17c478bd9Sstevel@tonic-gate /* 25e01956fSGlenn Barry * Copyright (c) 1999, 2010, Oracle and/or its affiliates. All rights reserved. 37c478bd9Sstevel@tonic-gate */ 47c478bd9Sstevel@tonic-gate /* 5159d09a2SMark Phalan * Copyright 2001 by the Massachusetts Institute of Technology. 67c478bd9Sstevel@tonic-gate * Copyright 1993 by OpenVision Technologies, Inc. 7159d09a2SMark Phalan * 87c478bd9Sstevel@tonic-gate * Permission to use, copy, modify, distribute, and sell this software 97c478bd9Sstevel@tonic-gate * and its documentation for any purpose is hereby granted without fee, 107c478bd9Sstevel@tonic-gate * provided that the above copyright notice appears in all copies and 117c478bd9Sstevel@tonic-gate * that both that copyright notice and this permission notice appear in 127c478bd9Sstevel@tonic-gate * supporting documentation, and that the name of OpenVision not be used 137c478bd9Sstevel@tonic-gate * in advertising or publicity pertaining to distribution of the software 147c478bd9Sstevel@tonic-gate * without specific, written prior permission. OpenVision makes no 157c478bd9Sstevel@tonic-gate * representations about the suitability of this software for any 167c478bd9Sstevel@tonic-gate * purpose. It is provided "as is" without express or implied warranty. 17159d09a2SMark Phalan * 187c478bd9Sstevel@tonic-gate * OPENVISION DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, 197c478bd9Sstevel@tonic-gate * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO 207c478bd9Sstevel@tonic-gate * EVENT SHALL OPENVISION BE LIABLE FOR ANY SPECIAL, INDIRECT OR 217c478bd9Sstevel@tonic-gate * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF 227c478bd9Sstevel@tonic-gate * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR 237c478bd9Sstevel@tonic-gate * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR 247c478bd9Sstevel@tonic-gate * PERFORMANCE OF THIS SOFTWARE. 257c478bd9Sstevel@tonic-gate */ 267c478bd9Sstevel@tonic-gate 277c478bd9Sstevel@tonic-gate /* 287c478bd9Sstevel@tonic-gate * Copyright (C) 1998 by the FundsXpress, INC. 297c478bd9Sstevel@tonic-gate * 307c478bd9Sstevel@tonic-gate * All rights reserved. 317c478bd9Sstevel@tonic-gate * 327c478bd9Sstevel@tonic-gate * Export of this software from the United States of America may require 337c478bd9Sstevel@tonic-gate * a specific license from the United States Government. It is the 347c478bd9Sstevel@tonic-gate * responsibility of any person or organization contemplating export to 357c478bd9Sstevel@tonic-gate * obtain such a license before exporting. 367c478bd9Sstevel@tonic-gate * 377c478bd9Sstevel@tonic-gate * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and 387c478bd9Sstevel@tonic-gate * distribute this software and its documentation for any purpose and 397c478bd9Sstevel@tonic-gate * without fee is hereby granted, provided that the above copyright 407c478bd9Sstevel@tonic-gate * notice appear in all copies and that both that copyright notice and 417c478bd9Sstevel@tonic-gate * this permission notice appear in supporting documentation, and that 427c478bd9Sstevel@tonic-gate * the name of FundsXpress. not be used in advertising or publicity pertaining 437c478bd9Sstevel@tonic-gate * to distribution of the software without specific, written prior 447c478bd9Sstevel@tonic-gate * permission. FundsXpress makes no representations about the suitability of 457c478bd9Sstevel@tonic-gate * this software for any purpose. It is provided "as is" without express 467c478bd9Sstevel@tonic-gate * or implied warranty. 477c478bd9Sstevel@tonic-gate * 487c478bd9Sstevel@tonic-gate * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR 497c478bd9Sstevel@tonic-gate * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED 507c478bd9Sstevel@tonic-gate * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. 