17c478bd9Sstevel@tonic-gate /* 2ae5b046dSsemery * Copyright 2008 Sun Microsystems, Inc. All rights reserved. 37c478bd9Sstevel@tonic-gate * Use is subject to license terms. 47c478bd9Sstevel@tonic-gate */ 57c478bd9Sstevel@tonic-gate 67c478bd9Sstevel@tonic-gate 77c478bd9Sstevel@tonic-gate /* 8*159d09a2SMark Phalan * Copyright 2001 by the Massachusetts Institute of Technology. 97c478bd9Sstevel@tonic-gate * Copyright 1993 by OpenVision Technologies, Inc. 10*159d09a2SMark Phalan * 117c478bd9Sstevel@tonic-gate * Permission to use, copy, modify, distribute, and sell this software 127c478bd9Sstevel@tonic-gate * and its documentation for any purpose is hereby granted without fee, 137c478bd9Sstevel@tonic-gate * provided that the above copyright notice appears in all copies and 147c478bd9Sstevel@tonic-gate * that both that copyright notice and this permission notice appear in 157c478bd9Sstevel@tonic-gate * supporting documentation, and that the name of OpenVision not be used 167c478bd9Sstevel@tonic-gate * in advertising or publicity pertaining to distribution of the software 177c478bd9Sstevel@tonic-gate * without specific, written prior permission. OpenVision makes no 187c478bd9Sstevel@tonic-gate * representations about the suitability of this software for any 197c478bd9Sstevel@tonic-gate * purpose. It is provided "as is" without express or implied warranty. 20*159d09a2SMark Phalan * 217c478bd9Sstevel@tonic-gate * OPENVISION DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, 227c478bd9Sstevel@tonic-gate * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO 237c478bd9Sstevel@tonic-gate * EVENT SHALL OPENVISION BE LIABLE FOR ANY SPECIAL, INDIRECT OR 247c478bd9Sstevel@tonic-gate * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF 257c478bd9Sstevel@tonic-gate * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR 267c478bd9Sstevel@tonic-gate * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR 277c478bd9Sstevel@tonic-gate * PERFORMANCE OF THIS SOFTWARE. 287c478bd9Sstevel@tonic-gate */ 297c478bd9Sstevel@tonic-gate 307c478bd9Sstevel@tonic-gate /* 317c478bd9Sstevel@tonic-gate * Copyright (C) 1998 by the FundsXpress, INC. 327c478bd9Sstevel@tonic-gate * 337c478bd9Sstevel@tonic-gate * All rights reserved. 347c478bd9Sstevel@tonic-gate * 357c478bd9Sstevel@tonic-gate * Export of this software from the United States of America may require 367c478bd9Sstevel@tonic-gate * a specific license from the United States Government. It is the 377c478bd9Sstevel@tonic-gate * responsibility of any person or organization contemplating export to 387c478bd9Sstevel@tonic-gate * obtain such a license before exporting. 397c478bd9Sstevel@tonic-gate * 407c478bd9Sstevel@tonic-gate * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and 417c478bd9Sstevel@tonic-gate * distribute this software and its documentation for any purpose and 427c478bd9Sstevel@tonic-gate * without fee is hereby granted, provided that the above copyright 437c478bd9Sstevel@tonic-gate * notice appear in all copies and that both that copyright notice and 447c478bd9Sstevel@tonic-gate * this permission notice appear in supporting documentation, and that 457c478bd9Sstevel@tonic-gate * the name of FundsXpress. not be used in advertising or publicity pertaining 467c478bd9Sstevel@tonic-gate * to distribution of the software without specific, written prior 477c478bd9Sstevel@tonic-gate * permission. FundsXpress makes no representations about the suitability of 487c478bd9Sstevel@tonic-gate * this software for any purpose. It is provided "as is" without express 497c478bd9Sstevel@tonic-gate * or implied warranty. 507c478bd9Sstevel@tonic-gate * 517c478bd9Sstevel@tonic-gate * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR 527c478bd9Sstevel@tonic-gate * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED 537c478bd9Sstevel@tonic-gate * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. 547c478bd9Sstevel@tonic-gate */ 557c478bd9Sstevel@tonic-gate 56*159d09a2SMark Phalan #include "gssapiP_krb5.h" 57*159d09a2SMark Phalan #include "k5-int.h" 587c478bd9Sstevel@tonic-gate 597c478bd9Sstevel@tonic-gate /* message_buffer is an input if SIGN, output if SEAL, and ignored if DEL_CTX 60*159d09a2SMark Phalan conf_state is only valid if SEAL. */ 617c478bd9Sstevel@tonic-gate 62*159d09a2SMark Phalan static OM_uint32 637c478bd9Sstevel@tonic-gate kg_unseal_v1(context, minor_status, ctx, ptr, bodysize, message_buffer, 647c478bd9Sstevel@tonic-gate conf_state, qop_state, toktype) 657c478bd9Sstevel@tonic-gate krb5_context context; 667c478bd9Sstevel@tonic-gate OM_uint32 *minor_status; 677c478bd9Sstevel@tonic-gate krb5_gss_ctx_id_rec *ctx; 687c478bd9Sstevel@tonic-gate unsigned char *ptr; 697c478bd9Sstevel@tonic-gate int bodysize; 707c478bd9Sstevel@tonic-gate gss_buffer_t message_buffer; 717c478bd9Sstevel@tonic-gate int *conf_state; 727c478bd9Sstevel@tonic-gate int *qop_state; 737c478bd9Sstevel@tonic-gate int toktype; 747c478bd9Sstevel@tonic-gate { 757c478bd9Sstevel@tonic-gate krb5_error_code code; 767c478bd9Sstevel@tonic-gate int conflen = 0; 777c478bd9Sstevel@tonic-gate