2 * Copyright (c) 2011, JANET(UK)
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
16 * 3. Neither the name of JANET(UK) nor the names of its contributors
17 * may be used to endorse or promote products derived from this software
18 * without specific prior written permission.
20 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
21 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
33 * Portions Copyright 1993 by OpenVision Technologies, Inc.
35 * Permission to use, copy, modify, distribute, and sell this software
36 * and its documentation for any purpose is hereby granted without fee,
37 * provided that the above copyright notice appears in all copies and
38 * that both that copyright notice and this permission notice appear in
39 * supporting documentation, and that the name of OpenVision not be used
40 * in advertising or publicity pertaining to distribution of the software
41 * without specific, written prior permission. OpenVision makes no
42 * representations about the suitability of this software for any
43 * purpose. It is provided "as is" without express or implied warranty.
45 * OPENVISION DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE,
46 * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO
47 * EVENT SHALL OPENVISION BE LIABLE FOR ANY SPECIAL, INDIRECT OR
48 * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF
49 * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR
50 * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
51 * PERFORMANCE OF THIS SOFTWARE.
55 * Utility routines for GSS tokens.
58 #include "gssapiP_eap.h"
61 gssEapDecodeInnerTokens(OM_uint32 *minor,
62 const gss_buffer_t buffer,
63 gss_buffer_set_t *pExtensions,
66 OM_uint32 major, tmpMinor;
67 gss_buffer_set_t extensions = GSS_C_NO_BUFFER_SET;
68 OM_uint32 *types = NULL;
72 *pExtensions = GSS_C_NO_BUFFER_SET;
75 major = gss_create_empty_buffer_set(minor, &extensions);
79 if (buffer->length == 0) {
80 major = GSS_S_COMPLETE;
84 p = (unsigned char *)buffer->value;
85 remain = buffer->length;
89 gss_buffer_desc extension;
92 major = GSS_S_DEFECTIVE_TOKEN;
93 *minor = GSSEAP_TOK_TRUNC;
97 ntypes = GSSEAP_REALLOC(types,
98 (extensions->count + 1) * sizeof(OM_uint32));
100 major = GSS_S_FAILURE;
106 types[extensions->count] = load_uint32_be(&p[0]);
107 extension.length = load_uint32_be(&p[4]);
109 if (remain < ITOK_HEADER_LENGTH + extension.length) {
110 major = GSS_S_DEFECTIVE_TOKEN;
111 *minor = GSSEAP_TOK_TRUNC;
114 extension.value = &p[8];
116 major = gss_add_buffer_set_member(minor, &extension, &extensions);
117 if (GSS_ERROR(major))
120 p += ITOK_HEADER_LENGTH + extension.length;
121 remain -= ITOK_HEADER_LENGTH + extension.length;
122 } while (remain != 0);
125 if (GSS_ERROR(major)) {
126 gss_release_buffer_set(&tmpMinor, &extensions);
130 *pExtensions = extensions;
138 * Add some data to the initiator/acceptor conversation.
141 recordTokens(OM_uint32 *minor,
147 size_t i, size, offset;
149 size = ctx->conversation.length;
151 for (i = 0; i < tokensCount; i++)
152 size += tokens[i].length;
154 buf = GSSEAP_REALLOC(ctx->conversation.value, size);
157 return GSS_S_FAILURE;
160 offset = ctx->conversation.length;
162 ctx->conversation.length = size;
163 ctx->conversation.value = buf;
165 for (i = 0; i < tokensCount; i++) {
166 memcpy(buf + offset, tokens[i].value, tokens[i].length);
167 offset += tokens[i].length;
171 return GSS_S_COMPLETE;
175 * Record the context token header.
178 gssEapRecordContextTokenHeader(OM_uint32 *minor,
180 enum gss_eap_token_type tokType)
182 unsigned char wireOidHeader[2], wireTokType[2];
183 gss_buffer_desc buffers[3];
185 assert(ctx->mechanismUsed != GSS_C_NO_OID);
187 wireOidHeader[0] = 0x06;
188 wireOidHeader[1] = ctx->mechanismUsed->length;
189 buffers[0].length = sizeof(wireOidHeader);
190 buffers[0].value = wireOidHeader;
192 buffers[1].length = ctx->mechanismUsed->length;
193 buffers[1].value = ctx->mechanismUsed->elements;
195 store_uint16_be(tokType, wireTokType);
196 buffers[2].length = sizeof(wireTokType);
197 buffers[2].value = wireTokType;
199 return recordTokens(minor, ctx, buffers, sizeof(buffers)/sizeof(buffers[0]));
203 * Record an inner context token.