517c478bd9Sstevel@tonic-gate */ 527c478bd9Sstevel@tonic-gate 53159d09a2SMark Phalan #include "gssapiP_krb5.h" 54159d09a2SMark Phalan #include "k5-int.h" 557c478bd9Sstevel@tonic-gate 567c478bd9Sstevel@tonic-gate /* message_buffer is an input if SIGN, output if SEAL, and ignored if DEL_CTX 57159d09a2SMark Phalan conf_state is only valid if SEAL. */ 587c478bd9Sstevel@tonic-gate 59159d09a2SMark Phalan static OM_uint32 607c478bd9Sstevel@tonic-gate kg_unseal_v1(context, minor_status, ctx, ptr, bodysize, message_buffer, 617c478bd9Sstevel@tonic-gate conf_state, qop_state, toktype) 627c478bd9Sstevel@tonic-gate krb5_context context; 637c478bd9Sstevel@tonic-gate OM_uint32 *minor_status; 647c478bd9Sstevel@tonic-gate krb5_gss_ctx_id_rec *ctx; 657c478bd9Sstevel@tonic-gate unsigned char *ptr; 667c478bd9Sstevel@tonic-gate int bodysize; 677c478bd9Sstevel@tonic-gate gss_buffer_t message_buffer; 687c478bd9Sstevel@tonic-gate int *conf_state; 697c478bd9Sstevel@tonic-gate int *qop_state; 707c478bd9Sstevel@tonic-gate int toktype; 717c478bd9Sstevel@tonic-gate { 727c478bd9Sstevel@tonic-gate krb5_error_code code; 737c478bd9Sstevel@tonic-gate int conflen = 0; 747c478bd9Sstevel@tonic-gate int signalg; 757c478bd9Sstevel@tonic-gate int sealalg; 767c478bd9Sstevel@tonic-gate gss_buffer_desc token; 777c478bd9Sstevel@tonic-gate krb5_checksum cksum; 787c478bd9Sstevel@tonic-gate krb5_checksum md5cksum; 797c478bd9Sstevel@tonic-gate krb5_data plaind; 807c478bd9Sstevel@tonic-gate char *data_ptr; 817c478bd9Sstevel@tonic-gate krb5_timestamp now; 827c478bd9Sstevel@tonic-gate unsigned char *plain; 83159d09a2SMark Phalan unsigned int cksum_len = 0; 84159d09a2SMark Phalan size_t plainlen; 857c478bd9Sstevel@tonic-gate int direction; 867c478bd9Sstevel@tonic-gate krb5_ui_4 seqnum; 877c478bd9Sstevel@tonic-gate OM_uint32 retval; 88ae5b046dSsemery size_t sumlen, blocksize; 897c478bd9Sstevel@tonic-gate int tmsglen; 907c478bd9Sstevel@tonic-gate krb5_keyusage sign_usage = KG_USAGE_SIGN; 917c478bd9Sstevel@tonic-gate 927c478bd9Sstevel@tonic-gate KRB5_LOG0(KRB5_INFO, "kg_unseal_v1() start\n"); 937c478bd9Sstevel@tonic-gate 947c478bd9Sstevel@tonic-gate /* Solaris Kerberos: make sure this is initialized */ 957c478bd9Sstevel@tonic-gate *minor_status = 0; 967c478bd9Sstevel@tonic-gate 977c478bd9Sstevel@tonic-gate if (toktype == KG_TOK_SEAL_MSG) { 987c478bd9Sstevel@tonic-gate message_buffer->length = 0; 997c478bd9Sstevel@tonic-gate message_buffer->value = NULL; 1007c478bd9Sstevel@tonic-gate } 1017c478bd9Sstevel@tonic-gate 1027c478bd9Sstevel@tonic-gate /* get the sign and seal algorithms */ 1037c478bd9Sstevel@tonic-gate 1047c478bd9Sstevel@tonic-gate signalg = ptr[0] + (ptr[1]<<8); 1057c478bd9Sstevel@tonic-gate sealalg = ptr[2] + (ptr[3]<<8); 1067c478bd9Sstevel@tonic-gate 1077c478bd9Sstevel@tonic-gate /* Sanity checks */ 1087c478bd9Sstevel@tonic-gate 1097c478bd9Sstevel@tonic-gate if ((ptr[4] != 0xff) || (ptr[5] != 0xff)) { 1107c478bd9Sstevel@tonic-gate *minor_status = 0; 1117c478bd9Sstevel@tonic-gate KRB5_LOG0(KRB5_ERR, "kg_unseal_v1() end, error GSS_S_DEFECTIVE_TOKEN\n"); 1127c478bd9Sstevel@tonic-gate return GSS_S_DEFECTIVE_TOKEN; 1137c478bd9Sstevel@tonic-gate } 1147c478bd9Sstevel@tonic-gate 1157c478bd9Sstevel@tonic-gate if ((toktype != KG_TOK_SEAL_MSG) && 1167c478bd9Sstevel@tonic-gate (sealalg != 0xffff)) { 1177c478bd9Sstevel@tonic-gate *minor_status = 0; 1187c478bd9Sstevel@tonic-gate KRB5_LOG0(KRB5_ERR, "kg_unseal_v1() end, error2 GSS_S_DEFECTIVE_TOKEN\n"); 1197c478bd9Sstevel@tonic-gate return GSS_S_DEFECTIVE_TOKEN; 1207c478bd9Sstevel@tonic-gate } 1217c478bd9Sstevel@tonic-gate 1227c478bd9Sstevel@tonic-gate /* in the current spec, there is only one valid seal algorithm per 1237c478bd9Sstevel@tonic-gate key type, so a simple comparison is ok */ 1247c478bd9Sstevel@tonic-gate 1257c478bd9Sstevel@tonic-gate if ((toktype == KG_TOK_SEAL_MSG) && 1267c478bd9Sstevel@tonic-gate !