int signalg; 787c478bd9Sstevel@tonic-gate int sealalg; 797c478bd9Sstevel@tonic-gate gss_buffer_desc token; 807c478bd9Sstevel@tonic-gate krb5_checksum cksum; 817c478bd9Sstevel@tonic-gate krb5_checksum md5cksum; 827c478bd9Sstevel@tonic-gate krb5_data plaind; 837c478bd9Sstevel@tonic-gate char *data_ptr; 847c478bd9Sstevel@tonic-gate krb5_timestamp now; 857c478bd9Sstevel@tonic-gate unsigned char *plain; 86*159d09a2SMark Phalan unsigned int cksum_len = 0; 87*159d09a2SMark Phalan size_t plainlen; 887c478bd9Sstevel@tonic-gate int direction; 897c478bd9Sstevel@tonic-gate krb5_ui_4 seqnum; 907c478bd9Sstevel@tonic-gate OM_uint32 retval; 91ae5b046dSsemery size_t sumlen, blocksize; 927c478bd9Sstevel@tonic-gate int tmsglen; 937c478bd9Sstevel@tonic-gate krb5_keyusage sign_usage = KG_USAGE_SIGN; 947c478bd9Sstevel@tonic-gate 957c478bd9Sstevel@tonic-gate KRB5_LOG0(KRB5_INFO, "kg_unseal_v1() start\n"); 967c478bd9Sstevel@tonic-gate 977c478bd9Sstevel@tonic-gate /* Solaris Kerberos: make sure this is initialized */ 987c478bd9Sstevel@tonic-gate *minor_status = 0; 997c478bd9Sstevel@tonic-gate 1007c478bd9Sstevel@tonic-gate if (toktype == KG_TOK_SEAL_MSG) { 1017c478bd9Sstevel@tonic-gate message_buffer->length = 0; 1027c478bd9Sstevel@tonic-gate message_buffer->value = NULL; 1037c478bd9Sstevel@tonic-gate } 1047c478bd9Sstevel@tonic-gate 1057c478bd9Sstevel@tonic-gate /* get the sign and seal algorithms */ 1067c478bd9Sstevel@tonic-gate 1077c478bd9Sstevel@tonic-gate signalg = ptr[0] + (ptr[1]<<8); 1087c478bd9Sstevel@tonic-gate sealalg = ptr[2] + (ptr[3]<<8); 1097c478bd9Sstevel@tonic-gate 1107c478bd9Sstevel@tonic-gate /* Sanity checks */ 1117c478bd9Sstevel@tonic-gate 1127c478bd9Sstevel@tonic-gate if ((ptr[4] != 0xff) || (ptr[5] != 0xff)) { 1137c478bd9Sstevel@tonic-gate *minor_status = 0; 1147c478bd9Sstevel@tonic-gate KRB5_LOG0(KRB5_ERR, "kg_unseal_v1() end, error GSS_S_DEFECTIVE_TOKEN\n"); 1157c478bd9Sstevel@tonic-gate return GSS_S_DEFECTIVE_TOKEN; 1167c478bd9Sstevel@tonic-gate } 1177c478bd9Sstevel@tonic-gate 1187c478bd9Sstevel@tonic-gate if ((toktype != KG_TOK_SEAL_MSG) && 1197c478bd9Sstevel@tonic-gate (sealalg != 0xffff)) { 1207c478bd9Sstevel@tonic-gate *minor_status = 0; 1217c478bd9Sstevel@tonic-gate KRB5_LOG0(KRB5_ERR, "kg_unseal_v1() end, error2 GSS_S_DEFECTIVE_TOKEN\n"); 1227c478bd9Sstevel@tonic-gate return GSS_S_DEFECTIVE_TOKEN; 1237c478bd9Sstevel@tonic-gate } 1247c478bd9Sstevel@tonic-gate 1257c478bd9Sstevel@tonic-gate /* in the current spec, there is only one valid seal algorithm per 1267c478bd9Sstevel@tonic-gate key type, so a simple comparison is ok */ 1277c478bd9Sstevel@tonic-gate 1287c478bd9Sstevel@tonic-gate if ((toktype == KG_TOK_SEAL_MSG) && 1297c478bd9Sstevel@tonic-gate !((sealalg == 0xffff) || 1307c478bd9Sstevel@tonic-gate (sealalg == ctx->sealalg))) { 1317c478bd9Sstevel@tonic-gate *minor_status = 0; 1327c478bd9Sstevel@tonic-gate KRB5_LOG0(KRB5_ERR, "kg_unseal_v1() end, error3 GSS_S_DEFECTIVE_TOKEN\n"); 1337c478bd9Sstevel@tonic-gate return GSS_S_DEFECTIVE_TOKEN; 1347c478bd9Sstevel@tonic-gate } 1357c478bd9Sstevel@tonic-gate 1367c478bd9Sstevel@tonic-gate /* there are several mappings of seal algorithms to sign algorithms, 1377c478bd9Sstevel@tonic-gate but few enough that we can try them all. */ 1387c478bd9Sstevel@tonic-gate 1397c478bd9Sstevel@tonic-gate if ((ctx->sealalg == SEAL_ALG_NONE && signalg > 1) || 140*159d09a2SMark Phalan (ctx->sealalg == SEAL_ALG_1 && signalg != SGN_ALG_3) || 1417c478bd9Sstevel@tonic-gate (ctx->sealalg == SEAL_ALG_DES3KD && 142*159d09a2SMark Phalan signalg != SGN_ALG_HMAC_SHA1_DES3_KD)|| 1437c478bd9Sstevel@tonic-gate (ctx->sealalg == SEAL_ALG_MICROSOFT_RC4 && 144*159d09a2SMark Phalan signalg != SGN_ALG_HMAC_MD5)) { 1457c478bd9Sstevel@tonic-gate *minor_status = 0; 1467c478bd9Sstevel@tonic-gate KRB5_LOG0(KRB5_ERR, "kg_unseal_v1() end, error4 GSS_S_DEFECTIVE_TOKEN\n"); 1477c478bd9Sstevel@tonic-gate return GSS_S_DEFECTIVE_TOKEN; 1487c478bd9Sstevel@tonic-gate } 1497c478bd9Sstevel@tonic-gate 1507c478bd9Sstevel@tonic-gate KRB5_LOG(KRB5_INFO, "kg_unseal_v1() signalg = %d\n", signalg); 1517c478bd9Sstevel@tonic-gate 1527c478bd9Sstevel@tonic-gate switch (signalg) { 1537c478bd9Sstevel@tonic-gate case SGN_ALG_DES_MAC_MD5: 1547c478bd9Sstevel@tonic-gate case SGN_ALG_MD2_5: 1557c478bd9Sstevel@tonic-gate case SGN_ALG_HMAC_MD5: 1567c478bd9Sstevel@tonic-gate cksum_len = 8; 1577c478bd9Sstevel@tonic-gate if (toktype != KG_TOK_SEAL_MSG) 1587c478bd9Sstevel@tonic-gate sign_usage = 15; 159*159d09a2SMark Phalan break; 1607c478bd9Sstevel@tonic-gate case SGN_ALG_3: 1617c478bd9Sstevel@tonic-gate cksum_len = 16; 1627c478bd9Sstevel@tonic-gate break; 1637c478bd9Sstevel@tonic-gate case SGN_ALG_HMAC_SHA1_DES3_KD: 1647c478bd9Sstevel@tonic-gate cksum_len = 20; 1657c478bd9Sstevel@tonic-gate break; 1667c478bd9Sstevel@tonic-gate default: 1677c478bd9Sstevel@tonic-gate *minor_status = 0; 1687c478bd9Sstevel@tonic-gate KRB5_LOG(KRB5_ERR, "kg_unseal_v1() end, error signalg=%d\n", signalg); 1697c478bd9Sstevel@tonic-gate return GSS_S_DEFECTIVE_TOKEN; 1707c478bd9Sstevel@tonic-gate } 1717c478bd9Sstevel@tonic-gate 