206 gssEapRecordInnerContextToken(OM_uint32 *minor,
208 gss_buffer_t innerToken,
211 gss_buffer_desc buffers[2];
212 unsigned char itokHeader[ITOK_HEADER_LENGTH];
214 assert(innerToken != GSS_C_NO_BUFFER);
216 store_uint32_be(itokType, &itokHeader[0]);
217 store_uint32_be(innerToken->length, &itokHeader[4]);
218 buffers[0].length = sizeof(itokHeader);
219 buffers[0].value = itokHeader;
221 buffers[1] = *innerToken;
223 return recordTokens(minor, ctx, buffers, sizeof(buffers)/sizeof(buffers[0]));
227 gssEapVerifyContextToken(OM_uint32 *minor,
229 const gss_buffer_t inputToken,
230 enum gss_eap_token_type tokType,
231 gss_buffer_t innerInputToken)
235 unsigned char *p = (unsigned char *)inputToken->value;
238 enum gss_eap_token_type actualTokType;
239 gss_buffer_desc tokenBuf;
241 if (ctx->mechanismUsed != GSS_C_NO_OID) {
242 oid = ctx->mechanismUsed;
244 oidBuf.elements = NULL;
249 major = verifyTokenHeader(minor, oid, &bodySize, &p,
250 inputToken->length, &actualTokType);
251 if (GSS_ERROR(major))
254 if (actualTokType != tokType) {
255 *minor = GSSEAP_WRONG_TOK_ID;
256 return GSS_S_DEFECTIVE_TOKEN;
259 if (ctx->mechanismUsed == GSS_C_NO_OID) {
260 major = gssEapCanonicalizeOid(minor, oid, 0, &ctx->mechanismUsed);
261 if (GSS_ERROR(major))
265 innerInputToken->length = bodySize;
266 innerInputToken->value = p;
269 * Add OID, tokenType, body to conversation; variable length
270 * header omitted. A better API to verifyTokenHeader would
271 * avoid this ugly pointer arithmetic. XXX FIXME
273 tokenBuf.value = p - (2 + oid->length + 2);
274 tokenBuf.length = 2 + oid->length + 2 + bodySize;
276 major = recordTokens(minor, ctx, &tokenBuf, 1);
277 if (GSS_ERROR(major))
281 return GSS_S_COMPLETE;
285 gssEapEncodeSupportedExts(OM_uint32 *minor,
288 gss_buffer_t outputToken)
293 outputToken->value = GSSEAP_MALLOC(4 * typesCount);
294 if (outputToken->value == NULL) {
296 return GSS_S_FAILURE;
298 p = (unsigned char *)outputToken->value;
300 outputToken->length = 4 * typesCount;
302 for (i = 0; i < typesCount; i++) {
303 store_uint32_be(types[i], p);
308 return GSS_S_COMPLETE;
312 gssEapProcessSupportedExts(OM_uint32 *minor,
313 gss_buffer_t inputToken,
314 struct gss_eap_itok_map *map,
321 if ((inputToken->length % 4) != 0) {
322 *minor = GSSEAP_TOK_TRUNC;
323 return GSS_S_DEFECTIVE_TOKEN;
326 p = (unsigned char *)inputToken->value;
328 for (i = 0; i < inputToken->length / 4; i++) {
329 OM_uint32 type = load_uint32_be(p);
332 for (j = 0; j < mapCount; j++) {
333 if (map->type == type) {
343 return GSS_S_COMPLETE;
347 * $Id: util_token.c 23457 2009-12-08 00:04:48Z tlyu $
350 /* XXXX this code currently makes the assumption that a mech oid will
351 never be longer than 127 bytes. This assumption is not inherent in
352 the interfaces, so the code can be fixed if the OSI namespace
353 balloons unexpectedly. */
356 * Each token looks like this:
357 * 0x60 tag for APPLICATION 0, SEQUENCE
358 * (constructed, definite-length)
359 * <length> possible multiple bytes, need to parse/generate
360 * 0x06 tag for OBJECT IDENTIFIER
361 * <moid_length> compile-time constant string (assume 1 byte)
362 * <moid_bytes> compile-time constant string
363 * <inner_bytes> the ANY containing the application token
364 * bytes 0,1 are the token type
365 * bytes 2,n are the token data
367 * Note that the token type field is a feature of RFC 1964 mechanisms and
368 * is not used by other GSSAPI mechanisms. As such, a token type of -1
369 * is interpreted to mean that no token type should be expected or
372 * For the purposes of this abstraction, the token "header" consists of
373 * the sequence tag and length octets, the mech OID DER encoding, and the
374 * first two inner bytes, which indicate the token type. The token
375 * "body" consists of everything else.
