Changeset View
Changeset View
Standalone View
Standalone View
crypto/heimdal/lib/gssapi/krb5/arcfour.c
Show First 20 Lines • Show All 167 Lines • ▼ Show 20 Lines | _gssapi_get_mic_arcfour(OM_uint32 * minor_status, | ||||
const gss_buffer_t message_buffer, | const gss_buffer_t message_buffer, | ||||
gss_buffer_t message_token, | gss_buffer_t message_token, | ||||
krb5_keyblock *key) | krb5_keyblock *key) | ||||
{ | { | ||||
krb5_error_code ret; | krb5_error_code ret; | ||||
int32_t seq_number; | int32_t seq_number; | ||||
size_t len, total_len; | size_t len, total_len; | ||||
u_char k6_data[16], *p0, *p; | u_char k6_data[16], *p0, *p; | ||||
EVP_CIPHER_CTX rc4_key; | EVP_CIPHER_CTX *rc4_key; | ||||
_gsskrb5_encap_length (22, &len, &total_len, GSS_KRB5_MECHANISM); | _gsskrb5_encap_length (22, &len, &total_len, GSS_KRB5_MECHANISM); | ||||
message_token->length = total_len; | message_token->length = total_len; | ||||
message_token->value = malloc (total_len); | message_token->value = malloc (total_len); | ||||
if (message_token->value == NULL) { | if (message_token->value == NULL) { | ||||
*minor_status = ENOMEM; | *minor_status = ENOMEM; | ||||
return GSS_S_FAILURE; | return GSS_S_FAILURE; | ||||
▲ Show 20 Lines • Show All 45 Lines • ▼ Show 20 Lines | return GSS_S_FAILURE; | ||||
krb5_auth_con_setlocalseqnumber (context, | krb5_auth_con_setlocalseqnumber (context, | ||||
context_handle->auth_context, | context_handle->auth_context, | ||||
++seq_number); | ++seq_number); | ||||
HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex); | HEIMDAL_MUTEX_unlock(&context_handle->ctx_id_mutex); | ||||
memset (p + 4, (context_handle->more_flags & LOCAL) ? 0 : 0xff, 4); | memset (p + 4, (context_handle->more_flags & LOCAL) ? 0 : 0xff, 4); | ||||
EVP_CIPHER_CTX_init(&rc4_key); | rc4_key = EVP_CIPHER_CTX_new(); | ||||
EVP_CipherInit_ex(&rc4_key, EVP_rc4(), NULL, k6_data, NULL, 1); | if (rc4_key == NULL) { | ||||
EVP_Cipher(&rc4_key, p, p, 8); | _gsskrb5_release_buffer(minor_status, message_token); | ||||
EVP_CIPHER_CTX_cleanup(&rc4_key); | *minor_status = ENOMEM; | ||||
return GSS_S_FAILURE; | |||||
} | |||||
EVP_CipherInit_ex(rc4_key, EVP_rc4(), NULL, k6_data, NULL, 1); | |||||
EVP_Cipher(rc4_key, p, p, 8); | |||||
EVP_CIPHER_CTX_free(rc4_key); | |||||
memset(k6_data, 0, sizeof(k6_data)); | memset(k6_data, 0, sizeof(k6_data)); | ||||
*minor_status = 0; | *minor_status = 0; | ||||
return GSS_S_COMPLETE; | return GSS_S_COMPLETE; | ||||
} | } | ||||
OM_uint32 | OM_uint32 | ||||
▲ Show 20 Lines • Show All 52 Lines • ▼ Show 20 Lines | return GSS_S_FAILURE; | ||||
cmp = ct_memcmp(cksum_data, p + 8, 8); | cmp = ct_memcmp(cksum_data, p + 8, 8); | ||||
if (cmp) { | if (cmp) { | ||||
*minor_status = 0; | *minor_status = 0; | ||||
return GSS_S_BAD_MIC; | return GSS_S_BAD_MIC; | ||||
} | } | ||||
{ | { | ||||
EVP_CIPHER_CTX rc4_key; | EVP_CIPHER_CTX *rc4_key; | ||||
EVP_CIPHER_CTX_init(&rc4_key); | rc4_key = EVP_CIPHER_CTX_new(); | ||||
EVP_CipherInit_ex(&rc4_key, EVP_rc4(), NULL, (void *)k6_data, NULL, 0); | if (rc4_key == NULL) { | ||||
EVP_Cipher(&rc4_key, SND_SEQ, p, 8); | *minor_status = ENOMEM; | ||||
EVP_CIPHER_CTX_cleanup(&rc4_key); | return GSS_S_FAILURE; | ||||
