Line data Source code
1 : /*
2 : * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan
3 : * (Royal Institute of Technology, Stockholm, Sweden).
4 : * All rights reserved.
5 : *
6 : * Redistribution and use in source and binary forms, with or without
7 : * modification, are permitted provided that the following conditions
8 : * are met:
9 : *
10 : * 1. Redistributions of source code must retain the above copyright
11 : * notice, this list of conditions and the following disclaimer.
12 : *
13 : * 2. Redistributions in binary form must reproduce the above copyright
14 : * notice, this list of conditions and the following disclaimer in the
15 : * documentation and/or other materials provided with the distribution.
16 : *
17 : * 3. Neither the name of the Institute nor the names of its contributors
18 : * may be used to endorse or promote products derived from this software
19 : * without specific prior written permission.
20 : *
21 : * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 : * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 : * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 : * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 : * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 : * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 : * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 : * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 : * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 : * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 : * SUCH DAMAGE.
32 : */
33 :
34 : #include "gsskrb5_locl.h"
35 :
36 : static krb5_error_code
37 0 : hash_input_chan_bindings (const gss_channel_bindings_t b,
38 : u_char *p)
39 : {
40 0 : u_char num[4];
41 0 : EVP_MD_CTX *ctx;
42 :
43 0 : ctx = EVP_MD_CTX_create();
44 0 : EVP_DigestInit_ex(ctx, EVP_md5(), NULL);
45 :
46 0 : _gss_mg_encode_le_uint32 (b->initiator_addrtype, num);
47 0 : EVP_DigestUpdate(ctx, num, sizeof(num));
48 0 : _gss_mg_encode_le_uint32 (b->initiator_address.length, num);
49 0 : EVP_DigestUpdate(ctx, num, sizeof(num));
50 0 : if (b->initiator_address.length)
51 0 : EVP_DigestUpdate(ctx,
52 0 : b->initiator_address.value,
53 : b->initiator_address.length);
54 0 : _gss_mg_encode_le_uint32 (b->acceptor_addrtype, num);
55 0 : EVP_DigestUpdate(ctx, num, sizeof(num));
56 0 : _gss_mg_encode_le_uint32 (b->acceptor_address.length, num);
57 0 : EVP_DigestUpdate(ctx, num, sizeof(num));
58 0 : if (b->acceptor_address.length)
59 0 : EVP_DigestUpdate(ctx,
60 0 : b->acceptor_address.value,
61 : b->acceptor_address.length);
62 0 : _gss_mg_encode_le_uint32 (b->application_data.length, num);
63 0 : EVP_DigestUpdate(ctx, num, sizeof(num));
64 0 : if (b->application_data.length)
65 0 : EVP_DigestUpdate(ctx,
66 0 : b->application_data.value,
67 : b->application_data.length);
68 0 : EVP_DigestFinal_ex(ctx, p, NULL);
69 0 : EVP_MD_CTX_destroy(ctx);
70 :
71 0 : return 0;
72 : }
73 :
74 : /*
75 : * create a checksum over the chanel bindings in
76 : * `input_chan_bindings', `flags' and `fwd_data' and return it in
77 : * `result'
78 : */
79 :
80 : OM_uint32
81 24212 : _gsskrb5_create_8003_checksum (
82 : OM_uint32 *minor_status,
83 : const gss_channel_bindings_t input_chan_bindings,
84 : OM_uint32 flags,
85 : const krb5_data *fwd_data,
86 : Checksum *result)
87 : {
88 1035 : u_char *p;
89 :
90 : /*
91 : * see rfc1964 (section 1.1.1 (Initial Token), and the checksum value
92 : * field's format) */
93 24212 : result->cksumtype = CKSUMTYPE_GSSAPI;
94 24212 : if (fwd_data->length > 0 && (flags & GSS_C_DELEG_FLAG))
95 23028 : result->checksum.length = 24 + 4 + fwd_data->length;
96 : else
97 1184 : result->checksum.length = 24;
98 24212 : result->checksum.data = malloc (result->checksum.length);
99 24212 : if (result->checksum.data == NULL) {
100 0 : *minor_status = ENOMEM;
101 0 : return GSS_S_FAILURE;
102 : }
103 :
104 24212 : p = result->checksum.data;
105 24212 : _gss_mg_encode_le_uint32 (16, p);
106 24212 : p += 4;
107 24212 : if (input_chan_bindings == GSS_C_NO_CHANNEL_BINDINGS) {
108 24212 : memset (p, 0, 16);
109 : } else {
110 0 : hash_input_chan_bindings (input_chan_bindings, p);
111 : }
112 24212 : p += 16;
113 24212 : _gss_mg_encode_le_uint32 (flags, p);
114 24212 : p += 4;
115 :
116 24212 : if (fwd_data->length > 0 && (flags & GSS_C_DELEG_FLAG)) {
117 :
118 23028 : *p++ = (1 >> 0) & 0xFF; /* DlgOpt */ /* == 1 */
119 23028 : *p++ = (1 >> 8) & 0xFF; /* DlgOpt */ /* == 0 */