((sealalg == 0xffff) || 1277c478bd9Sstevel@tonic-gate (sealalg == ctx->sealalg))) { 1287c478bd9Sstevel@tonic-gate *minor_status = 0; 1297c478bd9Sstevel@tonic-gate KRB5_LOG0(KRB5_ERR, "kg_unseal_v1() end, error3 GSS_S_DEFECTIVE_TOKEN\n"); 1307c478bd9Sstevel@tonic-gate return GSS_S_DEFECTIVE_TOKEN; 1317c478bd9Sstevel@tonic-gate } 1327c478bd9Sstevel@tonic-gate 1337c478bd9Sstevel@tonic-gate /* there are several mappings of seal algorithms to sign algorithms, 1347c478bd9Sstevel@tonic-gate but few enough that we can try them all. */ 1357c478bd9Sstevel@tonic-gate 1367c478bd9Sstevel@tonic-gate if ((ctx->sealalg == SEAL_ALG_NONE && signalg > 1) || 137159d09a2SMark Phalan (ctx->sealalg == SEAL_ALG_1 && signalg != SGN_ALG_3) || 1387c478bd9Sstevel@tonic-gate (ctx->sealalg == SEAL_ALG_DES3KD && 139159d09a2SMark Phalan signalg != SGN_ALG_HMAC_SHA1_DES3_KD)|| 1407c478bd9Sstevel@tonic-gate (ctx->sealalg == SEAL_ALG_MICROSOFT_RC4 && 141159d09a2SMark Phalan signalg != SGN_ALG_HMAC_MD5)) { 1427c478bd9Sstevel@tonic-gate *minor_status = 0; 1437c478bd9Sstevel@tonic-gate KRB5_LOG0(KRB5_ERR, "kg_unseal_v1() end, error4 GSS_S_DEFECTIVE_TOKEN\n"); 1447c478bd9Sstevel@tonic-gate return GSS_S_DEFECTIVE_TOKEN; 1457c478bd9Sstevel@tonic-gate } 1467c478bd9Sstevel@tonic-gate 1477c478bd9Sstevel@tonic-gate KRB5_LOG(KRB5_INFO, "kg_unseal_v1() signalg = %d\n", signalg); 1487c478bd9Sstevel@tonic-gate 1497c478bd9Sstevel@tonic-gate switch (signalg) { 1507c478bd9Sstevel@tonic-gate case SGN_ALG_DES_MAC_MD5: 1517c478bd9Sstevel@tonic-gate case SGN_ALG_MD2_5: 1527c478bd9Sstevel@tonic-gate case SGN_ALG_HMAC_MD5: 1537c478bd9Sstevel@tonic-gate cksum_len = 8; 1547c478bd9Sstevel@tonic-gate if (toktype != KG_TOK_SEAL_MSG) 1557c478bd9Sstevel@tonic-gate sign_usage = 15; 156159d09a2SMark Phalan break; 1577c478bd9Sstevel@tonic-gate case SGN_ALG_3: 1587c478bd9Sstevel@tonic-gate cksum_len = 16; 1597c478bd9Sstevel@tonic-gate break; 1607c478bd9Sstevel@tonic-gate case SGN_ALG_HMAC_SHA1_DES3_KD: 1617c478bd9Sstevel@tonic-gate cksum_len = 20; 1627c478bd9Sstevel@tonic-gate break; 1637c478bd9Sstevel@tonic-gate default: 1647c478bd9Sstevel@tonic-gate *minor_status = 0; 1657c478bd9Sstevel@tonic-gate KRB5_LOG(KRB5_ERR, "kg_unseal_v1() end, error signalg=%d\n", signalg); 1667c478bd9Sstevel@tonic-gate return GSS_S_DEFECTIVE_TOKEN; 1677c478bd9Sstevel@tonic-gate } 1687c478bd9Sstevel@tonic-gate 1697c478bd9Sstevel@tonic-gate #ifdef _KERNEL 1707c478bd9Sstevel@tonic-gate /* 1717c478bd9Sstevel@tonic-gate * Because the ARCFOUR code bypasses the standard 1727c478bd9Sstevel@tonic-gate * crypto interfaces, we must make sure the kernel 1737c478bd9Sstevel@tonic-gate * crypto framework mechanism types are properly 1747c478bd9Sstevel@tonic-gate * initialized here. 1757c478bd9Sstevel@tonic-gate */ 1767c478bd9Sstevel@tonic-gate context->kef_cipher_mt = get_cipher_mech_type(context, 1777c478bd9Sstevel@tonic-gate ctx->seq); 1787c478bd9Sstevel@tonic-gate context->kef_hash_mt = get_hash_mech_type(context, 1797c478bd9Sstevel@tonic-gate ctx->seq); 1807c478bd9Sstevel@tonic-gate if ((code = init_key_kef(context->kef_cipher_mt, 1817c478bd9Sstevel@tonic-gate ctx->seq))) { 1827c478bd9Sstevel@tonic-gate *minor_status = code; 1837c478bd9Sstevel@tonic-gate return (GSS_S_FAILURE); 1847c478bd9Sstevel@tonic-gate } 1857c478bd9Sstevel@tonic-gate if ((code = init_key_kef(context->kef_cipher_mt, 1867c478bd9Sstevel@tonic-gate ctx->enc))) { 1877c478bd9Sstevel@tonic-gate *minor_status = code; 1887c478bd9Sstevel@tonic-gate return (GSS_S_FAILURE); 1897c478bd9Sstevel@tonic-gate } 1907c478bd9Sstevel@tonic-gate #endif /* _KERNEL */ 1917c478bd9Sstevel@tonic-gate 1927c478bd9Sstevel@tonic-gate /* get the token parameters */ 193159d09a2SMark Phalan 1947c478bd9Sstevel@tonic-gate if ((code = kg_get_seq_num(context, ctx->seq, ptr+14, ptr+6, &direction, 195159d09a2SMark Phalan &seqnum))) { 1967c478bd9Sstevel@tonic-gate *minor_status = code; 1977c478bd9Sstevel@tonic-gate return(GSS_S_BAD_SIG); 1987c478bd9Sstevel@tonic-gate } 1997c478bd9Sstevel@tonic-gate 2007c478bd9Sstevel@tonic-gate /* decode the message, if SEAL */ 2017c478bd9Sstevel@tonic-gate 2027c478bd9Sstevel@tonic-gate if (toktype == KG_TOK_SEAL_MSG) { 2037c478bd9Sstevel@tonic-gate tmsglen = bodysize-(14+cksum_len); 2047c478bd9Sstevel@tonic-gate KRB5_LOG1(KRB5_INFO, "kg_unseal_v1() tmsglen = %d cksum_len = %d", 2057c478bd9Sstevel@tonic-gate tmsglen, cksum_len); 2067c478bd9Sstevel@tonic-gate