)
flags |= SC_REMOTE_ADDRESS;
if (ac->keyblock)
flags |= SC_KEYBLOCK;
if (ac->local_subkey)
flags |= SC_LOCAL_SUBKEY;
if (ac->remote_subkey)
flags |= SC_REMOTE_SUBKEY;
kret = krb5_store_int32 (sp, flags);
if (kret) {
*minor_status = kret;
goto failure;
}
/* marshall auth context */
kret = krb5_store_int32 (sp, ac->flags);
if (kret) {
*minor_status = kret;
goto failure;
}
if (ac->local_address) {
kret = krb5_store_address (sp, *ac->local_address);
if (kret) {
*minor_status = kret;
goto failure;
}
}
if (ac->remote_address) {
kret = krb5_store_address (sp, *ac->remote_address);
if (kret) {
*minor_status = kret;
goto failure;
}
}
kret = krb5_store_int16 (sp, ac->local_port);
if (kret) {
*minor_status = kret;
goto failure;
}
kret = krb5_store_int16 (sp, ac->remote_port);
if (kret) {
*minor_status = kret;
goto failure;
}
if (ac->keyblock) {
kret = krb5_store_keyblock (sp, *ac->keyblock);
if (kret) {
*minor_status = kret;
goto failure;
}
}
if (ac->local_subkey) {
kret = krb5_store_keyblock (sp, *ac->local_subkey);
if (kret) {
*minor_status = kret;
goto failure;
}
}
if (ac->remote_subkey) {
kret = krb5_store_keyblock (sp, *ac->remote_subkey);
if (kret) {
*minor_status = kret;
goto failure;
}
}
kret = krb5_store_int32 (sp, ac->local_seqnumber);
if (kret) {
*minor_status = kret;
goto failure;
}
kret = krb5_store_int32 (sp, ac->remote_seqnumber);
if (kret) {
*minor_status = kret;
goto failure;
}
kret = krb5_store_int32 (sp, ac->keytype);
if (kret) {
*minor_status = kret;
goto failure;
}
kret = krb5_store_int32 (sp, ac->cksumtype);
if (kret) {
*minor_status = kret;
goto failure;
}
/* names */
ret = _gsskrb5_export_name (minor_status,
(gss_name_t)ctx->source, &buffer);
if (ret)
goto failure;
data.data = buffer.value;
data.length = buffer.length;
kret = krb5_store_data (sp, data);
_gsskrb5_release_buffer (&minor, &buffer);
if (kret) {
*minor_status = kret;
goto failure;
}
ret = _gsskrb5_export_name (minor_status,
(gss_name_t)ctx->target, &buffer);
if (ret)
goto failure;
data.data = buffer.value;
data.length = buffer.length;
ret = GSS_S_FAILURE;
kret = krb5_store_data (sp, data);
_gsskrb5_release_buffer (&minor, &buffer);
if (kret) {
*minor_status = kret;
goto failure;
}
kret = krb5_store_int32 (sp, ctx->flags);
if (kret) {
*minor_status = kret;
goto failure;
}
kret = krb5_store_int32 (sp, ctx->more_flags);
if (kret) {
*minor_status = kret;
goto failure;
}
kret = krb5_store_int32 (sp, ctx->lifetime);
if (kret) {
*minor_status = kret;
goto failure;
}
kret = _gssapi_msg_order_export(sp, ctx->order);
if (kret ) {
*minor_status = kret;
goto failure;
}
kret = krb5_storage_to_data (sp, &data);
krb5_storage_free (sp);
if (kret) {
HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex);
*minor_status = kret;
return GSS_S_FAILURE;
}
interprocess_token->length = data.length;
interprocess_token->value = data.data;
HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex);
ret = _gsskrb5_delete_sec_context (minor_status, context_handle,
GSS_C_NO_BUFFER);
if (ret != GSS_S_COMPLETE)
_gsskrb5_release_buffer (NULL, interprocess_token);
*minor_status = 0;
return ret;
failure:
HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex);
krb5_storage_free (sp);
return ret;
}
OM_uint32
_gssapi_wrap_arcfour(OM_uint32 * minor_status,
