Line data Source code
1 : /*
2 : * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan
3 : * (Royal Institute of Technology, Stockholm, Sweden).
4 : * All rights reserved.
5 : *
6 : * Redistribution and use in source and binary forms, with or without
7 : * modification, are permitted provided that the following conditions
8 : * are met:
9 : *
10 : * 1. Redistributions of source code must retain the above copyright
11 : * notice, this list of conditions and the following disclaimer.
12 : *
13 : * 2. Redistributions in binary form must reproduce the above copyright
14 : * notice, this list of conditions and the following disclaimer in the
15 : * documentation and/or other materials provided with the distribution.
16 : *
17 : * 3. Neither the name of the Institute nor the names of its contributors
18 : * may be used to endorse or promote products derived from this software
19 : * without specific prior written permission.
20 : *
21 : * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 : * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 : * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 : * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 : * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 : * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 : * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 : * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 : * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 : * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 : * SUCH DAMAGE.
32 : */
33 :
34 : #include "gsskrb5_locl.h"
35 :
36 : static krb5_error_code
37 124 : hash_input_chan_bindings (const gss_channel_bindings_t b,
38 : u_char *p)
39 : {
40 0 : u_char num[4];
41 0 : EVP_MD_CTX *ctx;
42 :
43 124 : ctx = EVP_MD_CTX_create();
44 124 : EVP_DigestInit_ex(ctx, EVP_md5(), NULL);
45 :
46 124 : _gss_mg_encode_le_uint32 (b->initiator_addrtype, num);
47 124 : EVP_DigestUpdate(ctx, num, sizeof(num));
48 124 : _gss_mg_encode_le_uint32 (b->initiator_address.length, num);
49 124 : EVP_DigestUpdate(ctx, num, sizeof(num));
50 124 : if (b->initiator_address.length)
51 0 : EVP_DigestUpdate(ctx,
52 0 : b->initiator_address.value,
53 : b->initiator_address.length);
54 124 : _gss_mg_encode_le_uint32 (b->acceptor_addrtype, num);
55 124 : EVP_DigestUpdate(ctx, num, sizeof(num));
56 124 : _gss_mg_encode_le_uint32 (b->acceptor_address.length, num);
57 124 : EVP_DigestUpdate(ctx, num, sizeof(num));
58 124 : if (b->acceptor_address.length)
59 0 : EVP_DigestUpdate(ctx,
60 0 : b->acceptor_address.value,
61 : b->acceptor_address.length);
62 124 : _gss_mg_encode_le_uint32 (b->application_data.length, num);
63 124 : EVP_DigestUpdate(ctx, num, sizeof(num));
64 124 : if (b->application_data.length)
65 124 : EVP_DigestUpdate(ctx,
66 124 : b->application_data.value,
67 : b->application_data.length);
68 124 : EVP_DigestFinal_ex(ctx, p, NULL);
69 124 : EVP_MD_CTX_destroy(ctx);
70 :
71 124 : return 0;
72 : }
73 :
74 : /*
75 : * create a checksum over the chanel bindings in
