Changeset View
Changeset View
Standalone View
Standalone View
crypto/heimdal/lib/gssapi/krb5/arcfour.c
| Show First 20 Lines • Show All 167 Lines • ▼ Show 20 Lines | _gssapi_get_mic_arcfour(OM_uint32 * minor_status, | ||||
| const gss_buffer_t message_buffer, | const gss_buffer_t message_buffer, | ||||
| gss_buffer_t message_token, | gss_buffer_t message_token, | ||||
| krb5_keyblock *key) | krb5_keyblock *key) | ||||
| { | { | ||||
| krb5_error_code ret; | krb5_error_code ret; | ||||
| int32_t seq_number; | int32_t seq_number; | ||||
| size_t len, total_len; | size_t len, total_len; | ||||
| u_char k6_data[16], *p0, *p; | u_char k6_data[16], *p0, *p; | ||||
| EVP_CIPHER_CTX rc4_key; | EVP_CIPHER_CTX *rc4_key; | ||||
| _gsskrb5_encap_length (22, &len, &total_len, GSS_KRB5_MECHANISM); | _gsskrb5_encap_length (22, &len, &total_len, GSS_KRB5_MECHANISM); | ||||
| message_token->length = total_len; | message_token->length = total_len; | ||||
| message_token->value = malloc (total_len); | message_token->value = malloc (total_len); | ||||
| if (message_token->value == NULL) { | if (message_token->value == NULL) { | ||||
| *minor_status = ENOMEM; | *minor_status = ENOMEM; | ||||
| return GSS_S_FAILURE; | return GSS_S_FAILURE; | ||||
| ▲ Show 20 Lines • Show All 45 Lines • ▼ Show 20 Lines | return GSS_S_FAILURE; | ||||
| krb5_auth_con_setlocalseqnumber (context, | krb5_auth_con_setlocalseqnumber (context, | ||||
| context_handle->auth_context, | context_handle->auth_context, | ||||
| ++seq_number); | ++seq_number); | ||||
| HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex); | HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex); | ||||
| memset (p + 4, (context_handle->more_flags & LOCAL) ? 0 : 0xff, 4); | memset (p + 4, (context_handle->more_flags & LOCAL) ? 0 : 0xff, 4); | ||||
| EVP_CIPHER_CTX_init(&rc4_key); | rc4_key = EVP_CIPHER_CTX_new(); | ||||
| EVP_CipherInit_ex(&rc4_key, EVP_rc4(), NULL, k6_data, NULL, 1); | if (rc4_key == NULL) { | ||||
| EVP_Cipher(&rc4_key, p, p, 8); | _gsskrb5_release_buffer(minor_status, message_token); | ||||
| EVP_CIPHER_CTX_cleanup(&rc4_key); | *minor_status = ENOMEM; | ||||
| return GSS_S_FAILURE; | |||||
| } | |||||
| EVP_CipherInit_ex(rc4_key, EVP_rc4(), NULL, k6_data, NULL, 1); | |||||
| EVP_Cipher(rc4_key, p, p, 8); | |||||
| EVP_CIPHER_CTX_free(rc4_key); | |||||
| memset(k6_data, 0, sizeof(k6_data)); | memset(k6_data, 0, sizeof(k6_data)); | ||||
| *minor_status = 0; | *minor_status = 0; | ||||
| return GSS_S_COMPLETE; | return GSS_S_COMPLETE; | ||||
| } | } | ||||
| OM_uint32 | OM_uint32 | ||||
| ▲ Show 20 Lines • Show All 52 Lines • ▼ Show 20 Lines | return GSS_S_FAILURE; | ||||
| cmp = ct_memcmp(cksum_data, p + 8, 8); | cmp = ct_memcmp(cksum_data, p + 8, 8); | ||||
| if (cmp) { | if (cmp) { | ||||
| *minor_status = 0; | *minor_status = 0; | ||||
| return GSS_S_BAD_MIC; | return GSS_S_BAD_MIC; | ||||
| } | } | ||||
| { | { | ||||
| EVP_CIPHER_CTX rc4_key; | EVP_CIPHER_CTX *rc4_key; | ||||
| EVP_CIPHER_CTX_init(&rc4_key); | rc4_key = EVP_CIPHER_CTX_new(); | ||||
| EVP_CipherInit_ex(&rc4_key, EVP_rc4(), NULL, (void *)k6_data, NULL, 0); | if (rc4_key == NULL) { | ||||
| EVP_Cipher(&rc4_key, SND_SEQ, p, 8); | *minor_status = ENOMEM; | ||||
| EVP_CIPHER_CTX_cleanup(&rc4_key); | return GSS_S_FAILURE; | ||||