} | |||||
EVP_CipherInit_ex(rc4_key, EVP_rc4(), NULL, (void *)k6_data, NULL, 0); | |||||
EVP_Cipher(rc4_key, SND_SEQ, p, 8); | |||||
EVP_CIPHER_CTX_free(rc4_key); | |||||
memset(k6_data, 0, sizeof(k6_data)); | memset(k6_data, 0, sizeof(k6_data)); | ||||
} | } | ||||
_gsskrb5_decode_be_om_uint32(SND_SEQ, &seq_number); | _gsskrb5_decode_be_om_uint32(SND_SEQ, &seq_number); | ||||
if (context_handle->more_flags & LOCAL) | if (context_handle->more_flags & LOCAL) | ||||
cmp = memcmp(&SND_SEQ[4], "\xff\xff\xff\xff", 4); | cmp = memcmp(&SND_SEQ[4], "\xff\xff\xff\xff", 4); | ||||
▲ Show 20 Lines • Show All 131 Lines • ▼ Show 20 Lines | for (i = 0; i < 16; i++) | ||||
if (ret) { | if (ret) { | ||||
_gsskrb5_release_buffer(minor_status, output_message_buffer); | _gsskrb5_release_buffer(minor_status, output_message_buffer); | ||||
*minor_status = ret; | *minor_status = ret; | ||||
return GSS_S_FAILURE; | return GSS_S_FAILURE; | ||||
} | } | ||||
if(conf_req_flag) { | if(conf_req_flag) { | ||||
EVP_CIPHER_CTX rc4_key; | EVP_CIPHER_CTX *rc4_key; | ||||
EVP_CIPHER_CTX_init(&rc4_key); | rc4_key = EVP_CIPHER_CTX_new(); | ||||
EVP_CipherInit_ex(&rc4_key, EVP_rc4(), NULL, k6_data, NULL, 1); | if (rc4_key == NULL) { | ||||
EVP_Cipher(&rc4_key, p0 + 24, p0 + 24, 8 + datalen); | _gsskrb5_release_buffer(minor_status, output_message_buffer); | ||||
EVP_CIPHER_CTX_cleanup(&rc4_key); | *minor_status = ENOMEM; | ||||
return GSS_S_FAILURE; | |||||
} | } | ||||
EVP_CipherInit_ex(rc4_key, EVP_rc4(), NULL, k6_data, NULL, 1); | |||||
EVP_Cipher(rc4_key, p0 + 24, p0 + 24, 8 + datalen); | |||||
EVP_CIPHER_CTX_free(rc4_key); | |||||
} | |||||
memset(k6_data, 0, sizeof(k6_data)); | memset(k6_data, 0, sizeof(k6_data)); | ||||
ret = arcfour_mic_key(context, key, | ret = arcfour_mic_key(context, key, | ||||
p0 + 16, 8, /* SGN_CKSUM */ | p0 + 16, 8, /* SGN_CKSUM */ | ||||
k6_data, sizeof(k6_data)); | k6_data, sizeof(k6_data)); | ||||
if (ret) { | if (ret) { | ||||
_gsskrb5_release_buffer(minor_status, output_message_buffer); | _gsskrb5_release_buffer(minor_status, output_message_buffer); | ||||
*minor_status = ret; | *minor_status = ret; | ||||
return GSS_S_FAILURE; | return GSS_S_FAILURE; | ||||
} | } | ||||
{ | { | ||||
EVP_CIPHER_CTX rc4_key; | EVP_CIPHER_CTX *rc4_key; | ||||
EVP_CIPHER_CTX_init(&rc4_key); | rc4_key = EVP_CIPHER_CTX_new(); | ||||
EVP_CipherInit_ex(&rc4_key, EVP_rc4(), NULL, k6_data, NULL, 1); | if (rc4_key == NULL) { | ||||
EVP_Cipher(&rc4_key, p0 + 8, p0 + 8 /* SND_SEQ */, 8); | _gsskrb5_release_buffer(minor_status, output_message_buffer); | ||||
EVP_CIPHER_CTX_cleanup(&rc4_key); | *minor_status = ENOMEM; | ||||
return GSS_S_FAILURE; | |||||
} | |||||
EVP_CipherInit_ex(rc4_key, EVP_rc4(), NULL, k6_data, NULL, 1); | |||||
EVP_Cipher(rc4_key, p0 + 8, p0 + 8 /* SND_SEQ */, 8); | |||||
EVP_CIPHER_CTX_free(rc4_key); | |||||
memset(k6_data, 0, sizeof(k6_data)); | memset(k6_data, 0, sizeof(k6_data)); | ||||
} | } | ||||
if (conf_state) | if (conf_state) | ||||
*conf_state = conf_req_flag; | *conf_state = conf_req_flag; | ||||
*minor_status = 0; | *minor_status = 0; | ||||
return GSS_S_COMPLETE; | return GSS_S_COMPLETE; | ||||
