2 * Copyright (c) 1997 - 2002 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
17 * 3. Neither the name of the Institute nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
34 #include "gssapi_locl.h"
36 RCSID("$Id: wrap.c,v 1.20 2002/09/03 17:33:36 joda Exp $");
39 gss_krb5_get_localkey(const gss_ctx_id_t context_handle,
44 krb5_auth_con_getlocalsubkey(gssapi_krb5_context,
45 context_handle->auth_context,
48 krb5_auth_con_getremotesubkey(gssapi_krb5_context,
49 context_handle->auth_context,
52 krb5_auth_con_getkey(gssapi_krb5_context,
53 context_handle->auth_context,
63 OM_uint32 req_output_size,
64 OM_uint32 * max_input_size,
69 size_t len, total_len, padlength;
70 padlength = blocksize - (req_output_size % blocksize);
71 len = req_output_size + 8 + padlength + extrasize;
72 gssapi_krb5_encap_length(len, &len, &total_len);
73 *max_input_size = (OM_uint32)total_len;
74 return GSS_S_COMPLETE;
79 OM_uint32 * minor_status,
80 const gss_ctx_id_t context_handle,
83 OM_uint32 req_output_size,
84 OM_uint32 * max_input_size
91 ret = gss_krb5_get_localkey(context_handle, &key);
93 gssapi_krb5_set_error_string ();
97 krb5_enctype_to_keytype (gssapi_krb5_context, key->keytype, &keytype);
101 ret = sub_wrap_size(req_output_size, max_input_size, 8, 22);
104 ret = sub_wrap_size(req_output_size, max_input_size, 8, 34);
107 *minor_status = KRB5_PROG_ETYPE_NOSUPP;
111 krb5_free_keyblock (gssapi_krb5_context, key);
117 (OM_uint32 * minor_status,
118 const gss_ctx_id_t context_handle,
121 const gss_buffer_t input_message_buffer,
123 gss_buffer_t output_message_buffer,
130 des_key_schedule schedule;
135 size_t len, total_len, padlength, datalen;
137 padlength = 8 - (input_message_buffer->length % 8);
138 datalen = input_message_buffer->length + padlength + 8;
140 gssapi_krb5_encap_length (len, &len, &total_len);
142 output_message_buffer->length = total_len;
143 output_message_buffer->value = malloc (total_len);
144 if (output_message_buffer->value == NULL)
145 return GSS_S_FAILURE;
147 p = gssapi_krb5_make_header(output_message_buffer->value,
149 "\x02\x01"); /* TOK_ID */
152 memcpy (p, "\x00\x00", 2);
156 memcpy (p, "\x00\x00", 2);
158 memcpy (p, "\xff\xff", 2);
161 memcpy (p, "\xff\xff", 2);
168 /* confounder + data + pad */
169 krb5_generate_random_block(p, 8);
170 memcpy (p + 8, input_message_buffer->value,
171 input_message_buffer->length);
172 memset (p + 8 + input_message_buffer->length, padlength, padlength);
176 MD5_Update (&md5, p - 24, 8);
177 MD5_Update (&md5, p, datalen);
178 MD5_Final (hash, &md5);
180 memset (&zero, 0, sizeof(zero));
181 memcpy (&deskey, key->keyvalue.data, sizeof(deskey));
182 des_set_key (&deskey, schedule);
183 des_cbc_cksum ((void *)hash, (void *)hash, sizeof(hash),
185 memcpy (p - 8, hash, 8);
187 /* sequence number */
188 krb5_auth_con_getlocalseqnumber (gssapi_krb5_context,
189 context_handle->auth_context,
193 p[0] = (seq_number >> 0) & 0xFF;
194 p[1] = (seq_number >> 8) & 0xFF;
195 p[2] = (seq_number >> 16) & 0xFF;
196 p[3] = (seq_number >> 24) & 0xFF;
198 (context_handle->more_flags & LOCAL) ? 0 : 0xFF,
201 des_set_key (&deskey, schedule);
202 des_cbc_encrypt ((void *)p, (void *)p, 8,
203 schedule, (des_cblock *)(p + 8), DES_ENCRYPT);
205 krb5_auth_con_setlocalseqnumber (gssapi_krb5_context,
206 context_handle->auth_context,
209 /* encrypt the data */
213 memcpy (&deskey, key->keyvalue.data, sizeof(deskey));
215 for (i = 0; i < sizeof(deskey); ++i)
217 des_set_key (&deskey, schedule);
218 memset (&zero, 0, sizeof(zero));
219 des_cbc_encrypt ((void *)p,
226 memset (deskey, 0, sizeof(deskey));
227 memset (schedule, 0, sizeof(schedule));
229 if(conf_state != NULL)
230 *conf_state = conf_req_flag;
231 return GSS_S_COMPLETE;
236 (OM_uint32 * minor_status,
237 const gss_ctx_id_t context_handle,
240 const gss_buffer_t input_message_buffer,
