2 * Copyright (c) 2011, JANET(UK)
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
16 * 3. Neither the name of JANET(UK) nor the names of its contributors
17 * may be used to endorse or promote products derived from this software
18 * without specific prior written permission.
20 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
21 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
33 * Portions Copyright 1993 by OpenVision Technologies, Inc.
35 * Permission to use, copy, modify, distribute, and sell this software
36 * and its documentation for any purpose is hereby granted without fee,
37 * provided that the above copyright notice appears in all copies and
38 * that both that copyright notice and this permission notice appear in
39 * supporting documentation, and that the name of OpenVision not be used
40 * in advertising or publicity pertaining to distribution of the software
41 * without specific, written prior permission. OpenVision makes no
42 * representations about the suitability of this software for any
43 * purpose. It is provided "as is" without express or implied warranty.
45 * OPENVISION DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE,
46 * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO
47 * EVENT SHALL OPENVISION BE LIABLE FOR ANY SPECIAL, INDIRECT OR
48 * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF
49 * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR
50 * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
51 * PERFORMANCE OF THIS SOFTWARE.
55 * Utility routines for GSS tokens.
58 #include "gssapiP_eap.h"
61 gssEapEncodeInnerTokens(OM_uint32 *minor,
62 struct gss_eap_token_buffer_set *tokens,
65 OM_uint32 major, tmpMinor;
66 size_t required = 0, i;
72 for (i = 0; i < tokens->buffers.count; i++) {
73 required += 8 + tokens->buffers.elements[i].length;
77 * We must always return a non-NULL token otherwise the calling state
78 * machine assumes we are finished. Hence care in case malloc(0) does
81 buffer->value = GSSEAP_MALLOC(required ? required : 1);
82 if (buffer->value == NULL) {
83 major = GSS_S_FAILURE;
88 buffer->length = required;
89 p = (unsigned char *)buffer->value;
91 for (i = 0; i < tokens->buffers.count; i++) {
92 gss_buffer_t tokenBuffer = &tokens->buffers.elements[i];
94 assert((tokens->types[i] & ITOK_FLAG_VERIFIED) == 0); /* private flag */
97 * Extensions are encoded as type-length-value, where the upper
98 * bit of the type indicates criticality.
100 store_uint32_be(tokens->types[i], &p[0]);
101 store_uint32_be(tokenBuffer->length, &p[4]);
102 memcpy(&p[8], tokenBuffer->value, tokenBuffer->length);
104 p += 8 + tokenBuffer->length;
107 assert(p == (unsigned char *)buffer->value + required);
108 assert(buffer->value != NULL);
110 major = GSS_S_COMPLETE;
114 if (GSS_ERROR(major)) {
115 gss_release_buffer(&tmpMinor, buffer);
122 gssEapDecodeInnerTokens(OM_uint32 *minor,
123 const gss_buffer_t buffer,
124 struct gss_eap_token_buffer_set *tokens)
126 OM_uint32 major, tmpMinor;
130 tokens->buffers.count = 0;
131 tokens->buffers.elements = NULL;
132 tokens->types = NULL;
134 if (buffer->length == 0) {
135 major = GSS_S_COMPLETE;
139 p = (unsigned char *)buffer->value;
140 remain = buffer->length;
144 gss_buffer_desc tokenBuffer, *newTokenBuffers;
147 major = GSS_S_DEFECTIVE_TOKEN;
148 *minor = GSSEAP_TOK_TRUNC;
152 ntypes = GSSEAP_REALLOC(tokens->types,
153 (tokens->buffers.count + 1) * sizeof(OM_uint32));
154 if (ntypes == NULL) {
155 major = GSS_S_FAILURE;
159 tokens->types = ntypes;
161 tokens->types[tokens->buffers.count] = load_uint32_be(&p[0]);
162 tokenBuffer.length = load_uint32_be(&p[4]);
164 if (remain < 8 + tokenBuffer.length) {
165 major = GSS_S_DEFECTIVE_TOKEN;
166 *minor = GSSEAP_TOK_TRUNC;
169 tokenBuffer.value = &p[8];
171 newTokenBuffers = GSSEAP_REALLOC(tokens->buffers.elements,
