2 * Copyright (c) 2011, JANET(UK)
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
16 * 3. Neither the name of JANET(UK) nor the names of its contributors
17 * may be used to endorse or promote products derived from this software
18 * without specific prior written permission.
20 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
21 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
33 * Portions Copyright 1993 by OpenVision Technologies, Inc.
35 * Permission to use, copy, modify, distribute, and sell this software
36 * and its documentation for any purpose is hereby granted without fee,
37 * provided that the above copyright notice appears in all copies and
38 * that both that copyright notice and this permission notice appear in
39 * supporting documentation, and that the name of OpenVision not be used
40 * in advertising or publicity pertaining to distribution of the software
41 * without specific, written prior permission. OpenVision makes no
42 * representations about the suitability of this software for any
43 * purpose. It is provided "as is" without express or implied warranty.
45 * OPENVISION DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE,
46 * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO
47 * EVENT SHALL OPENVISION BE LIABLE FOR ANY SPECIAL, INDIRECT OR
48 * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF
49 * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR
50 * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
51 * PERFORMANCE OF THIS SOFTWARE.
55 * Utility routines for GSS tokens.
58 #include "gssapiP_eap.h"
61 gssEapDecodeInnerTokens(OM_uint32 *minor,
62 const gss_buffer_t buffer,
63 gss_buffer_set_t *pExtensions,
66 OM_uint32 major, tmpMinor;
67 gss_buffer_set_t extensions = GSS_C_NO_BUFFER_SET;
68 OM_uint32 *types = NULL;
72 *pExtensions = GSS_C_NO_BUFFER_SET;
75 major = gss_create_empty_buffer_set(minor, &extensions);
79 if (buffer->length == 0) {
80 major = GSS_S_COMPLETE;
84 p = (unsigned char *)buffer->value;
85 remain = buffer->length;
89 gss_buffer_desc extension;
92 major = GSS_S_DEFECTIVE_TOKEN;
93 *minor = GSSEAP_TOK_TRUNC;
97 ntypes = GSSEAP_REALLOC(types,
98 (extensions->count + 1) * sizeof(OM_uint32));
100 major = GSS_S_FAILURE;
106 types[extensions->count] = load_uint32_be(&p[0]);
107 extension.length = load_uint32_be(&p[4]);
109 if (remain < ITOK_HEADER_LENGTH + extension.length) {
110 major = GSS_S_DEFECTIVE_TOKEN;
111 *minor = GSSEAP_TOK_TRUNC;
114 extension.value = &p[8];
116 major = gss_add_buffer_set_member(minor, &extension, &extensions);
117 if (GSS_ERROR(major))
120 p += ITOK_HEADER_LENGTH + extension.length;
121 remain -= ITOK_HEADER_LENGTH + extension.length;
122 } while (remain != 0);
125 if (GSS_ERROR(major)) {
126 gss_release_buffer_set(&tmpMinor, &extensions);
130 *pExtensions = extensions;
138 * Add some data to the initiator/acceptor conversation.
141 recordTokens(OM_uint32 *minor,
147 size_t i, size, offset;
149 size = ctx->conversation.length;
151 for (i = 0; i < tokensCount; i++)
152 size += tokens[i].length;
154 buf = GSSEAP_REALLOC(ctx->conversation.value, size);
157 return GSS_S_FAILURE;
160 offset = ctx->conversation.length;
162 ctx->conversation.length = size;
163 ctx->conversation.value = buf;
165 for (i = 0; i < tokensCount; i++) {
166 memcpy(buf + offset, tokens[i].value, tokens[i].length);
167 offset += tokens[i].length;
171 return GSS_S_COMPLETE;
175 * Record the context token header.
178 gssEapRecordContextTokenHeader(OM_uint32 *minor,
180 enum gss_eap_token_type tokType)
182 unsigned char wireOidHeader[2], wireTokType[2];
183 gss_buffer_desc buffers[3];
185 assert(ctx->mechanismUsed != GSS_C_NO_OID);
187 wireOidHeader[0] = 0x06;
188 wireOidHeader[1] = ctx->mechanismUsed->length;
189 buffers[0].length = sizeof(wireOidHeader);
190 buffers[0].value = wireOidHeader;
192 buffers[1].length = ctx->mechanismUsed->length;
193 buffers[1].value = ctx->mechanismUsed->elements;
195 store_uint16_be(tokType, wireTokType);
196 buffers[2].length = sizeof(wireTokType);
197 buffers[2].value = wireTokType;
199 return recordTokens(minor, ctx, buffers, sizeof(buffers)/sizeof(buffers[0]));
203 * Record an inner context token.