242 gss_buffer_t output_message_buffer,
249 size_t len, total_len, padlength, datalen;
255 padlength = 8 - (input_message_buffer->length % 8);
256 datalen = input_message_buffer->length + padlength + 8;
258 gssapi_krb5_encap_length (len, &len, &total_len);
260 output_message_buffer->length = total_len;
261 output_message_buffer->value = malloc (total_len);
262 if (output_message_buffer->value == NULL)
263 return GSS_S_FAILURE;
265 p = gssapi_krb5_make_header(output_message_buffer->value,
267 "\x02\x01"); /* TOK_ID */
270 memcpy (p, "\x04\x00", 2); /* HMAC SHA1 DES3-KD */
274 memcpy (p, "\x02\x00", 2); /* DES3-KD */
276 memcpy (p, "\xff\xff", 2);
279 memcpy (p, "\xff\xff", 2);
282 /* calculate checksum (the above + confounder + data + pad) */
284 memcpy (p + 20, p - 8, 8);
285 krb5_generate_random_block(p + 28, 8);
286 memcpy (p + 28 + 8, input_message_buffer->value,
287 input_message_buffer->length);
288 memset (p + 28 + 8 + input_message_buffer->length, padlength, padlength);
290 ret = krb5_crypto_init(gssapi_krb5_context, key, 0, &crypto);
292 gssapi_krb5_set_error_string ();
293 free (output_message_buffer->value);
295 return GSS_S_FAILURE;
298 ret = krb5_create_checksum (gssapi_krb5_context,
305 krb5_crypto_destroy (gssapi_krb5_context, crypto);
307 gssapi_krb5_set_error_string ();
308 free (output_message_buffer->value);
310 return GSS_S_FAILURE;
313 /* zero out SND_SEQ + SGN_CKSUM in case */
316 memcpy (p + 8, cksum.checksum.data, cksum.checksum.length);
317 free_Checksum (&cksum);
319 /* sequence number */
320 krb5_auth_con_getlocalseqnumber (gssapi_krb5_context,
321 context_handle->auth_context,
324 seq[0] = (seq_number >> 0) & 0xFF;
325 seq[1] = (seq_number >> 8) & 0xFF;
326 seq[2] = (seq_number >> 16) & 0xFF;
327 seq[3] = (seq_number >> 24) & 0xFF;
329 (context_handle->more_flags & LOCAL) ? 0 : 0xFF,
333 ret = krb5_crypto_init(gssapi_krb5_context, key, ETYPE_DES3_CBC_NONE,
336 free (output_message_buffer->value);
338 return GSS_S_FAILURE;
344 memcpy (&ivec, p + 8, 8);
345 ret = krb5_encrypt_ivec (gssapi_krb5_context,
351 krb5_crypto_destroy (gssapi_krb5_context, crypto);
353 gssapi_krb5_set_error_string ();
354 free (output_message_buffer->value);
356 return GSS_S_FAILURE;
359 assert (encdata.length == 8);
361 memcpy (p, encdata.data, encdata.length);
362 krb5_data_free (&encdata);
364 krb5_auth_con_setlocalseqnumber (gssapi_krb5_context,
365 context_handle->auth_context,
368 /* encrypt the data */
374 ret = krb5_crypto_init(gssapi_krb5_context, key,
375 ETYPE_DES3_CBC_NONE, &crypto);
377 gssapi_krb5_set_error_string ();
378 free (output_message_buffer->value);
380 return GSS_S_FAILURE;
382 ret = krb5_encrypt(gssapi_krb5_context, crypto, KRB5_KU_USAGE_SEAL,
384 krb5_crypto_destroy(gssapi_krb5_context, crypto);
386 gssapi_krb5_set_error_string ();
387 free (output_message_buffer->value);
389 return GSS_S_FAILURE;
391 assert (tmp.length == datalen);
393 memcpy (p, tmp.data, datalen);
394 krb5_data_free(&tmp);
396 if(conf_state != NULL)
397 *conf_state = conf_req_flag;
398 return GSS_S_COMPLETE;
402 (OM_uint32 * minor_status,
403 const gss_ctx_id_t context_handle,
406 const gss_buffer_t input_message_buffer,
408 gss_buffer_t output_message_buffer
413 krb5_keytype keytype;
415 ret = gss_krb5_get_localkey(context_handle, &key);
417 gssapi_krb5_set_error_string ();
419 return GSS_S_FAILURE;
421 krb5_enctype_to_keytype (gssapi_krb5_context, key->keytype, &keytype);
425 ret = wrap_des (minor_status, context_handle, conf_req_flag,
426 qop_req, input_message_buffer, conf_state,
427 output_message_buffer, key);
430 ret = wrap_des3 (minor_status, context_handle, conf_req_flag,
431 qop_req, input_message_buffer, conf_state,
432 output_message_buffer, key);
435 *minor_status = KRB5_PROG_ETYPE_NOSUPP;
439 krb5_free_keyblock (gssapi_krb5_context, key);