1727c478bd9Sstevel@tonic-gate #ifdef _KERNEL 1737c478bd9Sstevel@tonic-gate /* 1747c478bd9Sstevel@tonic-gate * Because the ARCFOUR code bypasses the standard 1757c478bd9Sstevel@tonic-gate * crypto interfaces, we must make sure the kernel 1767c478bd9Sstevel@tonic-gate * crypto framework mechanism types are properly 1777c478bd9Sstevel@tonic-gate * initialized here. 1787c478bd9Sstevel@tonic-gate */ 1797c478bd9Sstevel@tonic-gate context->kef_cipher_mt = get_cipher_mech_type(context, 1807c478bd9Sstevel@tonic-gate ctx->seq); 1817c478bd9Sstevel@tonic-gate context->kef_hash_mt = get_hash_mech_type(context, 1827c478bd9Sstevel@tonic-gate ctx->seq); 1837c478bd9Sstevel@tonic-gate if ((code = init_key_kef(context->kef_cipher_mt, 1847c478bd9Sstevel@tonic-gate ctx->seq))) { 1857c478bd9Sstevel@tonic-gate *minor_status = code; 1867c478bd9Sstevel@tonic-gate return (GSS_S_FAILURE); 1877c478bd9Sstevel@tonic-gate } 1887c478bd9Sstevel@tonic-gate if ((code = init_key_kef(context->kef_cipher_mt, 1897c478bd9Sstevel@tonic-gate ctx->enc))) { 1907c478bd9Sstevel@tonic-gate *minor_status = code; 1917c478bd9Sstevel@tonic-gate return (GSS_S_FAILURE); 1927c478bd9Sstevel@tonic-gate } 1937c478bd9Sstevel@tonic-gate #endif /* _KERNEL */ 1947c478bd9Sstevel@tonic-gate 1957c478bd9Sstevel@tonic-gate /* get the token parameters */ 196*159d09a2SMark Phalan 1977c478bd9Sstevel@tonic-gate if ((code = kg_get_seq_num(context, ctx->seq, ptr+14, ptr+6, &direction, 198*159d09a2SMark Phalan &seqnum))) { 1997c478bd9Sstevel@tonic-gate *minor_status = code; 2007c478bd9Sstevel@tonic-gate return(GSS_S_BAD_SIG); 2017c478bd9Sstevel@tonic-gate } 2027c478bd9Sstevel@tonic-gate 2037c478bd9Sstevel@tonic-gate /* decode the message, if SEAL */ 2047c478bd9Sstevel@tonic-gate 2057c478bd9Sstevel@tonic-gate if (toktype == KG_TOK_SEAL_MSG) { 2067c478bd9Sstevel@tonic-gate tmsglen = bodysize-(14+cksum_len); 2077c478bd9Sstevel@tonic-gate KRB5_LOG1(KRB5_INFO, "kg_unseal_v1() tmsglen = %d cksum_len = %d", 2087c478bd9Sstevel@tonic-gate tmsglen, cksum_len); 2097c478bd9Sstevel@tonic-gate KRB5_LOG0(KRB5_INFO, "kg_unseal_v1() toktype == KG_TOK_SEAL_MSG\n"); 2107c478bd9Sstevel@tonic-gate 2117c478bd9Sstevel@tonic-gate if (sealalg != 0xffff) { 2127c478bd9Sstevel@tonic-gate if ((plain = (unsigned char *) xmalloc(tmsglen)) == NULL) { 2137c478bd9Sstevel@tonic-gate *minor_status = ENOMEM; 2147c478bd9Sstevel@tonic-gate KRB5_LOG0(KRB5_ERR, "kg_unseal_v1() end, error ENOMEM\n"); 2157c478bd9Sstevel@tonic-gate return(GSS_S_FAILURE); 2167c478bd9Sstevel@tonic-gate } 217*159d09a2SMark Phalan if (ctx->enc->enctype == ENCTYPE_ARCFOUR_HMAC) { 218*159d09a2SMark Phalan unsigned char bigend_seqnum[4]; 219*159d09a2SMark Phalan krb5_keyblock *enc_key; 220*159d09a2SMark Phalan int i; 221*159d09a2SMark Phalan bigend_seqnum[0] = (seqnum>>24) & 0xff; 222*159d09a2SMark Phalan bigend_seqnum[1] = (seqnum>>16) & 0xff; 223*159d09a2SMark Phalan bigend_seqnum[2] = (seqnum>>8) & 0xff; 224*159d09a2SMark Phalan bigend_seqnum[3] = seqnum & 0xff; 225*159d09a2SMark Phalan code = krb5_copy_keyblock (context, ctx->enc, &enc_key); 226*159d09a2SMark Phalan if (code) 2277c478bd9Sstevel@tonic-gate { 228*159d09a2SMark Phalan xfree_wrap(plain, tmsglen); 2297c478bd9Sstevel@tonic-gate *minor_status = code; 2307c478bd9Sstevel@tonic-gate return(GSS_S_FAILURE); 2317c478bd9Sstevel@tonic-gate } 2327c478bd9Sstevel@tonic-gate 233*159d09a2SMark Phalan for (i = 0; i <= 15; i++) 234*159d09a2SMark Phalan ((char *) enc_key->contents)[i] ^=0xf0; 2357c478bd9Sstevel@tonic-gate 2367c478bd9Sstevel@tonic-gate #ifndef _KERNEL 2377c478bd9Sstevel@tonic-gate /* 2387c478bd9Sstevel@tonic-gate * The enc_key contents were modified, delete the 2397c478bd9Sstevel@tonic-gate * key object so it doesn't get used later. 2407c478bd9Sstevel@tonic-gate */ 2417c478bd9Sstevel@tonic-gate if (enc_key->hKey != CK_INVALID_HANDLE) { 2427c478bd9Sstevel@tonic-gate (void)C_DestroyObject(krb_ctx_hSession(context), 2437c478bd9Sstevel@tonic-gate enc_key->hKey); 2447c478bd9Sstevel@tonic-gate enc_key->hKey = CK_INVALID_HANDLE; 2457c478bd9Sstevel@tonic-gate } 2467c478bd9Sstevel@tonic-gate #endif 2477c478bd9Sstevel@tonic-gate KRB5_LOG(KRB5_INFO, "kg_unseal_v1() enc_key->enctype = %d", 2487c478bd9Sstevel@tonic-gate enc_key->enctype); 2497c478bd9Sstevel@tonic-gate 2507c478bd9Sstevel@tonic-gate code = kg_arcfour_docrypt (context, 2517c478bd9Sstevel@tonic-gate enc_key, 0, 2527c478bd9Sstevel@tonic-gate &bigend_seqnum[0], 4, 2537c478bd9Sstevel@tonic-gate ptr+14+cksum_len, tmsglen, 2547c478bd9Sstevel@tonic-gate plain); 2557c478bd9Sstevel@tonic-gate krb5_free_keyblock (context, enc_key); 2567c478bd9Sstevel@tonic-gate } else { 2577c478bd9Sstevel@tonic-gate code = kg_decrypt(context, ctx->enc, KG_USAGE_SEAL, NULL, 2587c478bd9Sstevel@tonic-gate ptr+14+cksum_len, plain, tmsglen); 2597c478bd9Sstevel@tonic-gate } 2607c478bd9Sstevel@tonic-gate if (code) { 2617c478bd9Sstevel@tonic-gate xfree_wrap(plain, tmsglen); 2627c478bd9Sstevel@tonic-gate *minor_status = code; 2637c478bd9Sstevel@tonic-gate return(GSS_S_FAILURE); 264*159d09a2SMark Phalan } 2657c478bd9Sstevel@tonic-gate } else { 2667c478bd9Sstevel@tonic-gate plain = ptr+14+cksum_len; 2677c478bd9Sstevel@tonic-gate } 2687c478bd9Sstevel@tonic-gate 2697c478bd9Sstevel@tonic-gate plainlen = tmsglen; 2707c478bd9Sstevel@tonic-gate 2717c478bd9Sstevel@tonic-gate if ((sealalg == 0xffff) && ctx->big_endian) { 2727c478bd9Sstevel@tonic-gate token.length = tmsglen; 2737c478bd9Sstevel@tonic-gate } else { 2747c478bd9Sstevel@tonic-gate conflen = kg_confounder_size(context, ctx->enc); 275ae5b046dSsemery /* 276ae5b046dSsemery * Solaris Kerberos: we want to perform a sanity check on the 277ae5b046dSsemery * pad length, so we know it can not be more than the blocksize. 