2 * Copyright (c) 2011, PADL Software Pty Ltd.
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
16 * 3. Neither the name of PADL Software nor the names of its contributors
17 * may be used to endorse or promote products derived from this software
18 * without specific prior written permission.
20 * THIS SOFTWARE IS PROVIDED BY PADL SOFTWARE AND CONTRIBUTORS ``AS IS'' AND
21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23 * ARE DISCLAIMED. IN NO EVENT SHALL PADL SOFTWARE OR CONTRIBUTORS BE LIABLE
24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
33 * Copyright 1993 by OpenVision Technologies, Inc.
35 * Permission to use, copy, modify, distribute, and sell this software
36 * and its documentation for any purpose is hereby granted without fee,
37 * provided that the above copyright notice appears in all copies and
38 * that both that copyright notice and this permission notice appear in
39 * supporting documentation, and that the name of OpenVision not be used
40 * in advertising or publicity pertaining to distribution of the software
41 * without specific, written prior permission. OpenVision makes no
42 * representations about the suitability of this software for any
43 * purpose. It is provided "as is" without express or implied warranty.
45 * OPENVISION DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE,
46 * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO
47 * EVENT SHALL OPENVISION BE LIABLE FOR ANY SPECIAL, INDIRECT OR
48 * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF
49 * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR
50 * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
51 * PERFORMANCE OF THIS SOFTWARE.
58 #include "gs2_token.h"
61 * $Id: util_token.c 23457 2009-12-08 00:04:48Z tlyu $
64 #ifndef HAVE_GSS_ENCAPSULATE_TOKEN
65 /* XXXX this code currently makes the assumption that a mech oid will
66 never be longer than 127 bytes. This assumption is not inherent in
67 the interfaces, so the code can be fixed if the OSI namespace
68 balloons unexpectedly. */
71 * Each token looks like this:
72 * 0x60 tag for APPLICATION 0, SEQUENCE
73 * (constructed, definite-length)
74 * <length> possible multiple bytes, need to parse/generate
75 * 0x06 tag for OBJECT IDENTIFIER
76 * <moid_length> compile-time constant string (assume 1 byte)
77 * <moid_bytes> compile-time constant string
78 * <inner_bytes> the ANY containing the application token
79 * bytes 0,1 are the token type
80 * bytes 2,n are the token data
82 * Note that the token type field is a feature of RFC 1964 mechanisms and
83 * is not used by other GSSAPI mechanisms. As such, a token type of -1
84 * is interpreted to mean that no token type should be expected or
87 * For the purposes of this abstraction, the token "header" consists of
88 * the sequence tag and length octets, the mech OID DER encoding, and the
89 * first two inner bytes, which indicate the token type. The token
90 * "body" consists of everything else.
94 der_length_size(size_t length)
98 else if (length < (1<<8))
100 #if INT_MAX == 0x7fff
104 else if (length < (1<<16))
106 else if (length < (1<<24))
114 der_write_length(unsigned char **buf, size_t length)
116 if (length < (1<<7)) {
117 *(*buf)++ = (unsigned char)length;
119 *(*buf)++ = (unsigned char)(der_length_size(length)+127);
121 if (length >= (1<<24))
122 *(*buf)++ = (unsigned char)(length>>24);
123 if (length >= (1<<16))
124 *(*buf)++ = (unsigned char)((length>>16)&0xff);
126 if (length >= (1<<8))
127 *(*buf)++ = (unsigned char)((length>>8)&0xff);
128 *(*buf)++ = (unsigned char)(length&0xff);
132 /* returns the length of a token, given the mech oid and the body size */