| } | |||||
| EVP_CipherInit_ex(rc4_key, EVP_rc4(), NULL, (void *)k6_data, NULL, 0); | |||||
| EVP_Cipher(rc4_key, SND_SEQ, p, 8); | |||||
| EVP_CIPHER_CTX_free(rc4_key); | |||||
| memset(k6_data, 0, sizeof(k6_data)); | memset(k6_data, 0, sizeof(k6_data)); | ||||
| } | } | ||||
| _gsskrb5_decode_be_om_uint32(SND_SEQ, &seq_number); | _gsskrb5_decode_be_om_uint32(SND_SEQ, &seq_number); | ||||
| if (context_handle->more_flags & LOCAL) | if (context_handle->more_flags & LOCAL) | ||||
| cmp = memcmp(&SND_SEQ[4], "\xff\xff\xff\xff", 4); | cmp = memcmp(&SND_SEQ[4], "\xff\xff\xff\xff", 4); | ||||
| ▲ Show 20 Lines • Show All 131 Lines • ▼ Show 20 Lines | for (i = 0; i < 16; i++) | ||||
| if (ret) { | if (ret) { | ||||
| _gsskrb5_release_buffer(minor_status, output_message_buffer); | _gsskrb5_release_buffer(minor_status, output_message_buffer); | ||||
| *minor_status = ret; | *minor_status = ret; | ||||
| return GSS_S_FAILURE; | return GSS_S_FAILURE; | ||||
| } | } | ||||
| if(conf_req_flag) { | if(conf_req_flag) { | ||||
| EVP_CIPHER_CTX rc4_key; | EVP_CIPHER_CTX *rc4_key; | ||||
| EVP_CIPHER_CTX_init(&rc4_key); | rc4_key = EVP_CIPHER_CTX_new(); | ||||
| EVP_CipherInit_ex(&rc4_key, EVP_rc4(), NULL, k6_data, NULL, 1); | if (rc4_key == NULL) { | ||||
| EVP_Cipher(&rc4_key, p0 + 24, p0 + 24, 8 + datalen); | _gsskrb5_release_buffer(minor_status, output_message_buffer); | ||||
| EVP_CIPHER_CTX_cleanup(&rc4_key); | *minor_status = ENOMEM; | ||||
| return GSS_S_FAILURE; | |||||
| } | } | ||||
| EVP_CipherInit_ex(rc4_key, EVP_rc4(), NULL, k6_data, NULL, 1); | |||||
| EVP_Cipher(rc4_key, p0 + 24, p0 + 24, 8 + datalen); | |||||
| EVP_CIPHER_CTX_free(rc4_key); | |||||
| } | |||||
| memset(k6_data, 0, sizeof(k6_data)); | memset(k6_data, 0, sizeof(k6_data)); | ||||
| ret = arcfour_mic_key(context, key, | ret = arcfour_mic_key(context, key, | ||||
| p0 + 16, 8, /* SGN_CKSUM */ | p0 + 16, 8, /* SGN_CKSUM */ | ||||
| k6_data, sizeof(k6_data)); | k6_data, sizeof(k6_data)); | ||||
| if (ret) { | if (ret) { | ||||
| _gsskrb5_release_buffer(minor_status, output_message_buffer); | _gsskrb5_release_buffer(minor_status, output_message_buffer); | ||||
| *minor_status = ret; | *minor_status = ret; | ||||
| return GSS_S_FAILURE; | return GSS_S_FAILURE; | ||||
| } | } | ||||
| { | { | ||||
| EVP_CIPHER_CTX rc4_key; | EVP_CIPHER_CTX *rc4_key; | ||||
| EVP_CIPHER_CTX_init(&rc4_key); | rc4_key = EVP_CIPHER_CTX_new(); | ||||
| EVP_CipherInit_ex(&rc4_key, EVP_rc4(), NULL, k6_data, NULL, 1); | if (rc4_key == NULL) { | ||||
| EVP_Cipher(&rc4_key, p0 + 8, p0 + 8 /* SND_SEQ */, 8); | _gsskrb5_release_buffer(minor_status, output_message_buffer); | ||||
| EVP_CIPHER_CTX_cleanup(&rc4_key); | *minor_status = ENOMEM; | ||||
| return GSS_S_FAILURE; | |||||
| } | |||||
| EVP_CipherInit_ex(rc4_key, EVP_rc4(), NULL, k6_data, NULL, 1); | |||||
| EVP_Cipher(rc4_key, p0 + 8, p0 + 8 /* SND_SEQ */, 8); | |||||
| EVP_CIPHER_CTX_free(rc4_key); | |||||
| memset(k6_data, 0, sizeof(k6_data)); | memset(k6_data, 0, sizeof(k6_data)); | ||||
| } | } | ||||
| if (conf_state) | if (conf_state) | ||||
| *conf_state = conf_req_flag; | *conf_state = conf_req_flag; | ||||
| *minor_status = 0; | *minor_status = 0; | ||||
| return GSS_S_COMPLETE; | return GSS_S_COMPLETE; | ||||