278ae5b046dSsemery */ 279ae5b046dSsemery code = krb5_c_block_size(context, ctx->enc->enctype, &blocksize); 280ae5b046dSsemery if (code != 0) { 281ae5b046dSsemery if (sealalg != 0xffff) 282ae5b046dSsemery xfree_wrap(plain, tmsglen); 283ae5b046dSsemery *minor_status = code; 284ae5b046dSsemery return(GSS_S_FAILURE); 285ae5b046dSsemery } 286ae5b046dSsemery if (plain[tmsglen-1] > blocksize) { 287ae5b046dSsemery if (sealalg != 0xffff) 288ae5b046dSsemery xfree_wrap(plain, tmsglen); 289ae5b046dSsemery *minor_status = KG_BAD_LENGTH; 290ae5b046dSsemery return(GSS_S_FAILURE); 291ae5b046dSsemery } 2927c478bd9Sstevel@tonic-gate token.length = tmsglen - conflen - plain[tmsglen-1]; 2937c478bd9Sstevel@tonic-gate } 2947c478bd9Sstevel@tonic-gate 2957c478bd9Sstevel@tonic-gate if (token.length) { 2967c478bd9Sstevel@tonic-gate if ((token.value = (void *) xmalloc(token.length)) == NULL) { 2977c478bd9Sstevel@tonic-gate if (sealalg != 0xffff) 2987c478bd9Sstevel@tonic-gate xfree_wrap(plain, tmsglen); 2997c478bd9Sstevel@tonic-gate *minor_status = ENOMEM; 3007c478bd9Sstevel@tonic-gate KRB5_LOG0(KRB5_ERR, "kg_unseal_v1() end, error2 ENOMEM\n"); 3017c478bd9Sstevel@tonic-gate return(GSS_S_FAILURE); 3027c478bd9Sstevel@tonic-gate } 3037c478bd9Sstevel@tonic-gate (void) memcpy(token.value, plain+conflen, token.length); 3047c478bd9Sstevel@tonic-gate } else { 3057c478bd9Sstevel@tonic-gate token.value = NULL; 3067c478bd9Sstevel@tonic-gate } 3077c478bd9Sstevel@tonic-gate } else if (toktype == KG_TOK_SIGN_MSG) { 3087c478bd9Sstevel@tonic-gate KRB5_LOG0(KRB5_INFO, "kg_unseal_v1() toktype == KG_TOK_SIGN_MSG\n"); 3097c478bd9Sstevel@tonic-gate token = *message_buffer; 3107c478bd9Sstevel@tonic-gate plain = token.value; 3117c478bd9Sstevel@tonic-gate plainlen = token.length; 3127c478bd9Sstevel@tonic-gate } else { 3137c478bd9Sstevel@tonic-gate KRB5_LOG0(KRB5_INFO, "kg_unseal_v1() toktype == NULL\n"); 3147c478bd9Sstevel@tonic-gate token.length = 0; 3157c478bd9Sstevel@tonic-gate token.value = NULL; 3167c478bd9Sstevel@tonic-gate plain = token.value; 3177c478bd9Sstevel@tonic-gate plainlen = token.length; 3187c478bd9Sstevel@tonic-gate } 3197c478bd9Sstevel@tonic-gate 3207c478bd9Sstevel@tonic-gate /* compute the checksum of the message */ 3217c478bd9Sstevel@tonic-gate 3227c478bd9Sstevel@tonic-gate /* initialize the the cksum */ 3237c478bd9Sstevel@tonic-gate switch (signalg) { 3247c478bd9Sstevel@tonic-gate case SGN_ALG_DES_MAC_MD5: 3257c478bd9Sstevel@tonic-gate case SGN_ALG_MD2_5: 3267c478bd9Sstevel@tonic-gate case SGN_ALG_DES_MAC: 3277c478bd9Sstevel@tonic-gate case SGN_ALG_3: 3287c478bd9Sstevel@tonic-gate md5cksum.checksum_type = CKSUMTYPE_RSA_MD5; 3297c478bd9Sstevel@tonic-gate break; 330*159d09a2SMark Phalan case SGN_ALG_HMAC_MD5: 331*159d09a2SMark Phalan md5cksum.checksum_type = CKSUMTYPE_HMAC_MD5_ARCFOUR; 332*159d09a2SMark Phalan break; 3337c478bd9Sstevel@tonic-gate case SGN_ALG_HMAC_SHA1_DES3_KD: 3347c478bd9Sstevel@tonic-gate md5cksum.checksum_type = CKSUMTYPE_HMAC_SHA1_DES3; 3357c478bd9Sstevel@tonic-gate break; 3367c478bd9Sstevel@tonic-gate default: 3377c478bd9Sstevel@tonic-gate KRB5_LOG(KRB5_ERR, "kg_unseal_v1() end, error2 signalg=%d\n", signalg); 3387c478bd9Sstevel@tonic-gate #ifndef _KERNEL 3397c478bd9Sstevel@tonic-gate abort (); 3407c478bd9Sstevel@tonic-gate #else 3417c478bd9Sstevel@tonic-gate *minor_status = 0; 3427c478bd9Sstevel@tonic-gate return(GSS_S_DEFECTIVE_TOKEN); 3437c478bd9Sstevel@tonic-gate #endif /* _KERNEL */ 3447c478bd9Sstevel@tonic-gate } 3457c478bd9Sstevel@tonic-gate 346*159d09a2SMark Phalan code = krb5_c_checksum_length(context, md5cksum.checksum_type, &sumlen); 347*159d09a2SMark Phalan if (code) 3487c478bd9Sstevel@tonic-gate { 3497c478bd9Sstevel@tonic-gate KRB5_LOG(KRB5_ERR, "kg_unseal_v1() end, krb5_c_checksum_length() error " 3507c478bd9Sstevel@tonic-gate "code=%d\n", code); 3517c478bd9Sstevel@tonic-gate return(code); 3527c478bd9Sstevel@tonic-gate } 3537c478bd9Sstevel@tonic-gate md5cksum.length = (size_t)sumlen; 3547c478bd9Sstevel@tonic-gate 3557c478bd9Sstevel@tonic-gate switch (signalg) { 3567c478bd9Sstevel@tonic-gate case SGN_ALG_DES_MAC_MD5: 3577c478bd9Sstevel@tonic-gate case SGN_ALG_3: 3587c478bd9Sstevel@tonic-gate /* compute the checksum of the message */ 3597c478bd9Sstevel@tonic-gate 3607c478bd9Sstevel@tonic-gate /* 8 = bytes of token body to be checksummed according to spec */ 3617c478bd9Sstevel@tonic-gate 3627c478bd9Sstevel@tonic-gate if (! (data_ptr = (void *) 3637c478bd9Sstevel@tonic-gate xmalloc(8 + (ctx->big_endian ? token.length : plainlen)))) { 3647c478bd9Sstevel@tonic-gate if (sealalg != 0xffff) 3657c478bd9Sstevel@tonic-gate xfree_wrap(plain, tmsglen); 3667c478bd9Sstevel@tonic-gate if (toktype == KG_TOK_SEAL_MSG) { 3677c478bd9Sstevel@tonic-gate xfree_wrap(token.value, token.length); 3687c478bd9Sstevel@tonic-gate /* Solaris Kerberos: just to be safe since token.value is an 3697c478bd9Sstevel@tonic-gate * output parameter. 