76 : * `input_chan_bindings', `flags' and `fwd_data' and return it in
77 : * `result'
78 : */
79 :
80 : OM_uint32
81 24230 : _gsskrb5_create_8003_checksum (
82 : OM_uint32 *minor_status,
83 : const gss_channel_bindings_t input_chan_bindings,
84 : OM_uint32 flags,
85 : const krb5_data *fwd_data,
86 : Checksum *result)
87 : {
88 1042 : u_char *p;
89 :
90 : #define _GSS_C_NON_8003_WIRE_FLAGS \
91 : GSS_C_CHANNEL_BOUND_FLAG
92 :
93 24230 : flags &= ~_GSS_C_NON_8003_WIRE_FLAGS;
94 :
95 : /*
96 : * see rfc1964 (section 1.1.1 (Initial Token), and the checksum value
97 : * field's format) */
98 24230 : result->cksumtype = CKSUMTYPE_GSSAPI;
99 24230 : if (fwd_data->length > 0 && (flags & GSS_C_DELEG_FLAG))
100 23052 : result->checksum.length = 24 + 4 + fwd_data->length;
101 : else
102 1178 : result->checksum.length = 24;
103 24230 : result->checksum.data = malloc (result->checksum.length);
104 24230 : if (result->checksum.data == NULL) {
105 0 : *minor_status = ENOMEM;
106 0 : return GSS_S_FAILURE;
107 : }
108 :
109 24230 : p = result->checksum.data;
110 24230 : _gss_mg_encode_le_uint32 (16, p);
111 24230 : p += 4;
112 24230 : if (input_chan_bindings == GSS_C_NO_CHANNEL_BINDINGS) {
113 24171 : memset (p, 0, 16);
114 : } else {
115 59 : hash_input_chan_bindings (input_chan_bindings, p);
116 : }
117 24230 : p += 16;
118 24230 : _gss_mg_encode_le_uint32 (flags, p);
119 24230 : p += 4;
120 :
121 24230 : if (fwd_data->length > 0 && (flags & GSS_C_DELEG_FLAG)) {
122 :
123 23052 : *p++ = (1 >> 0) & 0xFF; /* DlgOpt */ /* == 1 */
124 23052 : *p++ = (1 >> 8) & 0xFF; /* DlgOpt */ /* == 0 */
125 23052 : *p++ = (fwd_data->length >> 0) & 0xFF; /* Dlgth */
126 23052 : *p++ = (fwd_data->length >> 8) & 0xFF; /* Dlgth */
127 23052 : memcpy(p, (unsigned char *) fwd_data->data, fwd_data->length);
128 :
129 : /* p += fwd_data->length; */ /* commented out to quiet warning */
130 : }
131 :
132 23188 : return GSS_S_COMPLETE;
133 : }
134 :
135 : static krb5_error_code
136 51773 : check_ap_options_cbt(void *ad_data, size_t ad_len,
137 : krb5_boolean *client_asserted_cb)
138 : {
139 888 : uint32_t ad_ap_options;
140 :
141 51773 : *client_asserted_cb = FALSE;
142 :
143 51773 : if (ad_len != sizeof(uint32_t))
144 0 : return KRB5KRB_AP_ERR_MSG_TYPE;
145 :
146 51773 : _gss_mg_decode_le_uint32(ad_data, &ad_ap_options);
147 :
148 51773 : if (ad_ap_options & KERB_AP_OPTIONS_CBT)
149 51773 : *client_asserted_cb = TRUE;
150 :
151 50885 : return 0;
152 : }
153 :
154 : static krb5_error_code
155 51820 : find_ap_options(krb5_context context,
156 : krb5_authenticator authenticator,
157 : krb5_boolean *client_asserted_cb)
158 : {
159 888 : krb5_error_code ret;
160 888 : krb5_authdata *ad;
161 888 : krb5_data data;
162 :
163 51820 : *client_asserted_cb = FALSE;
164 :
165 51820 : ad = authenticator->authorization_data;
166 51820 : if (ad == NULL)
167 15 : return 0;
168 :
169 51805 : ret = _krb5_get_ad(context, ad, NULL, KRB5_AUTHDATA_AP_OPTIONS, &data);
170 51805 : if (ret)
171 32 : return ret == ENOENT ? 0 : ret;
172 :
173 51773 : ret = check_ap_options_cbt(data.data, data.length, client_asserted_cb);