172 (tokens->buffers.count + 1) * sizeof(gss_buffer_desc));
173 if (newTokenBuffers == NULL) {
174 major = GSS_S_FAILURE;
179 tokens->buffers.elements = newTokenBuffers;
180 tokens->buffers.elements[tokens->buffers.count] = tokenBuffer;
181 tokens->buffers.count++;
183 p += 8 + tokenBuffer.length;
184 remain -= 8 + tokenBuffer.length;
186 } while (remain != 0);
188 major = GSS_S_COMPLETE;
192 if (GSS_ERROR(major))
193 gssEapReleaseInnerTokens(&tmpMinor, tokens, 0);
199 * $Id: util_token.c 23457 2009-12-08 00:04:48Z tlyu $
202 /* XXXX this code currently makes the assumption that a mech oid will
203 never be longer than 127 bytes. This assumption is not inherent in
204 the interfaces, so the code can be fixed if the OSI namespace
205 balloons unexpectedly. */
208 * Each token looks like this:
209 * 0x60 tag for APPLICATION 0, SEQUENCE
210 * (constructed, definite-length)
211 * <length> possible multiple bytes, need to parse/generate
212 * 0x06 tag for OBJECT IDENTIFIER
213 * <moid_length> compile-time constant string (assume 1 byte)
214 * <moid_bytes> compile-time constant string
215 * <inner_bytes> the ANY containing the application token
216 * bytes 0,1 are the token type
217 * bytes 2,n are the token data
219 * Note that the token type field is a feature of RFC 1964 mechanisms and
220 * is not used by other GSSAPI mechanisms. As such, a token type of -1
221 * is interpreted to mean that no token type should be expected or
224 * For the purposes of this abstraction, the token "header" consists of
225 * the sequence tag and length octets, the mech OID DER encoding, and the
226 * first two inner bytes, which indicate the token type. The token
227 * "body" consists of everything else.
231 der_length_size(size_t length)
235 else if (length < (1<<8))
237 #if INT_MAX == 0x7fff
241 else if (length < (1<<16))
243 else if (length < (1<<24))
251 der_write_length(unsigned char **buf, size_t length)
253 if (length < (1<<7)) {
254 *(*buf)++ = (unsigned char)length;
256 *(*buf)++ = (unsigned char)(der_length_size(length)+127);
258 if (length >= (1<<24))
259 *(*buf)++ = (unsigned char)(length>>24);
260 if (length >= (1<<16))
261 *(*buf)++ = (unsigned char)((length>>16)&0xff);
263 if (length >= (1<<8))
264 *(*buf)++ = (unsigned char)((length>>8)&0xff);
265 *(*buf)++ = (unsigned char)(length&0xff);
269 /* returns decoded length, or < 0 on failure. Advances buf and
270 decrements bufsize */
273 der_read_length(unsigned char **buf, ssize_t *bufsize)
284 if ((sf &= 0x7f) > ((*bufsize)-1))
286 if (sf > sizeof(int))
290 ret = (ret<<8) + (*(*buf)++);
300 /* returns the length of a token, given the mech oid and the body size */
303 tokenSize(const gss_OID_desc *mech, size_t body_size)
305 assert(mech != GSS_C_NO_OID);
307 /* set body_size to sequence contents size */
308 body_size += 4 + (size_t) mech->length; /* NEED overflow check */
309 return 1 + der_length_size(body_size) + body_size;
312 /* fills in a buffer with the token header. The buffer is assumed to
313 be the right size. buf is advanced past the token header */
317 const gss_OID_desc *mech,
320 enum gss_eap_token_type tok_type)
323 der_write_length(buf, (tok_type == -1) ?2:4 + mech->length + body_size);
325 *(*buf)++ = (unsigned char)mech->length;
326 memcpy(*buf, mech->elements, mech->length);
327 *buf += mech->length;
328 assert(tok_type != TOK_TYPE_NONE);
329 *(*buf)++ = (unsigned char)((tok_type>>8) & 0xff);
330 *(*buf)++ = (unsigned char)(tok_type & 0xff);
334 * Given a buffer containing a token, reads and verifies the token,
335 * leaving buf advanced past the token header, and setting body_size
336 * to the number of remaining bytes. Returns 0 on success,
337 * G_BAD_TOK_HEADER for a variety of errors, and G_WRONG_MECH if the
338 * mechanism in the token does not match the mech argument. buf and
339 * *body_size are left unmodified on error.