3707c478bd9Sstevel@tonic-gate */ 3717c478bd9Sstevel@tonic-gate token.value = NULL; 3727c478bd9Sstevel@tonic-gate token.length = 0; 3737c478bd9Sstevel@tonic-gate } 3747c478bd9Sstevel@tonic-gate *minor_status = ENOMEM; 3757c478bd9Sstevel@tonic-gate KRB5_LOG0(KRB5_ERR, "kg_unseal_v1() end, error3 ENOMEM\n"); 3767c478bd9Sstevel@tonic-gate return(GSS_S_FAILURE); 3777c478bd9Sstevel@tonic-gate } 3787c478bd9Sstevel@tonic-gate 3797c478bd9Sstevel@tonic-gate (void) memcpy(data_ptr, ptr-2, 8); 3807c478bd9Sstevel@tonic-gate 3817c478bd9Sstevel@tonic-gate if (ctx->big_endian) 3827c478bd9Sstevel@tonic-gate (void) memcpy(data_ptr+8, token.value, token.length); 3837c478bd9Sstevel@tonic-gate else 3847c478bd9Sstevel@tonic-gate (void) memcpy(data_ptr+8, plain, plainlen); 3857c478bd9Sstevel@tonic-gate 3867c478bd9Sstevel@tonic-gate plaind.length = 8 + (ctx->big_endian ? token.length : plainlen); 3877c478bd9Sstevel@tonic-gate plaind.data = data_ptr; 3887c478bd9Sstevel@tonic-gate code = krb5_c_make_checksum(context, md5cksum.checksum_type, 3897c478bd9Sstevel@tonic-gate ctx->seq, sign_usage, 3907c478bd9Sstevel@tonic-gate &plaind, &md5cksum); 3917c478bd9Sstevel@tonic-gate xfree_wrap(data_ptr, 8 + (ctx->big_endian ? token.length : plainlen)); 3927c478bd9Sstevel@tonic-gate 3937c478bd9Sstevel@tonic-gate if (code) { 3947c478bd9Sstevel@tonic-gate if (toktype == KG_TOK_SEAL_MSG) { 3957c478bd9Sstevel@tonic-gate xfree_wrap(token.value, token.length); 3967c478bd9Sstevel@tonic-gate /* Solaris Kerberos: just to be safe since token.value is an 3977c478bd9Sstevel@tonic-gate * output parameter. 3987c478bd9Sstevel@tonic-gate */ 3997c478bd9Sstevel@tonic-gate token.value = NULL; 4007c478bd9Sstevel@tonic-gate token.length = 0; 4017c478bd9Sstevel@tonic-gate } 4027c478bd9Sstevel@tonic-gate *minor_status = code; 4037c478bd9Sstevel@tonic-gate KRB5_LOG(KRB5_ERR, "kg_unseal_v1() end, krb5_c_make_checksum() " 4047c478bd9Sstevel@tonic-gate "error code = %d\n", code); 4057c478bd9Sstevel@tonic-gate return(GSS_S_FAILURE); 4067c478bd9Sstevel@tonic-gate } 4077c478bd9Sstevel@tonic-gate 4087c478bd9Sstevel@tonic-gate if ((code = kg_encrypt(context, ctx->seq, KG_USAGE_SEAL, 409ab9b2e15Sgtb (g_OID_equal(ctx->mech_used, gss_mech_krb5_old) ? 4107c478bd9Sstevel@tonic-gate ctx->seq->contents : NULL), 4117c478bd9Sstevel@tonic-gate md5cksum.contents, md5cksum.contents, 16))) { 4127c478bd9Sstevel@tonic-gate xfree_wrap(md5cksum.contents, md5cksum.length); 4137c478bd9Sstevel@tonic-gate if (toktype == KG_TOK_SEAL_MSG) { 4147c478bd9Sstevel@tonic-gate xfree_wrap(token.value, token.length); 4157c478bd9Sstevel@tonic-gate /* Solaris Kerberos: just to be safe since token.value is an 4167c478bd9Sstevel@tonic-gate * output parameter. 4177c478bd9Sstevel@tonic-gate */ 4187c478bd9Sstevel@tonic-gate token.value = NULL; 4197c478bd9Sstevel@tonic-gate token.length = 0; 4207c478bd9Sstevel@tonic-gate } 4217c478bd9Sstevel@tonic-gate *minor_status = code; 4227c478bd9Sstevel@tonic-gate KRB5_LOG(KRB5_ERR, "kg_unseal_v1() end, kg_encrypt() error" 4237c478bd9Sstevel@tonic-gate "code = %d\n", code); 4247c478bd9Sstevel@tonic-gate return GSS_S_FAILURE; 4257c478bd9Sstevel@tonic-gate } 4267c478bd9Sstevel@tonic-gate 4277c478bd9Sstevel@tonic-gate if (signalg == 0) 4287c478bd9Sstevel@tonic-gate cksum.length = 8; 4297c478bd9Sstevel@tonic-gate else 4307c478bd9Sstevel@tonic-gate cksum.length = 16; 4317c478bd9Sstevel@tonic-gate cksum.contents = md5cksum.contents + 16 - cksum.length; 4327c478bd9Sstevel@tonic-gate 4337c478bd9Sstevel@tonic-gate code = memcmp(cksum.contents, ptr+14, cksum.length); 4347c478bd9Sstevel@tonic-gate break; 4357c478bd9Sstevel@tonic-gate 4367c478bd9Sstevel@tonic-gate case SGN_ALG_MD2_5: 4377c478bd9Sstevel@tonic-gate if (!ctx->seed_init && 4387c478bd9Sstevel@tonic-gate (code = kg_make_seed(context, ctx->subkey, ctx->seed))) { 4397c478bd9Sstevel@tonic-gate xfree_wrap(md5cksum.contents, md5cksum.length); 4407c478bd9Sstevel@tonic-gate if (sealalg != 0xffff) 4417c478bd9Sstevel@tonic-gate xfree_wrap(plain, tmsglen); 4427c478bd9Sstevel@tonic-gate if (toktype == KG_TOK_SEAL_MSG) { 4437c478bd9Sstevel@tonic-gate xfree_wrap(token.value, token.length); 4447c478bd9Sstevel@tonic-gate /* Solaris Kerberos: just to be safe since token.value is an 4457c478bd9Sstevel@tonic-gate * output parameter. 