120 23028 : *p++ = (fwd_data->length >> 0) & 0xFF; /* Dlgth */
121 23028 : *p++ = (fwd_data->length >> 8) & 0xFF; /* Dlgth */
122 23028 : memcpy(p, (unsigned char *) fwd_data->data, fwd_data->length);
123 :
124 : /* p += fwd_data->length; */ /* commented out to quiet warning */
125 : }
126 :
127 23177 : return GSS_S_COMPLETE;
128 : }
129 :
130 : static krb5_error_code
131 0 : check_ap_options_cbt(void *ad_data, size_t ad_len,
132 : krb5_boolean *client_asserted_cb)
133 : {
134 0 : uint32_t ad_ap_options;
135 :
136 0 : *client_asserted_cb = FALSE;
137 :
138 0 : if (ad_len != sizeof(uint32_t))
139 0 : return KRB5KRB_AP_ERR_MSG_TYPE;
140 :
141 0 : _gss_mg_decode_le_uint32(ad_data, &ad_ap_options);
142 :
143 0 : if (ad_ap_options & KERB_AP_OPTIONS_CBT)
144 0 : *client_asserted_cb = TRUE;
145 :
146 0 : return 0;
147 : }
148 :
149 : static krb5_error_code
150 52130 : find_ap_options(krb5_context context,
151 : krb5_authenticator authenticator,
152 : krb5_boolean *client_asserted_cb)
153 : {
154 881 : krb5_error_code ret;
155 881 : krb5_authdata *ad;
156 881 : krb5_data data;
157 :
158 52130 : *client_asserted_cb = FALSE;
159 :
160 52130 : ad = authenticator->authorization_data;
161 52130 : if (ad == NULL)
162 15 : return 0;
163 :
164 52115 : ret = _krb5_get_ad(context, ad, NULL, KRB5_AUTHDATA_AP_OPTIONS, &data);
165 52115 : if (ret)
166 52115 : return ret == ENOENT ? 0 : ret;
167 :
168 0 : ret = check_ap_options_cbt(data.data, data.length, client_asserted_cb);
169 0 : krb5_data_free(&data);
170 :
171 0 : return ret;
172 : }
173 :
174 : /*
175 : * verify the checksum in `cksum' over `input_chan_bindings'
176 : * returning `flags' and `fwd_data'
177 : */
178 :
179 : OM_uint32
180 52130 : _gsskrb5_verify_8003_checksum(
181 : krb5_context context,
182 : OM_uint32 *minor_status,
183 : const gss_channel_bindings_t input_chan_bindings,
184 : krb5_authenticator authenticator,
185 : OM_uint32 *flags,
186 : krb5_data *fwd_data)
187 : {
188 881 : unsigned char hash[16];
189 881 : unsigned char *p;
190 881 : OM_uint32 length;
191 881 : int DlgOpt;
192 881 : static unsigned char zeros[16];
193 52130 : krb5_boolean channel_bound = FALSE;
194 52130 : const Checksum *cksum = authenticator->cksum;
195 881 : krb5_boolean client_asserted_cb;
196 881 : krb5_error_code ret;
197 :
198 : /* XXX should handle checksums > 24 bytes */
199 52130 : if(cksum->cksumtype != CKSUMTYPE_GSSAPI || cksum->checksum.length < 24) {
200 0 : *minor_status = 0;
201 0 : return GSS_S_BAD_BINDINGS;
202 : }
203 :
204 52130 : p = cksum->checksum.data;
205 52130 : _gss_mg_decode_le_uint32(p, &length);
206 52130 : if(length != sizeof(hash)) {
207 0 : *minor_status = 0;
208 0 : return GSS_S_BAD_BINDINGS;
209 : }
210 :
211 52130 : p += 4;
212 :
213 52130 : ret = find_ap_options(context, authenticator, &client_asserted_cb);
214 52130 : if (ret) {
215 0 : *minor_status = ret;
216 0 : return GSS_S_FAILURE;
217 : }
218 :
219 52130 : if (input_chan_bindings != GSS_C_NO_CHANNEL_BINDINGS
220 0 : && (ct_memcmp(p, zeros, sizeof(zeros)) != 0 || client_asserted_cb)) {
221 0 : if(hash_input_chan_bindings(input_chan_bindings, hash) != 0) {
222 0 : *minor_status = 0;
223 0 : return GSS_S_BAD_BINDINGS;
224 : }
225 0 : if(ct_memcmp(hash, p, sizeof(hash)) != 0) {
226 0 : *minor_status = 0;
227 0 : return GSS_S_BAD_BINDINGS;
228 : }
229 0 : channel_bound = TRUE;
230 : }
231 :
232 52130 : p += sizeof(hash);
233 :
234 52130 : _gss_mg_decode_le_uint32(p, flags);
235 52130 : p += 4;
236 :
237 52130 : if (cksum->checksum.length > 24 && (*flags & GSS_C_DELEG_FLAG)) {
238 48843 : if(cksum->checksum.length < 28) {
239 0 : *minor_status = 0;
240 0 : return GSS_S_BAD_BINDINGS;
241 : }
242 :
243 48843 : DlgOpt = (p[0] << 0) | (p[1] << 8);
244 48843 : p += 2;
245 48843 : if (DlgOpt != 1) {
246 0 : *minor_status = 0;
247 0 : return GSS_S_BAD_BINDINGS;
248 : }
249 :
250 48843 : fwd_data->length = (p[0] << 0) | (p[1] << 8);
251 48843 : p += 2;
252 48843 : if(cksum->checksum.length < 28 + fwd_data->length) {
253 0 : *minor_status = 0;
254 0 : return GSS_S_BAD_BINDINGS;
255 : }
256 48843 : fwd_data->data = malloc(fwd_data->length);
257 48843 : if (fwd_data->data == NULL) {
258 0 : *minor_status = ENOMEM;
259 0 : return GSS_S_FAILURE;
260 : }
261 48843 : memcpy(fwd_data->data, p, fwd_data->length);
262 : }
263 :
264 52130 : if (channel_bound) {
265 0 : *flags |= GSS_C_CHANNEL_BOUND_FLAG;
266 : } else {
267 52130 : *flags &= ~GSS_C_CHANNEL_BOUND_FLAG;
268 : }
269 :
270 51249 : return GSS_S_COMPLETE;
271 : }
|