206 gssEapRecordInnerContextToken(OM_uint32 *minor,
208 gss_buffer_t innerToken,
211 gss_buffer_desc buffers[2];
212 unsigned char itokHeader[ITOK_HEADER_LENGTH];
214 assert(innerToken != GSS_C_NO_BUFFER);
216 store_uint32_be(itokType, &itokHeader[0]);
217 store_uint32_be(innerToken->length, &itokHeader[4]);
218 buffers[0].length = sizeof(itokHeader);
219 buffers[0].value = itokHeader;
221 buffers[1] = *innerToken;
223 return recordTokens(minor, ctx, buffers, sizeof(buffers)/sizeof(buffers[0]));
227 gssEapVerifyContextToken(OM_uint32 *minor,
229 const gss_buffer_t inputToken,
230 enum gss_eap_token_type tokType,
231 gss_buffer_t innerInputToken)
235 unsigned char *p = (unsigned char *)inputToken->value;
238 enum gss_eap_token_type actualTokType;
239 gss_buffer_desc tokenBuf;
241 if (ctx->mechanismUsed != GSS_C_NO_OID) {
242 oid = ctx->mechanismUsed;
244 oidBuf.elements = NULL;
249 major = verifyTokenHeader(minor, oid, &bodySize, &p,
250 inputToken->length, &actualTokType);
251 if (GSS_ERROR(major))
254 if (actualTokType != tokType) {
255 *minor = GSSEAP_WRONG_TOK_ID;
256 return GSS_S_DEFECTIVE_TOKEN;
259 if (ctx->mechanismUsed == GSS_C_NO_OID) {
260 if (!gssEapIsConcreteMechanismOid(oid)) {
261 *minor = GSSEAP_WRONG_MECH;
262 return GSS_S_BAD_MECH;
265 if (!gssEapInternalizeOid(oid, &ctx->mechanismUsed)) {
266 major = duplicateOid(minor, oid, &ctx->mechanismUsed);
267 if (GSS_ERROR(major))
272 innerInputToken->length = bodySize;
273 innerInputToken->value = p;
276 * Add OID, tokenType, body to conversation; variable length
277 * header omitted. A better API to verifyTokenHeader would
278 * avoid this ugly pointer arithmetic. XXX FIXME
280 tokenBuf.value = p - (2 + oid->length + 2);
281 tokenBuf.length = 2 + oid->length + 2 + bodySize;
283 major = recordTokens(minor, ctx, &tokenBuf, 1);
284 if (GSS_ERROR(major))
288 return GSS_S_COMPLETE;
292 gssEapEncodeSupportedExts(OM_uint32 *minor,
295 gss_buffer_t outputToken)
300 outputToken->value = GSSEAP_MALLOC(4 * typesCount);
301 if (outputToken->value == NULL) {
303 return GSS_S_FAILURE;
305 p = (unsigned char *)outputToken->value;
307 outputToken->length = 4 * typesCount;
309 for (i = 0; i < typesCount; i++) {
310 store_uint32_be(types[i], p);
315 return GSS_S_COMPLETE;
319 gssEapProcessSupportedExts(OM_uint32 *minor,
320 gss_buffer_t inputToken,
321 struct gss_eap_itok_map *map,
328 if ((inputToken->length % 4) != 0) {
329 *minor = GSSEAP_TOK_TRUNC;
330 return GSS_S_DEFECTIVE_TOKEN;
333 p = (unsigned char *)inputToken->value;
335 for (i = 0; i < inputToken->length / 4; i++) {
336 OM_uint32 type = load_uint32_be(p);
339 for (j = 0; j < mapCount; j++) {
340 if (map->type == type) {
350 return GSS_S_COMPLETE;
354 * $Id: util_token.c 23457 2009-12-08 00:04:48Z tlyu $
357 /* XXXX this code currently makes the assumption that a mech oid will
358 never be longer than 127 bytes. This assumption is not inherent in
359 the interfaces, so the code can be fixed if the OSI namespace
360 balloons unexpectedly. */
363 * Each token looks like this:
364 * 0x60 tag for APPLICATION 0, SEQUENCE
365 * (constructed, definite-length)
366 * <length> possible multiple bytes, need to parse/generate
367 * 0x06 tag for OBJECT IDENTIFIER
368 * <moid_length> compile-time constant string (assume 1 byte)
369 * <moid_bytes> compile-time constant string
370 * <inner_bytes> the ANY containing the application token
371 * bytes 0,1 are the token type
372 * bytes 2,n are the token data
374 * Note that the token type field is a feature of RFC 1964 mechanisms and
375 * is not used by other GSSAPI mechanisms. As such, a token type of -1
376 * is interpreted to mean that no token type should be expected or
379 * For the purposes of this abstraction, the token "header" consists of
380 * the sequence tag and length octets, the mech OID DER encoding, and the
381 * first two inner bytes, which indicate the token type. The token
382 * "body" consists of everything else.