KRB5_LOG0(KRB5_INFO, "kg_unseal_v1() toktype == KG_TOK_SEAL_MSG\n"); 2077c478bd9Sstevel@tonic-gate 2087c478bd9Sstevel@tonic-gate if (sealalg != 0xffff) { 2097c478bd9Sstevel@tonic-gate if ((plain = (unsigned char *) xmalloc(tmsglen)) == NULL) { 2107c478bd9Sstevel@tonic-gate *minor_status = ENOMEM; 2117c478bd9Sstevel@tonic-gate KRB5_LOG0(KRB5_ERR, "kg_unseal_v1() end, error ENOMEM\n"); 2127c478bd9Sstevel@tonic-gate return(GSS_S_FAILURE); 2137c478bd9Sstevel@tonic-gate } 214159d09a2SMark Phalan if (ctx->enc->enctype == ENCTYPE_ARCFOUR_HMAC) { 215159d09a2SMark Phalan unsigned char bigend_seqnum[4]; 216159d09a2SMark Phalan krb5_keyblock *enc_key; 217159d09a2SMark Phalan int i; 218159d09a2SMark Phalan bigend_seqnum[0] = (seqnum>>24) & 0xff; 219159d09a2SMark Phalan bigend_seqnum[1] = (seqnum>>16) & 0xff; 220159d09a2SMark Phalan bigend_seqnum[2] = (seqnum>>8) & 0xff; 221159d09a2SMark Phalan bigend_seqnum[3] = seqnum & 0xff; 222159d09a2SMark Phalan code = krb5_copy_keyblock (context, ctx->enc, &enc_key); 223159d09a2SMark Phalan if (code) 2247c478bd9Sstevel@tonic-gate { 225159d09a2SMark Phalan xfree_wrap(plain, tmsglen); 2267c478bd9Sstevel@tonic-gate *minor_status = code; 2277c478bd9Sstevel@tonic-gate return(GSS_S_FAILURE); 2287c478bd9Sstevel@tonic-gate } 2297c478bd9Sstevel@tonic-gate 230159d09a2SMark Phalan for (i = 0; i <= 15; i++) 231159d09a2SMark Phalan ((char *) enc_key->contents)[i] ^=0xf0; 2327c478bd9Sstevel@tonic-gate 2337c478bd9Sstevel@tonic-gate #ifndef _KERNEL 2347c478bd9Sstevel@tonic-gate /* 2357c478bd9Sstevel@tonic-gate * The enc_key contents were modified, delete the 2367c478bd9Sstevel@tonic-gate * key object so it doesn't get used later. 2377c478bd9Sstevel@tonic-gate */ 2387c478bd9Sstevel@tonic-gate if (enc_key->hKey != CK_INVALID_HANDLE) { 2397c478bd9Sstevel@tonic-gate (void)C_DestroyObject(krb_ctx_hSession(context), 2407c478bd9Sstevel@tonic-gate enc_key->hKey); 2417c478bd9Sstevel@tonic-gate enc_key->hKey = CK_INVALID_HANDLE; 2427c478bd9Sstevel@tonic-gate } 2437c478bd9Sstevel@tonic-gate #endif 2447c478bd9Sstevel@tonic-gate KRB5_LOG(KRB5_INFO, "kg_unseal_v1() enc_key->enctype = %d", 2457c478bd9Sstevel@tonic-gate enc_key->enctype); 2467c478bd9Sstevel@tonic-gate 2477c478bd9Sstevel@tonic-gate code = kg_arcfour_docrypt (context, 2487c478bd9Sstevel@tonic-gate enc_key, 0, 2497c478bd9Sstevel@tonic-gate &bigend_seqnum[0], 4, 2507c478bd9Sstevel@tonic-gate ptr+14+cksum_len, tmsglen, 2517c478bd9Sstevel@tonic-gate plain); 2527c478bd9Sstevel@tonic-gate krb5_free_keyblock (context, enc_key); 2537c478bd9Sstevel@tonic-gate } else { 2547c478bd9Sstevel@tonic-gate code = kg_decrypt(context, ctx->enc, KG_USAGE_SEAL, NULL, 2557c478bd9Sstevel@tonic-gate ptr+14+cksum_len, plain, tmsglen); 2567c478bd9Sstevel@tonic-gate } 2577c478bd9Sstevel@tonic-gate if (code) { 2587c478bd9Sstevel@tonic-gate xfree_wrap(plain, tmsglen); 2597c478bd9Sstevel@tonic-gate *minor_status = code; 2607c478bd9Sstevel@tonic-gate return(GSS_S_FAILURE); 261159d09a2SMark Phalan } 2627c478bd9Sstevel@tonic-gate } else { 2637c478bd9Sstevel@tonic-gate plain = ptr+14+cksum_len; 2647c478bd9Sstevel@tonic-gate } 2657c478bd9Sstevel@tonic-gate 2667c478bd9Sstevel@tonic-gate plainlen = tmsglen; 2677c478bd9Sstevel@tonic-gate 2687c478bd9Sstevel@tonic-gate if ((sealalg == 0xffff) && ctx->big_endian) { 2697c478bd9Sstevel@tonic-gate token.length = tmsglen; 2707c478bd9Sstevel@tonic-gate } else { 2717c478bd9Sstevel@tonic-gate conflen = kg_confounder_size(context, ctx->enc); 272ae5b046dSsemery /* 273ae5b046dSsemery * Solaris Kerberos: we want to perform a sanity check on the 274ae5b046dSsemery * pad length, so we know it can not be more than the blocksize. 