const gsskrb5_ctx context_handle,
krb5_context context,
int conf_req_flag,
gss_qop_t qop_req,
const gss_buffer_t input_message_buffer,
int * conf_state,
gss_buffer_t output_message_buffer,
krb5_keyblock *key)
{
u_char Klocaldata[16], k6_data[16], *p, *p0;
size_t len, total_len, datalen;
krb5_keyblock Klocal;
krb5_error_code ret;
int32_t seq_number;
if (conf_state)
*conf_state = 0;
datalen = input_message_buffer->length;
if (IS_DCE_STYLE(context_handle)) {
len = GSS_ARCFOUR_WRAP_TOKEN_SIZE;
_gssapi_encap_length(len, &len, &total_len, GSS_KRB5_MECHANISM);
total_len += datalen;
} else {
datalen += 1; /* padding */
len = datalen + GSS_ARCFOUR_WRAP_TOKEN_SIZE;
_gssapi_encap_length(len, &len, &total_len, GSS_KRB5_MECHANISM);
}
output_message_buffer->length = total_len;
output_message_buffer->value = malloc (total_len);
if (output_message_buffer->value == NULL) {
*minor_status = ENOMEM;
return GSS_S_FAILURE;
}
p0 = _gssapi_make_mech_header(output_message_buffer->value,
len,
GSS_KRB5_MECHANISM);
p = p0;
*p++ = 0x02; /* TOK_ID */
*p++ = 0x01;
*p++ = 0x11; /* SGN_ALG */
*p++ = 0x00;
if (conf_req_flag) {
*p++ = 0x10; /* SEAL_ALG */
*p++ = 0x00;
} else {
*p++ = 0xff; /* SEAL_ALG */
*p++ = 0xff;
}
*p++ = 0xff; /* Filler */
*p++ = 0xff;
p = NULL;
HEIMDAL_MUTEX_lock(&context_handle->ctx_id_mutex);
krb5_auth_con_getlocalseqnumber (context,
context_handle->auth_context,
&seq_number);
_gss_mg_encode_be_uint32(seq_number, p0 + 8);
krb5_auth_con_setlocalseqnumber (context,
context_handle->auth_context,
++seq_number);
HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex);
memset (p0 + 8 + 4,
(context_handle->more_flags & LOCAL) ? 0 : 0xff,
4);
krb5_generate_random_block(p0 + 24, 8); /* fill in Confounder */
/* p points to data */
p = p0 + GSS_ARCFOUR_WRAP_TOKEN_SIZE;
memcpy(p, input_message_buffer->value, input_message_buffer->length);
if (!IS_DCE_STYLE(context_handle))
p[input_message_buffer->length] = 1; /* padding */
ret = arcfour_mic_cksum(context,
key, KRB5_KU_USAGE_SEAL,
p0 + 16, 8, /* SGN_CKSUM */
p0, 8, /* TOK_ID, SGN_ALG, SEAL_ALG, Filler */
p0 + 24, 8, /* Confounder */
p0 + GSS_ARCFOUR_WRAP_TOKEN_SIZE,
datalen);
if (ret) {
*minor_status = ret;
_gsskrb5_release_buffer(minor_status, output_message_buffer);
return GSS_S_FAILURE;
}
{
int i;
Klocal.keytype = key->keytype;
Klocal.keyvalue.data = Klocaldata;
Klocal.keyvalue.length = sizeof(Klocaldata);
for (i = 0; i < 16; i++)
Klocaldata[i] = ((u_char *)key->keyvalue.data)[i] ^ 0xF0;
}
ret = arcfour_mic_key(context, &Klocal,
p0 + 8, 4, /* SND_SEQ */
k6_data, sizeof(k6_data));
memset(Klocaldata, 0, sizeof(Klocaldata));
if (ret) {
_gsskrb5_release_buffer(minor_status, output_message_buffer);
*minor_status = ret;
return GSS_S_FAILURE;
}
if(conf_req_flag) {
EVP_CIPHER_CTX rc4_key;
EVP_CIPHER_CTX_init(&rc4_key);
EVP_CipherInit_ex(&rc4_key, EVP_rc4(), NULL, k6_data, NULL, 1);
EVP_Cipher(&rc4_key, p0 + 24, p0 + 24, 8 + datalen);
EVP_CIPHER_CTX_cleanup(&rc4_key);
}
memset(k6_data, 0, sizeof(k6_data));
ret = arcfour_mic_key(context, key,
p0 + 16, 8, /* SGN_CKSUM */
k6_data, sizeof(k6_data));
if (ret) {
_gsskrb5_release_buffer(minor_status, output_message_buffer);
*minor_status = ret;
return GSS_S_FAILURE;
}
{
EVP_CIPHER_CTX rc4_key;
EVP_CIPHER_CTX_init(&rc4_key);
