From 751c2b50d565108094934c74d718bae51b98e2f9 Mon Sep 17 00:00:00 2001 From: Luke Howard Date: Wed, 8 Sep 2010 12:29:13 +0200 Subject: [PATCH] gss_pseudo_random implementation --- mech_eap/pseudo_random.c | 112 ++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 110 insertions(+), 2 deletions(-) diff --git a/mech_eap/pseudo_random.c b/mech_eap/pseudo_random.c index c4918f5..105a0d1 100644 --- a/mech_eap/pseudo_random.c +++ b/mech_eap/pseudo_random.c @@ -29,16 +29,124 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ +/* + * lib/gssapi/krb5/prf.c + * + * Copyright 2009 by the Massachusetts Institute of Technology. + * All Rights Reserved. + * + * Export of this software from the United States of America may + * require a specific license from the United States Government. + * It is the responsibility of any person or organization contemplating + * export to obtain such a license before exporting. + * + * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and + * distribute this software and its documentation for any purpose and + * without fee is hereby granted, provided that the above copyright + * notice appear in all copies and that both that copyright notice and + * this permission notice appear in supporting documentation, and that + * the name of M.I.T. not be used in advertising or publicity pertaining + * to distribution of the software without specific, written prior + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of + * this software for any purpose. It is provided "as is" without express + * or implied warranty. + * + * + */ #include "gssapiP_eap.h" +#ifndef MIN /* Usually found in . */ +#define MIN(_a,_b) ((_a)<(_b)?(_a):(_b)) +#endif + OM_uint32 gss_pseudo_random(OM_uint32 *minor, - gss_ctx_id_t context, + gss_ctx_id_t ctx, int prf_key, const gss_buffer_t prf_in, ssize_t desired_output_len, gss_buffer_t prf_out) { - GSSEAP_NOT_IMPLEMENTED; + krb5_error_code code; + int i; + OM_uint32 tmpMinor; + size_t prflen; + krb5_data t, ns; + unsigned char *p; + + prf_out->length = 0; + prf_out->value = NULL; + + if (!CTX_IS_ESTABLISHED(ctx)) + return GSS_S_NO_CONTEXT; + + t.length = 0; + t.data = NULL; + + ns.length = 0; + ns.data = NULL; + + if (prf_key != GSS_C_PRF_KEY_FULL && + prf_key != GSS_C_PRF_KEY_FULL) { + code = EINVAL; + goto cleanup; + } + + prf_out->value = GSSEAP_MALLOC(desired_output_len); + if (prf_out->value == NULL) { + code = ENOMEM; + goto cleanup; + } + prf_out->length = desired_output_len; + + code = krb5_c_prf_length(ctx->kerberosCtx, + ctx->encryptionType, + &prflen); + if (code != 0) + goto cleanup; + + ns.length = 4 + prf_in->length; + ns.data = GSSEAP_MALLOC(ns.length); + if (ns.data == NULL) { + code = ENOMEM; + goto cleanup; + } + + t.length = prflen; + t.data = GSSEAP_MALLOC(t.length); + if (t.data == NULL) { + code = ENOMEM; + goto cleanup; + } + + memcpy(ns.data + 4, prf_in->value, prf_in->length); + i = 0; + p = (unsigned char *)prf_out->value; + while (desired_output_len > 0) { + store_uint32_be(i, ns.data); + + code = krb5_c_prf(ctx->kerberosCtx, ctx->encryptionKey, &ns, &t); + if (code != 0) + goto cleanup; + + memcpy(p, t.data, MIN(t.length, desired_output_len)); + + p += t.length; + desired_output_len -= t.length; + i++; + } + +cleanup: + if (code != 0) + gss_release_buffer(&tmpMinor, prf_out); + krb5_free_data_contents(ctx->kerberosCtx, &ns); + krb5_free_data_contents(ctx->kerberosCtx, &t); + + *minor = code; + return (code == 0) ? GSS_S_COMPLETE : GSS_S_FAILURE; } + -- 2.1.4