4467c478bd9Sstevel@tonic-gate */ 4477c478bd9Sstevel@tonic-gate token.value = NULL; 4487c478bd9Sstevel@tonic-gate token.length = 0; 4497c478bd9Sstevel@tonic-gate } 4507c478bd9Sstevel@tonic-gate *minor_status = code; 4517c478bd9Sstevel@tonic-gate return GSS_S_FAILURE; 4527c478bd9Sstevel@tonic-gate } 4537c478bd9Sstevel@tonic-gate 4547c478bd9Sstevel@tonic-gate if (! (data_ptr = (void *) 4557c478bd9Sstevel@tonic-gate xmalloc(sizeof(ctx->seed) + 8 + 4567c478bd9Sstevel@tonic-gate (ctx->big_endian ? token.length : plainlen)))) { 4577c478bd9Sstevel@tonic-gate xfree_wrap(md5cksum.contents, md5cksum.length); 4587c478bd9Sstevel@tonic-gate if (sealalg == 0) 4597c478bd9Sstevel@tonic-gate xfree_wrap(plain, tmsglen); 4607c478bd9Sstevel@tonic-gate if (toktype == KG_TOK_SEAL_MSG) { 4617c478bd9Sstevel@tonic-gate xfree_wrap(token.value, token.length); 4627c478bd9Sstevel@tonic-gate /* Solaris Kerberos: just to be safe since token.value is an 4637c478bd9Sstevel@tonic-gate * output parameter. 4647c478bd9Sstevel@tonic-gate */ 4657c478bd9Sstevel@tonic-gate token.value = NULL; 4667c478bd9Sstevel@tonic-gate token.length = 0; 4677c478bd9Sstevel@tonic-gate } 4687c478bd9Sstevel@tonic-gate *minor_status = ENOMEM; 4697c478bd9Sstevel@tonic-gate return(GSS_S_FAILURE); 4707c478bd9Sstevel@tonic-gate } 4717c478bd9Sstevel@tonic-gate (void) memcpy(data_ptr, ptr-2, 8); 4727c478bd9Sstevel@tonic-gate (void) memcpy(data_ptr+8, ctx->seed, sizeof(ctx->seed)); 4737c478bd9Sstevel@tonic-gate if (ctx->big_endian) 4747c478bd9Sstevel@tonic-gate (void) memcpy(data_ptr+8+sizeof(ctx->seed), 4757c478bd9Sstevel@tonic-gate token.value, token.length); 4767c478bd9Sstevel@tonic-gate else 4777c478bd9Sstevel@tonic-gate (void) memcpy(data_ptr+8+sizeof(ctx->seed), 4787c478bd9Sstevel@tonic-gate plain, plainlen); 4797c478bd9Sstevel@tonic-gate plaind.length = 8 + sizeof(ctx->seed) + 4807c478bd9Sstevel@tonic-gate (ctx->big_endian ? token.length : plainlen); 4817c478bd9Sstevel@tonic-gate plaind.data = data_ptr; 4827c478bd9Sstevel@tonic-gate xfree_wrap(md5cksum.contents, md5cksum.length); 4837c478bd9Sstevel@tonic-gate code = krb5_c_make_checksum(context, md5cksum.checksum_type, 4847c478bd9Sstevel@tonic-gate ctx->seq, KG_USAGE_SIGN, 4857c478bd9Sstevel@tonic-gate &plaind, &md5cksum); 4867c478bd9Sstevel@tonic-gate xfree_wrap(data_ptr, 8 + sizeof(ctx->seed) + 4877c478bd9Sstevel@tonic-gate (ctx->big_endian ? token.length : plainlen)); 4887c478bd9Sstevel@tonic-gate 4897c478bd9Sstevel@tonic-gate if (code) { 4907c478bd9Sstevel@tonic-gate if (sealalg == 0) 4917c478bd9Sstevel@tonic-gate xfree_wrap(plain, tmsglen); 4927c478bd9Sstevel@tonic-gate if (toktype == KG_TOK_SEAL_MSG) { 4937c478bd9Sstevel@tonic-gate xfree_wrap(token.value, token.length); 4947c478bd9Sstevel@tonic-gate /* Solaris Kerberos: just to be safe since token.value is an 4957c478bd9Sstevel@tonic-gate * output parameter. 4967c478bd9Sstevel@tonic-gate */ 4977c478bd9Sstevel@tonic-gate token.value = NULL; 4987c478bd9Sstevel@tonic-gate token.length = 0; 4997c478bd9Sstevel@tonic-gate } 5007c478bd9Sstevel@tonic-gate *minor_status = code; 5017c478bd9Sstevel@tonic-gate return(GSS_S_FAILURE); 5027c478bd9Sstevel@tonic-gate } 5037c478bd9Sstevel@tonic-gate 5047c478bd9Sstevel@tonic-gate code = memcmp(md5cksum.contents, ptr+14, 8); 5057c478bd9Sstevel@tonic-gate /* Falls through to defective-token?? */ 5067c478bd9Sstevel@tonic-gate 5077c478bd9Sstevel@tonic-gate default: 5087c478bd9Sstevel@tonic-gate *minor_status = 0; 5097c478bd9Sstevel@tonic-gate KRB5_LOG0(KRB5_ERR, "kg_unseal_v1() end, error SGN_ALG_MD2_5 " 5107c478bd9Sstevel@tonic-gate "GSS_S_DEFECTIVE_TOKEN\n"); 5117c478bd9Sstevel@tonic-gate return(GSS_S_DEFECTIVE_TOKEN); 5127c478bd9Sstevel@tonic-gate 5137c478bd9Sstevel@tonic-gate case SGN_ALG_HMAC_SHA1_DES3_KD: 5147c478bd9Sstevel@tonic-gate case SGN_ALG_HMAC_MD5: 5157c478bd9Sstevel@tonic-gate /* compute the checksum of the message */ 5167c478bd9Sstevel@tonic-gate 5177c478bd9Sstevel@tonic-gate /* 8 = bytes of token body to be checksummed according to spec */ 5187c478bd9Sstevel@tonic-gate 5197c478bd9Sstevel@tonic-gate if (! (data_ptr = (void *) 5207c478bd9Sstevel@tonic-gate xmalloc(8 + (ctx->big_endian ? token.length : plainlen)))) { 5217c478bd9Sstevel@tonic-gate if (sealalg != 0xffff) 5227c478bd9Sstevel@tonic-gate xfree_wrap(plain, tmsglen); 5237c478bd9Sstevel@tonic-gate if (toktype == KG_TOK_SEAL_MSG) { 5247c478bd9Sstevel@tonic-gate xfree_wrap(token.value, token.length); 5257c478bd9Sstevel@tonic-gate /* Solaris Kerberos: just to be safe since token.value is an 5267c478bd9Sstevel@tonic-gate * output parameter. 5277c478bd9Sstevel@tonic-gate */ 5287c478bd9Sstevel@tonic-gate token.value = NULL; 5297c478bd9Sstevel@tonic-gate token.length = 0; 5307c478bd9Sstevel@tonic-gate } 5317c478bd9Sstevel@tonic-gate *minor_status = ENOMEM; 5327c478bd9Sstevel@tonic-gate return(GSS_S_FAILURE); 5337c478bd9Sstevel@tonic-gate } 5347c478bd9Sstevel@tonic-gate 5357c478bd9Sstevel@tonic-gate (void) memcpy(data_ptr, ptr-2, 8); 5367c478bd9Sstevel@tonic-gate 5377c478bd9Sstevel@tonic-gate if (ctx->big_endian) { 5387c478bd9Sstevel@tonic-gate KRB5_LOG0(KRB5_INFO, "kg_unseal_v1() ctx->big_endian = 1\n"); 5397c478bd9Sstevel@tonic-gate (void) memcpy(data_ptr+8, token.value, token.length); 5407c478bd9Sstevel@tonic-gate } 5417c478bd9Sstevel@tonic-gate else { 5427c478bd9Sstevel@tonic-gate KRB5_LOG0(KRB5_INFO, "kg_unseal_v1() ctx->big_endian = 0\n"); 5437c478bd9Sstevel@tonic-gate (void) memcpy(data_ptr+8, plain, plainlen); 5447c478bd9Sstevel@tonic-gate } 5457c478bd9Sstevel@tonic-gate 5467c478bd9Sstevel@tonic-gate plaind.length = 8 + (ctx->big_endian ? token.length : plainlen); 5477c478bd9Sstevel@tonic-gate plaind.data = data_ptr; 5487c478bd9Sstevel@tonic-gate 5497c478bd9Sstevel@tonic-gate code = krb5_c_make_checksum(context, md5cksum.checksum_type, 5507c478bd9Sstevel@tonic-gate ctx->seq, sign_usage, 5517c478bd9Sstevel@tonic-gate &plaind, &md5cksum); 5527c478bd9Sstevel@tonic-gate 5537c478bd9Sstevel@tonic-gate xfree_wrap(data_ptr, 8 + (ctx->big_endian ? token.length : plainlen)); 5547c478bd9Sstevel@tonic-gate 5557c478bd9Sstevel@tonic-gate if (code) { 5567c478bd9Sstevel@tonic-gate if (toktype == KG_TOK_SEAL_MSG) { 5577c478bd9Sstevel@tonic-gate xfree_wrap(token.value, token.length); 5587c478bd9Sstevel@tonic-gate /* Solaris Kerberos: just to be safe since token.value is an 5597c478bd9Sstevel@tonic-gate * output parameter. 5607c478bd9Sstevel@tonic-gate */ 5617c478bd9Sstevel@tonic-gate token.value = NULL; 5627c478bd9Sstevel@tonic-gate token.length = 0; 5637c478bd9Sstevel@tonic-gate } 5647c478bd9Sstevel@tonic-gate *minor_status = code; 5657c478bd9Sstevel@tonic-gate KRB5_LOG0(KRB5_ERR, "kg_unseal_v1() end, error " 5667c478bd9Sstevel@tonic-gate "SGN_ALG_HMAC_SHA1_DES3_KD GSS_S_FAILURE\n"); 5677c478bd9Sstevel@tonic-gate return(GSS_S_FAILURE); 5687c478bd9Sstevel@tonic-gate } 5697c478bd9Sstevel@tonic-gate 5707c478bd9Sstevel@tonic-gate /* compare the computed checksum against the transmitted checksum */ 5717c478bd9Sstevel@tonic-gate code = memcmp(md5cksum.contents, ptr+14, cksum_len); 5727c478bd9Sstevel@tonic-gate KRB5_LOG(KRB5_INFO, "kg_unseal_v1() memcmp %d bytes", cksum_len); 5737c478bd9Sstevel@tonic-gate break; 5747c478bd9Sstevel@tonic-gate } 5757c478bd9Sstevel@tonic-gate 5767c478bd9Sstevel@tonic-gate xfree_wrap(md5cksum.contents, md5cksum.length); 5777c478bd9Sstevel@tonic-gate if (sealalg != 0xffff) 5787c478bd9Sstevel@tonic-gate xfree_wrap(plain, tmsglen); 5797c478bd9Sstevel@tonic-gate 5807c478bd9Sstevel@tonic-gate if (code) { 5817c478bd9Sstevel@tonic-gate if (toktype == KG_TOK_SEAL_MSG) { 5827c478bd9Sstevel@tonic-gate xfree_wrap(token.value, token.length); 5837c478bd9Sstevel@tonic-gate /* Solaris Kerberos: just to be safe since token.value is an 5847c478bd9Sstevel@tonic-gate * output parameter. 5857c478bd9Sstevel@tonic-gate */ 5867c478bd9Sstevel@tonic-gate token.value = NULL; 5877c478bd9Sstevel@tonic-gate token.length = 0; 5887c478bd9Sstevel@tonic-gate } 5897c478bd9Sstevel@tonic-gate *minor_status = 0; 5907c478bd9Sstevel@tonic-gate KRB5_LOG0(KRB5_ERR, "kg_unseal_v1() end, error GSS_S_BAD_SIG\n"); 5917c478bd9Sstevel@tonic-gate return(GSS_S_BAD_SIG); 5927c478bd9Sstevel@tonic-gate } 5937c478bd9Sstevel@tonic-gate 5947c478bd9Sstevel@tonic-gate if (conf_state) 5957c478bd9Sstevel@tonic-gate *conf_state = (sealalg != 0xffff); 5967c478bd9Sstevel@tonic-gate 5977c478bd9Sstevel@tonic-gate if (qop_state) 5987c478bd9Sstevel@tonic-gate *qop_state = GSS_C_QOP_DEFAULT; 5997c478bd9Sstevel@tonic-gate 6007c478bd9Sstevel@tonic-gate if ((code = krb5_timeofday(context, &now))) { 6017c478bd9Sstevel@tonic-gate *minor_status = code; 6027c478bd9Sstevel@tonic-gate 6037c478bd9Sstevel@tonic-gate KRB5_LOG(KRB5_ERR, "kg_unseal_v1() end, krb5_timeofday()" 6047c478bd9Sstevel@tonic-gate "error code = %d\n", code); 6057c478bd9Sstevel@tonic-gate 6067c478bd9Sstevel@tonic-gate return(GSS_S_FAILURE); 6077c478bd9Sstevel@tonic-gate } 6087c478bd9Sstevel@tonic-gate 6097c478bd9Sstevel@tonic-gate if (now > ctx->endtime) { 6107c478bd9Sstevel@tonic-gate *minor_status = 0; 6117c478bd9Sstevel@tonic-gate 6127c478bd9Sstevel@tonic-gate KRB5_LOG1(KRB5_ERR, "kg_unseal_v1() end, error " 6137c478bd9Sstevel@tonic-gate "now %d > ctx->endtime %d\n", now, ctx->endtime); 6147c478bd9Sstevel@tonic-gate 6157c478bd9Sstevel@tonic-gate return(GSS_S_CONTEXT_EXPIRED); 6167c478bd9Sstevel@tonic-gate } 6177c478bd9Sstevel@tonic-gate 6187c478bd9Sstevel@tonic-gate /* do sequencing checks */ 6197c478bd9Sstevel@tonic-gate if ((ctx->initiate && direction != 0xff) || 6207c478bd9Sstevel@tonic-gate (!ctx->initiate && direction != 0)) { 6217c478bd9Sstevel@tonic-gate if (toktype == KG_TOK_SEAL_MSG) { 6227c478bd9Sstevel@tonic-gate xfree_wrap(token.value, token.length); 6237c478bd9Sstevel@tonic-gate /* Solaris Kerberos: just to be safe since token.value is an 6247c478bd9Sstevel@tonic-gate * output parameter. 