379 der_length_size(size_t length)
383 else if (length < (1<<8))
385 #if INT_MAX == 0x7fff
389 else if (length < (1<<16))
391 else if (length < (1<<24))
399 der_write_length(unsigned char **buf, size_t length)
401 if (length < (1<<7)) {
402 *(*buf)++ = (unsigned char)length;
404 *(*buf)++ = (unsigned char)(der_length_size(length)+127);
406 if (length >= (1<<24))
407 *(*buf)++ = (unsigned char)(length>>24);
408 if (length >= (1<<16))
409 *(*buf)++ = (unsigned char)((length>>16)&0xff);
411 if (length >= (1<<8))
412 *(*buf)++ = (unsigned char)((length>>8)&0xff);
413 *(*buf)++ = (unsigned char)(length&0xff);
417 /* returns decoded length, or < 0 on failure. Advances buf and
418 decrements bufsize */
421 der_read_length(unsigned char **buf, ssize_t *bufsize)
432 if ((sf &= 0x7f) > ((*bufsize)-1))
434 if (sf > sizeof(int))
438 ret = (ret<<8) + (*(*buf)++);
448 /* returns the length of a token, given the mech oid and the body size */
451 tokenSize(size_t body_size)
453 return 1 + der_length_size(body_size) + body_size;
456 /* fills in a buffer with the token header. The buffer is assumed to
457 be the right size. buf is advanced past the token header */
465 der_write_length(buf, body_size);
469 * Given a buffer containing a token, reads and verifies the token,
470 * leaving buf advanced past the token header, and setting body_size
471 * to the number of remaining bytes. Returns 0 on success,
472 * G_BAD_TOK_HEADER for a variety of errors, and G_WRONG_MECH if the
473 * mechanism in the token does not match the mech argument. buf and
474 * *body_size are left unmodified on error.
478 verifyTokenHeader(OM_uint32 *minor,
481 unsigned char **buf_in,
483 enum gss_eap_token_type *ret_tok_type)
485 unsigned char *buf = *buf_in;
488 ssize_t toksize = (ssize_t)toksize_in;
490 *minor = GSSEAP_BAD_TOK_HEADER;
492 if (ret_tok_type != NULL)
493 *ret_tok_type = TOK_TYPE_NONE;
495 if ((toksize -= 1) < 0)
496 return GSS_S_DEFECTIVE_TOKEN;
499 return GSS_S_DEFECTIVE_TOKEN;
501 seqsize = der_read_length(&buf, &toksize);
503 return GSS_S_DEFECTIVE_TOKEN;
505 if (seqsize != toksize)
506 return GSS_S_DEFECTIVE_TOKEN;
508 if ((toksize -= 1) < 0)
509 return GSS_S_DEFECTIVE_TOKEN;
512 return GSS_S_DEFECTIVE_TOKEN;
514 if ((toksize -= 1) < 0)
515 return GSS_S_DEFECTIVE_TOKEN;
517 toid.length = *buf++;
519 if ((toksize -= toid.length) < 0)
520 return GSS_S_DEFECTIVE_TOKEN;
525 if (mech->elements == NULL) {
527 if (toid.length == 0)
528 return GSS_S_BAD_MECH;
529 } else if (!oidEqual(&toid, mech)) {
530 *minor = GSSEAP_WRONG_MECH;
531 return GSS_S_BAD_MECH;
534 if (ret_tok_type != NULL) {
535 if ((toksize -= 2) < 0)
536 return GSS_S_DEFECTIVE_TOKEN;
538 *ret_tok_type = load_uint16_be(buf);
543 *body_size = toksize;
546 return GSS_S_COMPLETE;