Line data Source code
1 : /*
2 : * Copyright (c) 2008 Kungliga Tekniska Högskolan
3 : * (Royal Institute of Technology, Stockholm, Sweden).
4 : * All rights reserved.
5 : *
6 : * Redistribution and use in source and binary forms, with or without
7 : * modification, are permitted provided that the following conditions
8 : * are met:
9 : *
10 : * 1. Redistributions of source code must retain the above copyright
11 : * notice, this list of conditions and the following disclaimer.
12 : *
13 : * 2. Redistributions in binary form must reproduce the above copyright
14 : * notice, this list of conditions and the following disclaimer in the
15 : * documentation and/or other materials provided with the distribution.
16 : *
17 : * 3. Neither the name of the Institute nor the names of its contributors
18 : * may be used to endorse or promote products derived from this software
19 : * without specific prior written permission.
20 : *
21 : * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22 : * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 : * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 : * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25 : * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 : * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 : * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 : * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 : * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 : * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 : * SUCH DAMAGE.
32 : */
33 :
34 : #include "gsskrb5_locl.h"
35 :
36 : #include <roken.h>
37 :
38 : OM_uint32 GSSAPI_CALLCONV
39 1159792 : _gk_wrap_iov(OM_uint32 * minor_status,
40 : gss_ctx_id_t context_handle,
41 : int conf_req_flag,
42 : gss_qop_t qop_req,
43 : int * conf_state,
44 : gss_iov_buffer_desc *iov,
45 : int iov_count)
46 : {
47 1159792 : const gsskrb5_ctx ctx = (const gsskrb5_ctx) context_handle;
48 1313 : krb5_context context;
49 1313 : OM_uint32 ret;
50 1313 : krb5_keyblock *key;
51 1313 : krb5_keytype keytype;
52 :
53 1159792 : GSSAPI_KRB5_INIT (&context);
54 :
55 1159792 : if (ctx->more_flags & IS_CFX)
56 1142228 : return _gssapi_wrap_cfx_iov(minor_status, ctx, context,
57 : conf_req_flag, conf_state,
58 : iov, iov_count);
59 :
60 0 : HEIMDAL_MUTEX_lock(&ctx->ctx_id_mutex);
61 17564 : ret = _gsskrb5i_get_token_key(ctx, context, &key);
62 0 : HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex);
63 17564 : if (ret) {
64 0 : *minor_status = ret;
65 0 : return GSS_S_FAILURE;
66 : }
67 17564 : krb5_enctype_to_keytype(context, key->keytype, &keytype);
68 :
69 17564 : switch (keytype) {
70 17564 : case KEYTYPE_ARCFOUR:
71 : case KEYTYPE_ARCFOUR_56:
72 17564 : ret = _gssapi_wrap_iov_arcfour(minor_status, ctx, context,
73 : conf_req_flag, conf_state,
74 : iov, iov_count, key);
75 17564 : break;
76 :
77 0 : default:
78 0 : ret = GSS_S_FAILURE;
79 0 : break;
80 : }
81 :
82 17564 : krb5_free_keyblock(context, key);
83 17564 : return ret;
84 : }
85 :
86 : OM_uint32 GSSAPI_CALLCONV
87 437747 : _gk_unwrap_iov(OM_uint32 *minor_status,
88 : gss_ctx_id_t context_handle,
89 : int *conf_state,
90 : gss_qop_t *qop_state,
91 : gss_iov_buffer_desc *iov,
92 : int iov_count)
93 : {
94 437747 : const gsskrb5_ctx ctx = (const gsskrb5_ctx) context_handle;
95 1312 : krb5_context context;
96 1312 : OM_uint32 ret;
97 1312 : krb5_keytype keytype;
98 1312 : krb5_keyblock *key;
99 :
100 437747 : GSSAPI_KRB5_INIT (&context);
101 :
102 437747 : if (ctx->more_flags & IS_CFX)
103 425679 : return _gssapi_unwrap_cfx_iov(minor_status, ctx, context,
104 : conf_state, qop_state, iov, iov_count);
105 :
106 0 : HEIMDAL_MUTEX_lock(&ctx->ctx_id_mutex);
107 12068 : ret = _gsskrb5i_get_token_key(ctx, context, &key);
108 0 : HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex);
109 12068 : if (ret) {
110 0 : *minor_status = ret;
111 0 : return GSS_S_FAILURE;
112 : }
113 12068 : krb5_enctype_to_keytype(context, key->keytype, &keytype);
114 :
115 12068 : switch (keytype) {
116 12068 : case KEYTYPE_ARCFOUR:
117 : case KEYTYPE_ARCFOUR_56:
118 12068 : ret = _gssapi_unwrap_iov_arcfour(minor_status, ctx, context,
119 : conf_state, qop_state,
120 : iov, iov_count, key);
121 12068 : break;
122 :
123 0 : default:
124 0 : ret = GSS_S_FAILURE;
125 0 : break;
126 : }
127 :
128 12068 : krb5_free_keyblock(context, key);
129 12068 : return ret;
130 : }
131 :
132 : OM_uint32 GSSAPI_CALLCONV
133 15481 : _gk_wrap_iov_length(OM_uint32 * minor_status,
134 : gss_ctx_id_t context_handle,
135 : int conf_req_flag,
136 : gss_qop_t qop_req,
137 : int *conf_state,
138 : gss_iov_buffer_desc *iov,
139 : int iov_count)
140 : {
141 15481 : const gsskrb5_ctx ctx = (const gsskrb5_ctx) context_handle;
142 184 : krb5_context context;
143 184 : OM_uint32 ret;
144 184 : krb5_keytype keytype;
145 184 : krb5_keyblock *key;
146 :
147 15481 : GSSAPI_KRB5_INIT (&context);
148 :
149 15481 : if (ctx->more_flags & IS_CFX)
150 14853 : return _gssapi_wrap_iov_length_cfx(minor_status, ctx, context,
151 : conf_req_flag, qop_req, conf_state,
152 : iov, iov_count);
153 :
154 0 : HEIMDAL_MUTEX_lock(&ctx->ctx_id_mutex);
155 628 : ret = _gsskrb5i_get_token_key(ctx, context, &key);
156 0 : HEIMDAL_MUTEX_unlock(&ctx->ctx_id_mutex);
157 628 : if (ret) {
158 0 : *minor_status = ret;
159 0 : return GSS_S_FAILURE;
160 : }
161 628 : krb5_enctype_to_keytype(context, key->keytype, &keytype);
162 :
163 628 : switch (keytype) {
164 628 : case KEYTYPE_ARCFOUR:
165 : case KEYTYPE_ARCFOUR_56:
166 628 : ret = _gssapi_wrap_iov_length_arcfour(minor_status, ctx, context,
167 : conf_req_flag, qop_req, conf_state,
168 : iov, iov_count);
169 628 : break;
170 :
171 0 : default:
172 0 : ret = GSS_S_FAILURE;
173 0 : break;
174 : }
175 :
176 628 : krb5_free_keyblock(context, key);
177 628 : return ret;
178 : }
|