6257c478bd9Sstevel@tonic-gate */ 6267c478bd9Sstevel@tonic-gate token.value = NULL; 6277c478bd9Sstevel@tonic-gate token.length = 0; 6287c478bd9Sstevel@tonic-gate } 6297c478bd9Sstevel@tonic-gate *minor_status = (OM_uint32) G_BAD_DIRECTION; 6307c478bd9Sstevel@tonic-gate 6317c478bd9Sstevel@tonic-gate KRB5_LOG1(KRB5_ERR, "kg_unseal_v1() end, error GSS_S_BAD_SIG " 6327c478bd9Sstevel@tonic-gate "G_BAD_DIRECTION ctx->initiate = %d " 6337c478bd9Sstevel@tonic-gate "direction = %d\n", ctx->initiate, direction); 6347c478bd9Sstevel@tonic-gate 6357c478bd9Sstevel@tonic-gate return(GSS_S_BAD_SIG); 6367c478bd9Sstevel@tonic-gate } 6377c478bd9Sstevel@tonic-gate 6387c478bd9Sstevel@tonic-gate retval = g_order_check(&(ctx->seqstate), (gssint_uint64)seqnum); 6397c478bd9Sstevel@tonic-gate 6407c478bd9Sstevel@tonic-gate /* It got through unscathed, adjust the output message buffer. */ 6417c478bd9Sstevel@tonic-gate if (retval == 0 && toktype == KG_TOK_SEAL_MSG) 6427c478bd9Sstevel@tonic-gate *message_buffer = token; 6437c478bd9Sstevel@tonic-gate 6447c478bd9Sstevel@tonic-gate *minor_status = 0; 6457c478bd9Sstevel@tonic-gate KRB5_LOG(KRB5_INFO, "kg_unseal_v1() end, retval = %d\n", retval); 6467c478bd9Sstevel@tonic-gate return(retval); 6477c478bd9Sstevel@tonic-gate } 6487c478bd9Sstevel@tonic-gate 6497c478bd9Sstevel@tonic-gate /* message_buffer is an input if SIGN, output if SEAL, and ignored if DEL_CTX 6507c478bd9Sstevel@tonic-gate conf_state is only valid if SEAL. */ 6517c478bd9Sstevel@tonic-gate 6527c478bd9Sstevel@tonic-gate OM_uint32 653ab9b2e15Sgtb kg_unseal(minor_status, context_handle, input_token_buffer, 6547c478bd9Sstevel@tonic-gate message_buffer, conf_state, qop_state, toktype) 6557c478bd9Sstevel@tonic-gate OM_uint32 *minor_status; 6567c478bd9Sstevel@tonic-gate gss_ctx_id_t context_handle; 6577c478bd9Sstevel@tonic-gate gss_buffer_t input_token_buffer; 6587c478bd9Sstevel@tonic-gate gss_buffer_t message_buffer; 6597c478bd9Sstevel@tonic-gate int *conf_state; 6607c478bd9Sstevel@tonic-gate int *qop_state; 6617c478bd9Sstevel@tonic-gate int toktype; 6627c478bd9Sstevel@tonic-gate { 6637c478bd9Sstevel@tonic-gate krb5_gss_ctx_id_rec *ctx; 6647c478bd9Sstevel@tonic-gate unsigned char *ptr; 6657c478bd9Sstevel@tonic-gate int bodysize; 6667c478bd9Sstevel@tonic-gate int err; 6677c478bd9Sstevel@tonic-gate int toktype2; 6687c478bd9Sstevel@tonic-gate 6697c478bd9Sstevel@tonic-gate KRB5_LOG0(KRB5_INFO, "kg_unseal() start \n"); 6707c478bd9Sstevel@tonic-gate 6717c478bd9Sstevel@tonic-gate /* validate the context handle */ 6727c478bd9Sstevel@tonic-gate if (! kg_validate_ctx_id(context_handle)) { 6737c478bd9Sstevel@tonic-gate *minor_status = (OM_uint32) G_VALIDATE_FAILED; 6747c478bd9Sstevel@tonic-gate 6757c478bd9Sstevel@tonic-gate KRB5_LOG0(KRB5_ERR, "kg_unseal() end, kg_validate_ctx_id() error " 6767c478bd9Sstevel@tonic-gate "G_VALIDATE_FAILED \n"); 6777c478bd9Sstevel@tonic-gate 6787c478bd9Sstevel@tonic-gate return(GSS_S_NO_CONTEXT); 6797c478bd9Sstevel@tonic-gate } 6807c478bd9Sstevel@tonic-gate 6817c478bd9Sstevel@tonic-gate ctx = (krb5_gss_ctx_id_rec *) context_handle; 6827c478bd9Sstevel@tonic-gate 6837c478bd9Sstevel@tonic-gate if (! ctx->established) { 6847c478bd9Sstevel@tonic-gate *minor_status = KG_CTX_INCOMPLETE; 6857c478bd9Sstevel@tonic-gate KRB5_LOG0(KRB5_ERR, "kg_unseal() end, error ! ctx->established \n"); 6867c478bd9Sstevel@tonic-gate return(GSS_S_NO_CONTEXT); 6877c478bd9Sstevel@tonic-gate } 6887c478bd9Sstevel@tonic-gate 6897c478bd9Sstevel@tonic-gate /* parse the token, leave the data in message_buffer, setting conf_state */ 6907c478bd9Sstevel@tonic-gate 6917c478bd9Sstevel@tonic-gate /* verify the header */ 6927c478bd9Sstevel@tonic-gate ptr = (unsigned char *) input_token_buffer->value; 6937c478bd9Sstevel@tonic-gate if (ctx->proto) 6947c478bd9Sstevel@tonic-gate switch (toktype) { 6957c478bd9Sstevel@tonic-gate case KG_TOK_SIGN_MSG: 696*159d09a2SMark Phalan toktype2 = 0x0404; 697*159d09a2SMark Phalan break; 6987c478bd9Sstevel@tonic-gate case KG_TOK_SEAL_MSG: 699*159d09a2SMark Phalan toktype2 = 0x0504; 700*159d09a2SMark Phalan break; 7017c478bd9Sstevel@tonic-gate case KG_TOK_DEL_CTX: 702*159d09a2SMark Phalan toktype2 = 0x0405; 703*159d09a2SMark Phalan break; 7047c478bd9Sstevel@tonic-gate default: 705*159d09a2SMark Phalan toktype2 = toktype; 706*159d09a2SMark Phalan break; 7077c478bd9Sstevel@tonic-gate } 7087c478bd9Sstevel@tonic-gate else 709*159d09a2SMark Phalan toktype2 = toktype; 710ab9b2e15Sgtb err = g_verify_token_header(ctx->mech_used, 7117c478bd9Sstevel@tonic-gate (uint32_t *)&bodysize, &ptr, toktype2, 7127c478bd9Sstevel@tonic-gate input_token_buffer->length, 7137c478bd9Sstevel@tonic-gate !ctx->proto); 7147c478bd9Sstevel@tonic-gate if (err) { 7157c478bd9Sstevel@tonic-gate *minor_status = err; 7167c478bd9Sstevel@tonic-gate return GSS_S_DEFECTIVE_TOKEN; 7177c478bd9Sstevel@tonic-gate } 7187c478bd9Sstevel@tonic-gate 7197c478bd9Sstevel@tonic-gate if (ctx->proto == 0) { 720ab9b2e15Sgtb err = kg_unseal_v1(ctx->k5_context, minor_status, ctx, ptr, bodysize, 7217c478bd9Sstevel@tonic-gate message_buffer, conf_state, qop_state, 7227c478bd9Sstevel@tonic-gate toktype); 7237c478bd9Sstevel@tonic-gate 7247c478bd9Sstevel@tonic-gate } else { 725*159d09a2SMark Phalan err = gss_krb5int_unseal_token_v3(&ctx->k5_context, minor_status, ctx, 7267c478bd9Sstevel@tonic-gate ptr, bodysize, message_buffer, 7277c478bd9Sstevel@tonic-gate conf_state, qop_state, toktype); 7287c478bd9Sstevel@tonic-gate } 7297c478bd9Sstevel@tonic-gate 7307c478bd9Sstevel@tonic-gate *minor_status = err; 7317c478bd9Sstevel@tonic-gate 7327c478bd9Sstevel@tonic-gate KRB5_LOG(KRB5_INFO, "kg_unseal() end, err = %d", err); 7337c478bd9Sstevel@tonic-gate 7347c478bd9Sstevel@tonic-gate return(err); 7357c478bd9Sstevel@tonic-gate } 736