275ae5b046dSsemery */ 276ae5b046dSsemery code = krb5_c_block_size(context, ctx->enc->enctype, &blocksize); 277ae5b046dSsemery if (code != 0) { 278ae5b046dSsemery if (sealalg != 0xffff) 279ae5b046dSsemery xfree_wrap(plain, tmsglen); 280ae5b046dSsemery *minor_status = code; 281ae5b046dSsemery return(GSS_S_FAILURE); 282ae5b046dSsemery } 283ae5b046dSsemery if (plain[tmsglen-1] > blocksize) { 284ae5b046dSsemery if (sealalg != 0xffff) 285ae5b046dSsemery xfree_wrap(plain, tmsglen); 286ae5b046dSsemery *minor_status = KG_BAD_LENGTH; 287ae5b046dSsemery return(GSS_S_FAILURE); 288ae5b046dSsemery } 2897c478bd9Sstevel@tonic-gate token.length = tmsglen - conflen - plain[tmsglen-1]; 2907c478bd9Sstevel@tonic-gate } 2917c478bd9Sstevel@tonic-gate 2927c478bd9Sstevel@tonic-gate if (token.length) { 2937c478bd9Sstevel@tonic-gate if ((token.value = (void *) xmalloc(token.length)) == NULL) { 2947c478bd9Sstevel@tonic-gate if (sealalg != 0xffff) 2957c478bd9Sstevel@tonic-gate xfree_wrap(plain, tmsglen); 2967c478bd9Sstevel@tonic-gate *minor_status = ENOMEM; 2977c478bd9Sstevel@tonic-gate KRB5_LOG0(KRB5_ERR, "kg_unseal_v1() end, error2 ENOMEM\n"); 2987c478bd9Sstevel@tonic-gate return(GSS_S_FAILURE); 2997c478bd9Sstevel@tonic-gate } 3007c478bd9Sstevel@tonic-gate (void) memcpy(token.value, plain+conflen, token.length); 3017c478bd9Sstevel@tonic-gate } else { 3027c478bd9Sstevel@tonic-gate token.value = NULL; 3037c478bd9Sstevel@tonic-gate } 3047c478bd9Sstevel@tonic-gate } else if (toktype == KG_TOK_SIGN_MSG) { 3057c478bd9Sstevel@tonic-gate KRB5_LOG0(KRB5_INFO, "kg_unseal_v1() toktype == KG_TOK_SIGN_MSG\n"); 3067c478bd9Sstevel@tonic-gate token = *message_buffer; 3077c478bd9Sstevel@tonic-gate plain = token.value; 3087c478bd9Sstevel@tonic-gate plainlen = token.length; 3097c478bd9Sstevel@tonic-gate } else { 3107c478bd9Sstevel@tonic-gate KRB5_LOG0(KRB5_INFO, "kg_unseal_v1() toktype == NULL\n"); 3117c478bd9Sstevel@tonic-gate token.length = 0; 3127c478bd9Sstevel@tonic-gate token.value = NULL; 3137c478bd9Sstevel@tonic-gate plain = token.value; 3147c478bd9Sstevel@tonic-gate plainlen = token.length; 3157c478bd9Sstevel@tonic-gate } 3167c478bd9Sstevel@tonic-gate 3177c478bd9Sstevel@tonic-gate /* compute the checksum of the message */ 3187c478bd9Sstevel@tonic-gate 3197c478bd9Sstevel@tonic-gate /* initialize the the cksum */ 3207c478bd9Sstevel@tonic-gate switch (signalg) { 3217c478bd9Sstevel@tonic-gate case SGN_ALG_DES_MAC_MD5: 3227c478bd9Sstevel@tonic-gate case SGN_ALG_MD2_5: 3237c478bd9Sstevel@tonic-gate case SGN_ALG_DES_MAC: 3247c478bd9Sstevel@tonic-gate case SGN_ALG_3: 3257c478bd9Sstevel@tonic-gate md5cksum.checksum_type = CKSUMTYPE_RSA_MD5; 3267c478bd9Sstevel@tonic-gate break; 327159d09a2SMark Phalan case SGN_ALG_HMAC_MD5: 328159d09a2SMark Phalan md5cksum.checksum_type = CKSUMTYPE_HMAC_MD5_ARCFOUR; 329159d09a2SMark Phalan break; 3307c478bd9Sstevel@tonic-gate case SGN_ALG_HMAC_SHA1_DES3_KD: 3317c478bd9Sstevel@tonic-gate md5cksum.checksum_type = CKSUMTYPE_HMAC_SHA1_DES3; 3327c478bd9Sstevel@tonic-gate break; 3337c478bd9Sstevel@tonic-gate default: 3347c478bd9Sstevel@tonic-gate KRB5_LOG(KRB5_ERR, "kg_unseal_v1() end, error2 signalg=%d\n", signalg); 3357c478bd9Sstevel@tonic-gate #ifndef _KERNEL 3367c478bd9Sstevel@tonic-gate abort (); 3377c478bd9Sstevel@tonic-gate #else 3387c478bd9Sstevel@tonic-gate *minor_status = 0; 3397c478bd9Sstevel@tonic-gate return(GSS_S_DEFECTIVE_TOKEN); 3407c478bd9Sstevel@tonic-gate #endif /* _KERNEL */ 3417c478bd9Sstevel@tonic-gate } 3427c478bd9Sstevel@tonic-gate 343159d09a2SMark Phalan code = krb5_c_checksum_length(context, md5cksum.checksum_type, &sumlen); 344159d09a2SMark Phalan if (code) 3457c478bd9Sstevel@tonic-gate { 3467c478bd9Sstevel@tonic-gate KRB5_LOG(KRB5_ERR, "kg_unseal_v1() end, krb5_c_checksum_length() error " 3477c478bd9Sstevel@tonic-gate "code=%d\n", code); 3487c478bd9Sstevel@tonic-gate return(code); 3497c478bd9Sstevel@tonic-gate } 3507c478bd9Sstevel@tonic-gate md5cksum.length = (size_t)sumlen; 3517c478bd9Sstevel@tonic-gate 3527c478bd9Sstevel@tonic-gate switch (signalg) { 3537c478bd9Sstevel@tonic-gate case SGN_ALG_DES_MAC_MD5: 3547c478bd9Sstevel@tonic-gate case SGN_ALG_3: 3557c478bd9Sstevel@tonic-gate /* compute the checksum of the message */ 3567c478bd9Sstevel@tonic-gate 3577c478bd9Sstevel@tonic-gate /* 8 = bytes of token body to be checksummed according to spec */ 3587c478bd9Sstevel@tonic-gate 3597c478bd9Sstevel@tonic-gate if (! (data_ptr = (void *) 3607c478bd9Sstevel@tonic-gate xmalloc(8 + (ctx->big_endian ? token.length : plainlen)))) { 3617c478bd9Sstevel@tonic-gate if (sealalg != 0xffff) 3627c478bd9Sstevel@tonic-gate xfree_wrap(plain, tmsglen); 3637c478bd9Sstevel@tonic-gate if (toktype == KG_TOK_SEAL_MSG) { 3647c478bd9Sstevel@tonic-gate xfree_wrap(token.value, token.length); 3657c478bd9Sstevel@tonic-gate /* Solaris Kerberos: just to be safe since token.value is an 3667c478bd9Sstevel@tonic-gate * output parameter. 