| ▲ Show 20 Lines • Show All 78 Lines • ▼ Show 20 Lines | ret = arcfour_mic_key(context, key, | ||||
| p0 + 16, 8, /* SGN_CKSUM */ | p0 + 16, 8, /* SGN_CKSUM */ | ||||
| k6_data, sizeof(k6_data)); | k6_data, sizeof(k6_data)); | ||||
| if (ret) { | if (ret) { | ||||
| *minor_status = ret; | *minor_status = ret; | ||||
| return GSS_S_FAILURE; | return GSS_S_FAILURE; | ||||
| } | } | ||||
| { | { | ||||
| EVP_CIPHER_CTX rc4_key; | EVP_CIPHER_CTX *rc4_key; | ||||
| EVP_CIPHER_CTX_init(&rc4_key); | rc4_key = EVP_CIPHER_CTX_new(); | ||||
| EVP_CipherInit_ex(&rc4_key, EVP_rc4(), NULL, k6_data, NULL, 1); | if (rc4_key == NULL) { | ||||
| EVP_Cipher(&rc4_key, SND_SEQ, p0 + 8, 8); | *minor_status = ENOMEM; | ||||
| EVP_CIPHER_CTX_cleanup(&rc4_key); | return GSS_S_FAILURE; | ||||
| } | |||||
| EVP_CipherInit_ex(rc4_key, EVP_rc4(), NULL, k6_data, NULL, 1); | |||||
| EVP_Cipher(rc4_key, SND_SEQ, p0 + 8, 8); | |||||
| EVP_CIPHER_CTX_free(rc4_key); | |||||
| memset(k6_data, 0, sizeof(k6_data)); | memset(k6_data, 0, sizeof(k6_data)); | ||||
| } | } | ||||
| _gsskrb5_decode_be_om_uint32(SND_SEQ, &seq_number); | _gsskrb5_decode_be_om_uint32(SND_SEQ, &seq_number); | ||||
| if (context_handle->more_flags & LOCAL) | if (context_handle->more_flags & LOCAL) | ||||
| cmp = memcmp(&SND_SEQ[4], "\xff\xff\xff\xff", 4); | cmp = memcmp(&SND_SEQ[4], "\xff\xff\xff\xff", 4); | ||||
| else | else | ||||
| Show All 26 Lines | return GSS_S_FAILURE; | ||||
| output_message_buffer->value = malloc(datalen); | output_message_buffer->value = malloc(datalen); | ||||
| if (output_message_buffer->value == NULL) { | if (output_message_buffer->value == NULL) { | ||||
| *minor_status = ENOMEM; | *minor_status = ENOMEM; | ||||
| return GSS_S_FAILURE; | return GSS_S_FAILURE; | ||||
| } | } | ||||
| output_message_buffer->length = datalen; | output_message_buffer->length = datalen; | ||||
| if(conf_flag) { | if(conf_flag) { | ||||
| EVP_CIPHER_CTX rc4_key; | EVP_CIPHER_CTX *rc4_key; | ||||
| EVP_CIPHER_CTX_init(&rc4_key); | rc4_key = EVP_CIPHER_CTX_new(); | ||||
| EVP_CipherInit_ex(&rc4_key, EVP_rc4(), NULL, k6_data, NULL, 1); | if (rc4_key == NULL) { | ||||
| EVP_Cipher(&rc4_key, Confounder, p0 + 24, 8); | *minor_status = ENOMEM; | ||||
jhb: Bah, this probably needs to free 'output_message_buffer' | |||||
| EVP_Cipher(&rc4_key, output_message_buffer->value, p0 + GSS_ARCFOUR_WRAP_TOKEN_SIZE, datalen); | return GSS_S_FAILURE; | ||||
| EVP_CIPHER_CTX_cleanup(&rc4_key); | } | ||||
| EVP_CipherInit_ex(rc4_key, EVP_rc4(), NULL, k6_data, NULL, 1); | |||||
| EVP_Cipher(rc4_key, Confounder, p0 + 24, 8); | |||||
| EVP_Cipher(rc4_key, output_message_buffer->value, p0 + GSS_ARCFOUR_WRAP_TOKEN_SIZE, datalen); | |||||
| EVP_CIPHER_CTX_free(rc4_key); | |||||
| } else { | } else { | ||||
| memcpy(Confounder, p0 + 24, 8); /* Confounder */ | memcpy(Confounder, p0 + 24, 8); /* Confounder */ | ||||
| memcpy(output_message_buffer->value, | memcpy(output_message_buffer->value, | ||||
| p0 + GSS_ARCFOUR_WRAP_TOKEN_SIZE, | p0 + GSS_ARCFOUR_WRAP_TOKEN_SIZE, | ||||
| datalen); | datalen); | ||||
| } | } | ||||
| memset(k6_data, 0, sizeof(k6_data)); | memset(k6_data, 0, sizeof(k6_data)); | ||||
| ▲ Show 20 Lines • Show All 117 Lines • Show Last 20 Lines | |||||
Bah, this probably needs to free 'output_message_buffer'