EVP_CipherInit_ex(&rc4_key, EVP_rc4(), NULL, k6_data, NULL, 1);
EVP_Cipher(&rc4_key, p0 + 8, p0 + 8 /* SND_SEQ */, 8);
EVP_CIPHER_CTX_cleanup(&rc4_key);
memset(k6_data, 0, sizeof(k6_data));
}
if (conf_state)
*conf_state = conf_req_flag;
*minor_status = 0;
return GSS_S_COMPLETE;
}
OM_uint32 _gssapi_unwrap_arcfour(OM_uint32 *minor_status,
const gsskrb5_ctx context_handle,
krb5_context context,
const gss_buffer_t input_message_buffer,
gss_buffer_t output_message_buffer,
int *conf_state,
gss_qop_t *qop_state,
krb5_keyblock *key)
{
u_char Klocaldata[16];
krb5_keyblock Klocal;
krb5_error_code ret;
uint32_t seq_number;
size_t datalen;
OM_uint32 omret;
u_char k6_data[16], SND_SEQ[8], Confounder[8];
u_char cksum_data[8];
u_char *p, *p0;
int cmp;
int conf_flag;
size_t padlen = 0, len;
if (conf_state)
*conf_state = 0;
if (qop_state)
*qop_state = 0;
p0 = input_message_buffer->value;
if (IS_DCE_STYLE(context_handle)) {
len = GSS_ARCFOUR_WRAP_TOKEN_SIZE +
GSS_ARCFOUR_WRAP_TOKEN_DCE_DER_HEADER_SIZE;
if (input_message_buffer->length < len)
return GSS_S_BAD_MECH;
} else {
len = input_message_buffer->length;
}
omret = _gssapi_verify_mech_header(&p0,
len,
GSS_KRB5_MECHANISM);
if (omret)
return omret;
/* length of mech header */
len = (p0 - (u_char *)input_message_buffer->value) +
GSS_ARCFOUR_WRAP_TOKEN_SIZE;
if (len > input_message_buffer->length)
return GSS_S_BAD_MECH;
/* length of data */
datalen = input_message_buffer->length - len;
p = p0;
if (memcmp(p, "\x02\x01", 2) != 0)
return GSS_S_BAD_SIG;
p += 2;
if (memcmp(p, "\x11\x00", 2) != 0) /* SGN_ALG = HMAC MD5 ARCFOUR */
return GSS_S_BAD_SIG;
p += 2;
if (memcmp (p, "\x10\x00", 2) == 0)
conf_flag = 1;
else if (memcmp (p, "\xff\xff", 2) == 0)
conf_flag = 0;
else
return GSS_S_BAD_SIG;
p += 2;
if (memcmp (p, "\xff\xff", 2) != 0)
return GSS_S_BAD_MIC;
p = NULL;
ret = arcfour_mic_key(context, key,
p0 + 16, 8, /* SGN_CKSUM */
k6_data, sizeof(k6_data));
if (ret) {
*minor_status = ret;
return GSS_S_FAILURE;
}
{
EVP_CIPHER_CTX rc4_key;
EVP_CIPHER_CTX_init(&rc4_key);
EVP_CipherInit_ex(&rc4_key, EVP_rc4(), NULL, k6_data, NULL, 1);
EVP_Cipher(&rc4_key, SND_SEQ, p0 + 8, 8);
EVP_CIPHER_CTX_cleanup(&rc4_key);
memset(k6_data, 0, sizeof(k6_data));
}
_gss_mg_decode_be_uint32(SND_SEQ, &seq_number);
if (context_handle->more_flags & LOCAL)
cmp = memcmp(&SND_SEQ[4], "\xff\xff\xff\xff", 4);
else
cmp = memcmp(&SND_SEQ[4], "\x00\x00\x00\x00", 4);
if (cmp != 0) {
*minor_status = 0;
return GSS_S_BAD_MIC;
}
{
int i;
Klocal.keytype = key->keytype;
Klocal.keyvalue.data = Klocaldata;
Klocal.keyvalue.length = sizeof(Klocaldata);
for (i = 0; i < 16; i++)
Klocaldata[i] = ((u_char *)key->keyvalue.data)[i] ^ 0xF0;
}
ret = arcfour_mic_key(context, &Klocal,
SND_SEQ, 4,
k6_data, sizeof(k6_data));
memset(Klocaldata, 0, sizeof(Klocaldata));
if (ret) {
*minor_status = ret;
return GSS_S_FAILURE;
}
output_message_buffer->value = malloc(datalen);
if (output_message_buffer->value == NULL) {
*minor_status = ENOMEM;
return GSS_S_FAILURE;
}
output_message_buffer->length = datalen;
if(conf_flag) {
EVP_CIPHER_CTX rc4_key;
EVP_CIPHER_CTX_init(&rc4_key);
EVP_CipherInit_ex(&rc4_key, EVP_rc4(), NULL, k6_data, NULL, 1);
EVP_Cipher(&rc4_key, Confounder, p0 + 24, 8);