3677c478bd9Sstevel@tonic-gate */ 3687c478bd9Sstevel@tonic-gate token.value = NULL; 3697c478bd9Sstevel@tonic-gate token.length = 0; 3707c478bd9Sstevel@tonic-gate } 3717c478bd9Sstevel@tonic-gate *minor_status = ENOMEM; 3727c478bd9Sstevel@tonic-gate KRB5_LOG0(KRB5_ERR, "kg_unseal_v1() end, error3 ENOMEM\n"); 3737c478bd9Sstevel@tonic-gate return(GSS_S_FAILURE); 3747c478bd9Sstevel@tonic-gate } 3757c478bd9Sstevel@tonic-gate 3767c478bd9Sstevel@tonic-gate (void) memcpy(data_ptr, ptr-2, 8); 3777c478bd9Sstevel@tonic-gate 3787c478bd9Sstevel@tonic-gate if (ctx->big_endian) 3797c478bd9Sstevel@tonic-gate (void) memcpy(data_ptr+8, token.value, token.length); 3807c478bd9Sstevel@tonic-gate else 3817c478bd9Sstevel@tonic-gate (void) memcpy(data_ptr+8, plain, plainlen); 3827c478bd9Sstevel@tonic-gate 3837c478bd9Sstevel@tonic-gate plaind.length = 8 + (ctx->big_endian ? token.length : plainlen); 3847c478bd9Sstevel@tonic-gate plaind.data = data_ptr; 3857c478bd9Sstevel@tonic-gate code = krb5_c_make_checksum(context, md5cksum.checksum_type, 3867c478bd9Sstevel@tonic-gate ctx->seq, sign_usage, 3877c478bd9Sstevel@tonic-gate &plaind, &md5cksum); 3887c478bd9Sstevel@tonic-gate xfree_wrap(data_ptr, 8 + (ctx->big_endian ? token.length : plainlen)); 3897c478bd9Sstevel@tonic-gate 3907c478bd9Sstevel@tonic-gate if (code) { 3917c478bd9Sstevel@tonic-gate if (toktype == KG_TOK_SEAL_MSG) { 3927c478bd9Sstevel@tonic-gate xfree_wrap(token.value, token.length); 3937c478bd9Sstevel@tonic-gate /* Solaris Kerberos: just to be safe since token.value is an 3947c478bd9Sstevel@tonic-gate * output parameter. 3957c478bd9Sstevel@tonic-gate */ 3967c478bd9Sstevel@tonic-gate token.value = NULL; 3977c478bd9Sstevel@tonic-gate token.length = 0; 3987c478bd9Sstevel@tonic-gate } 3997c478bd9Sstevel@tonic-gate *minor_status = code; 4007c478bd9Sstevel@tonic-gate KRB5_LOG(KRB5_ERR, "kg_unseal_v1() end, krb5_c_make_checksum() " 4017c478bd9Sstevel@tonic-gate "error code = %d\n", code); 4027c478bd9Sstevel@tonic-gate return(GSS_S_FAILURE); 4037c478bd9Sstevel@tonic-gate } 4047c478bd9Sstevel@tonic-gate 4057c478bd9Sstevel@tonic-gate if ((code = kg_encrypt(context, ctx->seq, KG_USAGE_SEAL, 406ab9b2e15Sgtb (g_OID_equal(ctx->mech_used, gss_mech_krb5_old) ? 4077c478bd9Sstevel@tonic-gate ctx->seq->contents : NULL), 4087c478bd9Sstevel@tonic-gate md5cksum.contents, md5cksum.contents, 16))) { 4097c478bd9Sstevel@tonic-gate xfree_wrap(md5cksum.contents, md5cksum.length); 4107c478bd9Sstevel@tonic-gate if (toktype == KG_TOK_SEAL_MSG) { 4117c478bd9Sstevel@tonic-gate xfree_wrap(token.value, token.length); 4127c478bd9Sstevel@tonic-gate /* Solaris Kerberos: just to be safe since token.value is an 4137c478bd9Sstevel@tonic-gate * output parameter. 4147c478bd9Sstevel@tonic-gate */ 4157c478bd9Sstevel@tonic-gate token.value = NULL; 4167c478bd9Sstevel@tonic-gate token.length = 0; 4177c478bd9Sstevel@tonic-gate } 4187c478bd9Sstevel@tonic-gate *minor_status = code; 4197c478bd9Sstevel@tonic-gate KRB5_LOG(KRB5_ERR, "kg_unseal_v1() end, kg_encrypt() error" 4207c478bd9Sstevel@tonic-gate "code = %d\n", code); 4217c478bd9Sstevel@tonic-gate return GSS_S_FAILURE; 4227c478bd9Sstevel@tonic-gate } 4237c478bd9Sstevel@tonic-gate 4247c478bd9Sstevel@tonic-gate if (signalg == 0) 4257c478bd9Sstevel@tonic-gate cksum.length = 8; 4267c478bd9Sstevel@tonic-gate else 4277c478bd9Sstevel@tonic-gate cksum.length = 16; 4287c478bd9Sstevel@tonic-gate cksum.contents = md5cksum.contents + 16 - cksum.length; 4297c478bd9Sstevel@tonic-gate 4307c478bd9Sstevel@tonic-gate code = memcmp(cksum.contents, ptr+14, cksum.length); 