174 51773 : krb5_data_free(&data);
175 :
176 51773 : return ret;
177 : }
178 :
179 : /*
180 : * verify the checksum in `cksum' over `input_chan_bindings'
181 : * returning `flags' and `fwd_data'
182 : */
183 :
184 : OM_uint32
185 51820 : _gsskrb5_verify_8003_checksum(
186 : krb5_context context,
187 : OM_uint32 *minor_status,
188 : const gss_channel_bindings_t input_chan_bindings,
189 : krb5_authenticator authenticator,
190 : OM_uint32 *flags,
191 : krb5_data *fwd_data)
192 : {
193 888 : unsigned char hash[16];
194 888 : unsigned char *p;
195 888 : OM_uint32 length;
196 888 : int DlgOpt;
197 888 : static unsigned char zeros[16];
198 51820 : krb5_boolean channel_bound = FALSE;
199 51820 : const Checksum *cksum = authenticator->cksum;
200 888 : krb5_boolean client_asserted_cb;
201 888 : krb5_error_code ret;
202 :
203 : /* XXX should handle checksums > 24 bytes */
204 51820 : if(cksum->cksumtype != CKSUMTYPE_GSSAPI || cksum->checksum.length < 24) {
205 0 : *minor_status = 0;
206 0 : return GSS_S_BAD_BINDINGS;
207 : }
208 :
209 51820 : p = cksum->checksum.data;
210 51820 : _gss_mg_decode_le_uint32(p, &length);
211 51820 : if(length != sizeof(hash)) {
212 0 : *minor_status = 0;
213 0 : return GSS_S_BAD_BINDINGS;
214 : }
215 :
216 51820 : p += 4;
217 :
218 51820 : ret = find_ap_options(context, authenticator, &client_asserted_cb);
219 51820 : if (ret) {
220 0 : *minor_status = ret;
221 0 : return GSS_S_FAILURE;
222 : }
223 :
224 51820 : if (input_chan_bindings != GSS_C_NO_CHANNEL_BINDINGS
225 73 : && (ct_memcmp(p, zeros, sizeof(zeros)) != 0 || client_asserted_cb)) {
226 65 : if(hash_input_chan_bindings(input_chan_bindings, hash) != 0) {
227 0 : *minor_status = 0;
228 0 : return GSS_S_BAD_BINDINGS;
229 : }
230 65 : if(ct_memcmp(hash, p, sizeof(hash)) != 0) {
231 36 : *minor_status = 0;
232 36 : return GSS_S_BAD_BINDINGS;
233 : }
234 29 : channel_bound = TRUE;
235 : }
236 :
237 51784 : p += sizeof(hash);
238 :
239 51784 : _gss_mg_decode_le_uint32(p, flags);
240 51784 : p += 4;
241 :
242 51784 : if (cksum->checksum.length > 24 && (*flags & GSS_C_DELEG_FLAG)) {
243 48503 : if(cksum->checksum.length < 28) {
244 0 : *minor_status = 0;
245 0 : return GSS_S_BAD_BINDINGS;
246 : }
247 :
248 48503 : DlgOpt = (p[0] << 0) | (p[1] << 8);
249 48503 : p += 2;
250 48503 : if (DlgOpt != 1) {
251 0 : *minor_status = 0;
252 0 : return GSS_S_BAD_BINDINGS;
253 : }
254 :
255 48503 : fwd_data->length = (p[0] << 0) | (p[1] << 8);
256 48503 : p += 2;
257 48503 : if(cksum->checksum.length < 28 + fwd_data->length) {
258 0 : *minor_status = 0;
259 0 : return GSS_S_BAD_BINDINGS;
260 : }
261 48503 : fwd_data->data = malloc(fwd_data->length);
262 48503 : if (fwd_data->data == NULL) {
263 0 : *minor_status = ENOMEM;
264 0 : return GSS_S_FAILURE;
265 : }
266 48503 : memcpy(fwd_data->data, p, fwd_data->length);
267 : }
268 :
269 51784 : if (channel_bound) {
270 29 : *flags |= GSS_C_CHANNEL_BOUND_FLAG;
271 : } else {
272 51755 : *flags &= ~GSS_C_CHANNEL_BOUND_FLAG;
273 : }
274 :
275 50896 : return GSS_S_COMPLETE;
276 : }
|