EVP_Cipher(&rc4_key, output_message_buffer->value, p0 + GSS_ARCFOUR_WRAP_TOKEN_SIZE, datalen);
EVP_CIPHER_CTX_cleanup(&rc4_key);
} else {
memcpy(Confounder, p0 + 24, 8); /* Confounder */
memcpy(output_message_buffer->value,
p0 + GSS_ARCFOUR_WRAP_TOKEN_SIZE,
datalen);
}
memset(k6_data, 0, sizeof(k6_data));
if (!IS_DCE_STYLE(context_handle)) {
ret = _gssapi_verify_pad(output_message_buffer, datalen, &padlen);
if (ret) {
_gsskrb5_release_buffer(minor_status, output_message_buffer);
*minor_status = 0;
return ret;
}
output_message_buffer->length -= padlen;
}
ret = arcfour_mic_cksum(context,
key, KRB5_KU_USAGE_SEAL,
cksum_data, sizeof(cksum_data),
p0, 8,
Confounder, sizeof(Confounder),
output_message_buffer->value,
output_message_buffer->length + padlen);
if (ret) {
_gsskrb5_release_buffer(minor_status, output_message_buffer);
*minor_status = ret;
return GSS_S_FAILURE;
}
cmp = ct_memcmp(cksum_data, p0 + 16, 8); /* SGN_CKSUM */
if (cmp) {
_gsskrb5_release_buffer(minor_status, output_message_buffer);
*minor_status = 0;
return GSS_S_BAD_MIC;
}
HEIMDAL_MUTEX_lock(&context_handle->ctx_id_mutex);
omret = _gssapi_msg_order_check(context_handle->gk5c.order, seq_number);
HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex);
if (omret)
return omret;
if (conf_state)
*conf_state = conf_flag;
*minor_status = 0;
return GSS_S_COMPLETE;
}
OM_uint32
_gssapi_get_mic_arcfour(OM_uint32 * minor_status,
const gsskrb5_ctx context_handle,
krb5_context context,
gss_qop_t qop_req,
const gss_buffer_t message_buffer,
gss_buffer_t message_token,
krb5_keyblock *key)
{
krb5_error_code ret;
int32_t seq_number;
size_t len, total_len;
u_char k6_data[16], *p0, *p;
EVP_CIPHER_CTX rc4_key;
_gsskrb5_encap_length (22, &len, &total_len, GSS_KRB5_MECHANISM);
message_token->length = total_len;
message_token->value = malloc (total_len);
if (message_token->value == NULL) {
*minor_status = ENOMEM;
return GSS_S_FAILURE;
}
p0 = _gssapi_make_mech_header(message_token->value,
len,
GSS_KRB5_MECHANISM);
p = p0;
*p++ = 0x01; /* TOK_ID */
*p++ = 0x01;
*p++ = 0x11; /* SGN_ALG */
*p++ = 0x00;
*p++ = 0xff; /* Filler */
*p++ = 0xff;
*p++ = 0xff;
*p++ = 0xff;
p = NULL;
ret = arcfour_mic_cksum(context,
key, KRB5_KU_USAGE_SIGN,
p0 + 16, 8, /* SGN_CKSUM */
p0, 8, /* TOK_ID, SGN_ALG, Filer */
message_buffer->value, message_buffer->length,
NULL, 0);
if (ret) {
_gsskrb5_release_buffer(minor_status, message_token);
*minor_status = ret;
return GSS_S_FAILURE;
}
ret = arcfour_mic_key(context, key,
p0 + 16, 8, /* SGN_CKSUM */
k6_data, sizeof(k6_data));
if (ret) {
_gsskrb5_release_buffer(minor_status, message_token);
*minor_status = ret;
return GSS_S_FAILURE;
}
HEIMDAL_MUTEX_lock(&context_handle->ctx_id_mutex);
krb5_auth_con_getlocalseqnumber (context,
context_handle->auth_context,
&seq_number);
p = p0 + 8; /* SND_SEQ */
_gss_mg_encode_be_uint32(seq_number, p);
krb5_auth_con_setlocalseqnumber (context,
context_handle->auth_context,
++seq_number);
HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex);
memset (p + 4, (context_handle->more_flags & LOCAL) ? 0 : 0xff, 4);
EVP_CIPHER_CTX_init(&rc4_key);
EVP_CipherInit_ex(&rc4_key, EVP_rc4(), NULL, k6_data, NULL, 1);
EVP_Cipher(&rc4_key, p, p, 8);
EVP_CIPHER_CTX_cleanup(&rc4_key);
memset(k6_data, 0, sizeof(k6_data));
*minor_status = 0;
return GSS_S_COMPLETE;
}