4317c478bd9Sstevel@tonic-gate break; 4327c478bd9Sstevel@tonic-gate 4337c478bd9Sstevel@tonic-gate case SGN_ALG_MD2_5: 4347c478bd9Sstevel@tonic-gate if (!ctx->seed_init && 4357c478bd9Sstevel@tonic-gate (code = kg_make_seed(context, ctx->subkey, ctx->seed))) { 4367c478bd9Sstevel@tonic-gate xfree_wrap(md5cksum.contents, md5cksum.length); 4377c478bd9Sstevel@tonic-gate if (sealalg != 0xffff) 4387c478bd9Sstevel@tonic-gate xfree_wrap(plain, tmsglen); 4397c478bd9Sstevel@tonic-gate if (toktype == KG_TOK_SEAL_MSG) { 4407c478bd9Sstevel@tonic-gate xfree_wrap(token.value, token.length); 4417c478bd9Sstevel@tonic-gate /* Solaris Kerberos: just to be safe since token.value is an 4427c478bd9Sstevel@tonic-gate * output parameter. 4437c478bd9Sstevel@tonic-gate */ 4447c478bd9Sstevel@tonic-gate token.value = NULL; 4457c478bd9Sstevel@tonic-gate token.length = 0; 4467c478bd9Sstevel@tonic-gate } 4477c478bd9Sstevel@tonic-gate *minor_status = code; 4487c478bd9Sstevel@tonic-gate return GSS_S_FAILURE; 4497c478bd9Sstevel@tonic-gate } 4507c478bd9Sstevel@tonic-gate 4517c478bd9Sstevel@tonic-gate if (! (data_ptr = (void *) 4527c478bd9Sstevel@tonic-gate xmalloc(sizeof(ctx->seed) + 8 + 4537c478bd9Sstevel@tonic-gate (ctx->big_endian ? token.length : plainlen)))) { 4547c478bd9Sstevel@tonic-gate xfree_wrap(md5cksum.contents, md5cksum.length); 4557c478bd9Sstevel@tonic-gate if (sealalg == 0) 4567c478bd9Sstevel@tonic-gate xfree_wrap(plain, tmsglen); 4577c478bd9Sstevel@tonic-gate if (toktype == KG_TOK_SEAL_MSG) { 4587c478bd9Sstevel@tonic-gate xfree_wrap(token.value, token.length); 4597c478bd9Sstevel@tonic-gate /* Solaris Kerberos: just to be safe since token.value is an 4607c478bd9Sstevel@tonic-gate * output parameter. 4617c478bd9Sstevel@tonic-gate */ 4627c478bd9Sstevel@tonic-gate token.value = NULL; 4637c478bd9Sstevel@tonic-gate token.length = 0; 4647c478bd9Sstevel@tonic-gate } 4657c478bd9Sstevel@tonic-gate *minor_status = ENOMEM; 4667c478bd9Sstevel@tonic-gate return(GSS_S_FAILURE); 4677c478bd9Sstevel@tonic-gate } 4687c478bd9Sstevel@tonic-gate (void) memcpy(data_ptr, ptr-2, 8); 4697c478bd9Sstevel@tonic-gate (void) memcpy(data_ptr+8, ctx->seed, sizeof(ctx->seed)); 4707c478bd9Sstevel@tonic-gate if (ctx->big_endian) 4717c478bd9Sstevel@tonic-gate (void) memcpy(data_ptr+8+sizeof(ctx->seed), 4727c478bd9Sstevel@tonic-gate token.value, token.length); 4737c478bd9Sstevel@tonic-gate else 4747c478bd9Sstevel@tonic-gate (void) memcpy(data_ptr+8+sizeof(ctx->seed), 4757c478bd9Sstevel@tonic-gate plain, plainlen); 4767c478bd9Sstevel@tonic-gate plaind.length = 8 + sizeof(ctx->seed) + 4777c478bd9Sstevel@tonic-gate (ctx->big_endian ? token.length : plainlen); 4787c478bd9Sstevel@tonic-gate plaind.data = data_ptr; 4797c478bd9Sstevel@tonic-gate xfree_wrap(md5cksum.contents, md5cksum.length); 4807c478bd9Sstevel@tonic-gate code = krb5_c_make_checksum(context, md5cksum.checksum_type, 4817c478bd9Sstevel@tonic-gate ctx->seq, KG_USAGE_SIGN, 4827c478bd9Sstevel@tonic-gate &plaind, &md5cksum); 4837c478bd9Sstevel@tonic-gate xfree_wrap(data_ptr, 8 + sizeof(ctx->seed) + 4847c478bd9Sstevel@tonic-gate (ctx->big_endian ? token.length : plainlen)); 4857c478bd9Sstevel@tonic-gate 4867c478bd9Sstevel@tonic-gate if (code) { 4877c478bd9Sstevel@tonic-gate if (sealalg == 0) 4887c478bd9Sstevel@tonic-gate xfree_wrap(plain, tmsglen); 4897c478bd9Sstevel@tonic-gate if (toktype == KG_TOK_SEAL_MSG) { 4907c478bd9Sstevel@tonic-gate xfree_wrap(token.value, token.length); 4917c478bd9Sstevel@tonic-gate /* Solaris Kerberos: just to be safe since token.value is an 4927c478bd9Sstevel@tonic-gate * output parameter. 