135 token_size(const gss_OID_desc *mech, size_t body_size)
137 /* set body_size to sequence contents size */
138 body_size += 2 + (size_t) mech->length; /* NEED overflow check */
139 return 1 + der_length_size(body_size) + body_size;
142 /* fills in a buffer with the token header. The buffer is assumed to
143 be the right size. buf is advanced past the token header */
147 const gss_OID_desc *mech,
152 der_write_length(buf, 2 + mech->length + body_size);
154 *(*buf)++ = (unsigned char)mech->length;
155 memcpy(*buf, mech->elements, mech->length);
156 *buf += mech->length;
160 gs2_encapsulate_token(const gss_buffer_t input_token,
161 const gss_OID token_oid,
162 gss_buffer_t output_token)
167 if (input_token == GSS_C_NO_BUFFER || token_oid == GSS_C_NO_OID)
168 return GSS_S_CALL_INACCESSIBLE_READ;
170 if (output_token == GSS_C_NO_BUFFER)
171 return GSS_S_CALL_INACCESSIBLE_WRITE;
173 tokenSize = token_size(token_oid, input_token->length);
175 output_token->value = malloc(tokenSize);
176 if (output_token->value == NULL)
177 return GSS_S_FAILURE;
179 buf = output_token->value;
181 make_token_header(token_oid, input_token->length, &buf);
182 memcpy(buf, input_token->value, input_token->length);
183 output_token->length = tokenSize;
185 return GSS_S_COMPLETE;
190 #ifndef HAVE_GSS_DECAPSULATE_TOKEN
191 /* returns decoded length, or < 0 on failure. Advances buf and
192 decrements bufsize */
195 der_read_length(unsigned char **buf, ssize_t *bufsize)
206 if ((sf &= 0x7f) > ((*bufsize)-1))
208 if (sf > sizeof(int))
212 ret = (ret<<8) + (*(*buf)++);
223 * Given a buffer containing a token, reads and verifies the token,
224 * leaving buf advanced past the token header, and setting body_size
225 * to the number of remaining bytes. Returns 0 on success,
226 * G_BAD_TOK_HEADER for a variety of errors, and G_WRONG_MECH if the
227 * mechanism in the token does not match the mech argument. buf and
228 * *body_size are left unmodified on error.
232 verify_token_header(OM_uint32 *minor,
235 unsigned char **buf_in,
238 unsigned char *buf = *buf_in;
241 ssize_t toksize = (ssize_t)toksize_in;
245 if ((toksize -= 1) < 0)
246 return GSS_S_DEFECTIVE_TOKEN;
249 return GSS_S_DEFECTIVE_TOKEN;
251 seqsize = der_read_length(&buf, &toksize);
253 return GSS_S_DEFECTIVE_TOKEN;
255 if (seqsize != toksize)
256 return GSS_S_DEFECTIVE_TOKEN;
258 if ((toksize -= 1) < 0)
259 return GSS_S_DEFECTIVE_TOKEN;
262 return GSS_S_DEFECTIVE_TOKEN;
264 if ((toksize -= 1) < 0)
265 return GSS_S_DEFECTIVE_TOKEN;
267 toid.length = *buf++;
269 if ((toksize -= toid.length) < 0)
270 return GSS_S_DEFECTIVE_TOKEN;
275 if (!gss_oid_equal(&toid, mech))
276 return GSS_S_DEFECTIVE_TOKEN;
279 *body_size = toksize;
281 return GSS_S_COMPLETE;
285 gs2_decapsulate_token(const gss_buffer_t input_token,
286 const gss_OID token_oid,
287 gss_buffer_t output_token)
289 OM_uint32 major, minor;
290 size_t body_size = 0;
291 unsigned char *buf_in;
293 if (input_token == GSS_C_NO_BUFFER || token_oid == GSS_C_NO_OID)
294 return GSS_S_CALL_INACCESSIBLE_READ;
296 if (output_token == GSS_C_NO_BUFFER)
297 return GSS_S_CALL_INACCESSIBLE_WRITE;
299 buf_in = input_token->value;
301 major = verify_token_header(&minor, token_oid, &body_size, &buf_in,
302 input_token->length);
304 return GSS_S_DEFECTIVE_TOKEN;
306 output_token->value = malloc(body_size);
307 if (output_token->value == NULL)
308 return GSS_S_FAILURE;
310 memcpy(output_token->value, buf_in, body_size);
311 output_token->length = body_size;
313 return GSS_S_COMPLETE;
317 #ifndef HAVE_GSS_OID_EQUAL
319 gs2_oid_equal(const gss_OID o1, const gss_OID o2)
321 return o1->length == o2->length &&
322 (memcmp(o1->elements, o2->elements, o1->length) == 0);