▲ Show 20 Lines • Show All 78 Lines • ▼ Show 20 Lines | ret = arcfour_mic_key(context, key, | ||||
p0 + 16, 8, /* SGN_CKSUM */ | p0 + 16, 8, /* SGN_CKSUM */ | ||||
k6_data, sizeof(k6_data)); | k6_data, sizeof(k6_data)); | ||||
if (ret) { | if (ret) { | ||||
*minor_status = ret; | *minor_status = ret; | ||||
return GSS_S_FAILURE; | return GSS_S_FAILURE; | ||||
} | } | ||||
{ | { | ||||
EVP_CIPHER_CTX rc4_key; | EVP_CIPHER_CTX *rc4_key; | ||||
EVP_CIPHER_CTX_init(&rc4_key); | rc4_key = EVP_CIPHER_CTX_new(); | ||||
EVP_CipherInit_ex(&rc4_key, EVP_rc4(), NULL, k6_data, NULL, 1); | if (rc4_key == NULL) { | ||||
EVP_Cipher(&rc4_key, SND_SEQ, p0 + 8, 8); | *minor_status = ENOMEM; | ||||
EVP_CIPHER_CTX_cleanup(&rc4_key); | return GSS_S_FAILURE; | ||||
} | |||||
EVP_CipherInit_ex(rc4_key, EVP_rc4(), NULL, k6_data, NULL, 1); | |||||
EVP_Cipher(rc4_key, SND_SEQ, p0 + 8, 8); | |||||
EVP_CIPHER_CTX_free(rc4_key); | |||||
memset(k6_data, 0, sizeof(k6_data)); | memset(k6_data, 0, sizeof(k6_data)); | ||||
} | } | ||||
_gsskrb5_decode_be_om_uint32(SND_SEQ, &seq_number); | _gsskrb5_decode_be_om_uint32(SND_SEQ, &seq_number); | ||||
if (context_handle->more_flags & LOCAL) | if (context_handle->more_flags & LOCAL) | ||||
cmp = memcmp(&SND_SEQ[4], "\xff\xff\xff\xff", 4); | cmp = memcmp(&SND_SEQ[4], "\xff\xff\xff\xff", 4); | ||||
else | else | ||||
Show All 26 Lines | return GSS_S_FAILURE; | ||||
output_message_buffer->value = malloc(datalen); | output_message_buffer->value = malloc(datalen); | ||||
if (output_message_buffer->value == NULL) { | if (output_message_buffer->value == NULL) { | ||||
*minor_status = ENOMEM; | *minor_status = ENOMEM; | ||||
return GSS_S_FAILURE; | return GSS_S_FAILURE; | ||||
} | } | ||||
output_message_buffer->length = datalen; | output_message_buffer->length = datalen; | ||||
if(conf_flag) { | if(conf_flag) { | ||||
EVP_CIPHER_CTX rc4_key; | EVP_CIPHER_CTX *rc4_key; | ||||
EVP_CIPHER_CTX_init(&rc4_key); | rc4_key = EVP_CIPHER_CTX_new(); | ||||
EVP_CipherInit_ex(&rc4_key, EVP_rc4(), NULL, k6_data, NULL, 1); | if (rc4_key == NULL) { | ||||
EVP_Cipher(&rc4_key, Confounder, p0 + 24, 8); | *minor_status = ENOMEM; | ||||
jhb: Bah, this probably needs to free 'output_message_buffer' | |||||
EVP_Cipher(&rc4_key, output_message_buffer->value, p0 + GSS_ARCFOUR_WRAP_TOKEN_SIZE, datalen); | return GSS_S_FAILURE; | ||||
EVP_CIPHER_CTX_cleanup(&rc4_key); | } | ||||
EVP_CipherInit_ex(rc4_key, EVP_rc4(), NULL, k6_data, NULL, 1); | |||||
EVP_Cipher(rc4_key, Confounder, p0 + 24, 8); | |||||
EVP_Cipher(rc4_key, output_message_buffer->value, p0 + GSS_ARCFOUR_WRAP_TOKEN_SIZE, datalen); | |||||
EVP_CIPHER_CTX_free(rc4_key); | |||||
} else { | } else { | ||||
memcpy(Confounder, p0 + 24, 8); /* Confounder */ | memcpy(Confounder, p0 + 24, 8); /* Confounder */ | ||||
memcpy(output_message_buffer->value, | memcpy(output_message_buffer->value, | ||||
p0 + GSS_ARCFOUR_WRAP_TOKEN_SIZE, | p0 + GSS_ARCFOUR_WRAP_TOKEN_SIZE, | ||||
datalen); | datalen); | ||||
} | } | ||||
memset(k6_data, 0, sizeof(k6_data)); | memset(k6_data, 0, sizeof(k6_data)); | ||||
▲ Show 20 Lines • Show All 117 Lines • Show Last 20 Lines |
Bah, this probably needs to free 'output_message_buffer'