343 verifyTokenHeader(OM_uint32 *minor,
346 unsigned char **buf_in,
348 enum gss_eap_token_type *ret_tok_type)
350 unsigned char *buf = *buf_in;
353 ssize_t toksize = (ssize_t)toksize_in;
355 *minor = GSSEAP_BAD_TOK_HEADER;
357 if (ret_tok_type != NULL)
358 *ret_tok_type = TOK_TYPE_NONE;
360 if ((toksize -= 1) < 0)
361 return GSS_S_DEFECTIVE_TOKEN;
364 return GSS_S_DEFECTIVE_TOKEN;
366 seqsize = der_read_length(&buf, &toksize);
368 return GSS_S_DEFECTIVE_TOKEN;
370 if (seqsize != toksize)
371 return GSS_S_DEFECTIVE_TOKEN;
373 if ((toksize -= 1) < 0)
374 return GSS_S_DEFECTIVE_TOKEN;
377 return GSS_S_DEFECTIVE_TOKEN;
379 if ((toksize -= 1) < 0)
380 return GSS_S_DEFECTIVE_TOKEN;
382 toid.length = *buf++;
384 if ((toksize -= toid.length) < 0)
385 return GSS_S_DEFECTIVE_TOKEN;
390 if (mech->elements == NULL) {
392 if (toid.length == 0)
393 return GSS_S_BAD_MECH;
394 } else if (!oidEqual(&toid, mech)) {
395 *minor = GSSEAP_WRONG_MECH;
396 return GSS_S_BAD_MECH;
399 if (ret_tok_type != NULL) {
400 if ((toksize -= 2) < 0)
401 return GSS_S_DEFECTIVE_TOKEN;
403 *ret_tok_type = load_uint16_be(buf);
408 *body_size = toksize;
411 return GSS_S_COMPLETE;
415 gssEapAllocInnerTokens(OM_uint32 *minor,
417 struct gss_eap_token_buffer_set *tokens)
421 tokens->buffers.count = 0;
422 tokens->buffers.elements = (gss_buffer_desc *)GSSEAP_CALLOC(count, sizeof(gss_buffer_desc));
423 if (tokens->buffers.elements == NULL) {
424 major = GSS_S_FAILURE;
429 tokens->types = (OM_uint32 *)GSSEAP_CALLOC(count, sizeof(OM_uint32));
430 if (tokens->types == NULL) {
431 major = GSS_S_FAILURE;
436 major = GSS_S_COMPLETE;
440 if (GSS_ERROR(major)) {
441 if (tokens->buffers.elements != NULL) {
442 GSSEAP_FREE(tokens->buffers.elements);
443 tokens->buffers.elements = NULL;
445 if (tokens->types != NULL) {
446 GSSEAP_FREE(tokens->types);
447 tokens->types = NULL;
455 gssEapReleaseInnerTokens(OM_uint32 *minor,
456 struct gss_eap_token_buffer_set *tokens,
462 if (tokens->buffers.elements != NULL) {
464 for (i = 0; i < tokens->buffers.count; i++)
465 gss_release_buffer(&tmpMinor, &tokens->buffers.elements[i]);
467 GSSEAP_FREE(tokens->buffers.elements);
468 tokens->buffers.elements = NULL;
470 tokens->buffers.count = 0;
472 if (tokens->types != NULL) {
473 GSSEAP_FREE(tokens->types);
474 tokens->types = NULL;
478 return GSS_S_COMPLETE;