386 der_length_size(size_t length)
390 else if (length < (1<<8))
392 #if INT_MAX == 0x7fff
396 else if (length < (1<<16))
398 else if (length < (1<<24))
406 der_write_length(unsigned char **buf, size_t length)
408 if (length < (1<<7)) {
409 *(*buf)++ = (unsigned char)length;
411 *(*buf)++ = (unsigned char)(der_length_size(length)+127);
413 if (length >= (1<<24))
414 *(*buf)++ = (unsigned char)(length>>24);
415 if (length >= (1<<16))
416 *(*buf)++ = (unsigned char)((length>>16)&0xff);
418 if (length >= (1<<8))
419 *(*buf)++ = (unsigned char)((length>>8)&0xff);
420 *(*buf)++ = (unsigned char)(length&0xff);
424 /* returns decoded length, or < 0 on failure. Advances buf and
425 decrements bufsize */
428 der_read_length(unsigned char **buf, ssize_t *bufsize)
439 if ((sf &= 0x7f) > ((*bufsize)-1))
441 if (sf > sizeof(int))
445 ret = (ret<<8) + (*(*buf)++);
455 /* returns the length of a token, given the mech oid and the body size */
458 tokenSize(size_t body_size)
460 return 1 + der_length_size(body_size) + body_size;
463 /* fills in a buffer with the token header. The buffer is assumed to
464 be the right size. buf is advanced past the token header */
472 der_write_length(buf, body_size);
476 * Given a buffer containing a token, reads and verifies the token,
477 * leaving buf advanced past the token header, and setting body_size
478 * to the number of remaining bytes. Returns 0 on success,
479 * G_BAD_TOK_HEADER for a variety of errors, and G_WRONG_MECH if the
480 * mechanism in the token does not match the mech argument. buf and
481 * *body_size are left unmodified on error.
485 verifyTokenHeader(OM_uint32 *minor,
488 unsigned char **buf_in,
490 enum gss_eap_token_type *ret_tok_type)
492 unsigned char *buf = *buf_in;
495 ssize_t toksize = (ssize_t)toksize_in;
497 *minor = GSSEAP_BAD_TOK_HEADER;
499 if (ret_tok_type != NULL)
500 *ret_tok_type = TOK_TYPE_NONE;
502 if ((toksize -= 1) < 0)
503 return GSS_S_DEFECTIVE_TOKEN;
506 return GSS_S_DEFECTIVE_TOKEN;
508 seqsize = der_read_length(&buf, &toksize);
510 return GSS_S_DEFECTIVE_TOKEN;
512 if (seqsize != toksize)
513 return GSS_S_DEFECTIVE_TOKEN;
515 if ((toksize -= 1) < 0)
516 return GSS_S_DEFECTIVE_TOKEN;
519 return GSS_S_DEFECTIVE_TOKEN;
521 if ((toksize -= 1) < 0)
522 return GSS_S_DEFECTIVE_TOKEN;
524 toid.length = *buf++;
526 if ((toksize -= toid.length) < 0)
527 return GSS_S_DEFECTIVE_TOKEN;
532 if (mech->elements == NULL) {
534 if (toid.length == 0)
535 return GSS_S_BAD_MECH;
536 } else if (!oidEqual(&toid, mech)) {
537 *minor = GSSEAP_WRONG_MECH;
538 return GSS_S_BAD_MECH;
541 if (ret_tok_type != NULL) {
542 if ((toksize -= 2) < 0)
543 return GSS_S_DEFECTIVE_TOKEN;
545 *ret_tok_type = load_uint16_be(buf);
550 *body_size = toksize;
553 return GSS_S_COMPLETE;