4937c478bd9Sstevel@tonic-gate */ 4947c478bd9Sstevel@tonic-gate token.value = NULL; 4957c478bd9Sstevel@tonic-gate token.length = 0; 4967c478bd9Sstevel@tonic-gate } 4977c478bd9Sstevel@tonic-gate *minor_status = code; 4987c478bd9Sstevel@tonic-gate return(GSS_S_FAILURE); 4997c478bd9Sstevel@tonic-gate } 5007c478bd9Sstevel@tonic-gate 5017c478bd9Sstevel@tonic-gate code = memcmp(md5cksum.contents, ptr+14, 8); 5027c478bd9Sstevel@tonic-gate /* Falls through to defective-token?? */ 503*06307114SToomas Soome /* FALLTHROUGH */ 5047c478bd9Sstevel@tonic-gate 5057c478bd9Sstevel@tonic-gate default: 5067c478bd9Sstevel@tonic-gate *minor_status = 0; 5077c478bd9Sstevel@tonic-gate KRB5_LOG0(KRB5_ERR, "kg_unseal_v1() end, error SGN_ALG_MD2_5 " 5087c478bd9Sstevel@tonic-gate "GSS_S_DEFECTIVE_TOKEN\n"); 5097c478bd9Sstevel@tonic-gate return(GSS_S_DEFECTIVE_TOKEN); 5107c478bd9Sstevel@tonic-gate 5117c478bd9Sstevel@tonic-gate case SGN_ALG_HMAC_SHA1_DES3_KD: 5127c478bd9Sstevel@tonic-gate case SGN_ALG_HMAC_MD5: 5137c478bd9Sstevel@tonic-gate /* compute the checksum of the message */ 5147c478bd9Sstevel@tonic-gate 5157c478bd9Sstevel@tonic-gate /* 8 = bytes of token body to be checksummed according to spec */ 5167c478bd9Sstevel@tonic-gate 5177c478bd9Sstevel@tonic-gate if (! (data_ptr = (void *) 5187c478bd9Sstevel@tonic-gate xmalloc(8 + (ctx->big_endian ? token.length : plainlen)))) { 5197c478bd9Sstevel@tonic-gate if (sealalg != 0xffff) 5207c478bd9Sstevel@tonic-gate xfree_wrap(plain, tmsglen); 5217c478bd9Sstevel@tonic-gate if (toktype == KG_TOK_SEAL_MSG) { 5227c478bd9Sstevel@tonic-gate xfree_wrap(token.value, token.length); 5237c478bd9Sstevel@tonic-gate /* Solaris Kerberos: just to be safe since token.value is an 5247c478bd9Sstevel@tonic-gate * output parameter. 5257c478bd9Sstevel@tonic-gate */ 5267c478bd9Sstevel@tonic-gate token.value = NULL; 5277c478bd9Sstevel@tonic-gate token.length = 0; 5287c478bd9Sstevel@tonic-gate } 5297c478bd9Sstevel@tonic-gate *minor_status = ENOMEM; 5307c478bd9Sstevel@tonic-gate return(GSS_S_FAILURE); 5317c478bd9Sstevel@tonic-gate } 5327c478bd9Sstevel@tonic-gate 5337c478bd9Sstevel@tonic-gate (void) memcpy(data_ptr, ptr-2, 8); 5347c478bd9Sstevel@tonic-gate 5357c478bd9Sstevel@tonic-gate if (ctx->big_endian) { 5367c478bd9Sstevel@tonic-gate KRB5_LOG0(KRB5_INFO, "kg_unseal_v1() ctx->big_endian = 1\n"); 5377c478bd9Sstevel@tonic-gate (void) memcpy(data_ptr+8, token.value, token.length); 5387c478bd9Sstevel@tonic-gate } 5397c478bd9Sstevel@tonic-gate else { 5407c478bd9Sstevel@tonic-gate KRB5_LOG0(KRB5_INFO, "kg_unseal_v1() ctx->big_endian = 0\n"); 5417c478bd9Sstevel@tonic-gate (void) memcpy(data_ptr+8, plain, plainlen); 5427c478bd9Sstevel@tonic-gate } 5437c478bd9Sstevel@tonic-gate 5447c478bd9Sstevel@tonic-gate plaind.length = 8 + (ctx->big_endian ? token.length : plainlen); 5457c478bd9Sstevel@tonic-gate plaind.data = data_ptr; 5467c478bd9Sstevel@tonic-gate 5477c478bd9Sstevel@tonic-gate code = krb5_c_make_checksum(context, md5cksum.checksum_type, 5487c478bd9Sstevel@tonic-gate ctx->seq, sign_usage, 5497c478bd9Sstevel@tonic-gate &plaind, &md5cksum); 5507c478bd9Sstevel@tonic-gate 5517c478bd9Sstevel@tonic-gate xfree_wrap(data_ptr, 8 + (ctx->big_endian ? token.length : plainlen)); 5527c478bd9Sstevel@tonic-gate 5537c478bd9Sstevel@tonic-gate if (code) { 5547c478bd9Sstevel@tonic-gate if (toktype == KG_TOK_SEAL_MSG) { 5557c478bd9Sstevel@tonic-gate xfree_wrap(token.value, token.length); 5567c478bd9Sstevel@tonic-gate /* Solaris Kerberos: just to be safe since token.value is an 5577c478bd9Sstevel@tonic-gate * output parameter. 5587c478bd9Sstevel@tonic-gate */ 5597c478bd9Sstevel@tonic-gate token.value = NULL; 5607c478bd9Sstevel@tonic-gate token.length = 0; 5617c478bd9Sstevel@tonic-gate } 5627c478bd9Sstevel@tonic-gate *minor_status = code; 5637c478bd9Sstevel@tonic-gate KRB5_LOG0(KRB5_ERR, "kg_unseal_v1() end, error " 5647c478bd9Sstevel@tonic-gate "SGN_ALG_HMAC_SHA1_DES3_KD GSS_S_FAILURE\n"); 5657c478bd9Sstevel@tonic-gate return(GSS_S_FAILURE); 5667c478bd9Sstevel@tonic-gate } 5677c478bd9Sstevel@tonic-gate 5687c478bd9Sstevel@tonic-gate /* compare the computed checksum against the transmitted checksum */ 5697c478bd9Sstevel@tonic-gate code = memcmp(md5cksum.contents, ptr+14, cksum_len); 5707c478bd9Sstevel@tonic-gate KRB5_LOG(KRB5_INFO, "kg_unseal_v1() memcmp %d bytes", cksum_len); 5717c478bd9Sstevel@tonic-gate break; 5727c478bd9Sstevel@tonic-gate } 5737c478bd9Sstevel@tonic-gate 5747c478bd9Sstevel@tonic-gate xfree_wrap(md5cksum.contents, md5cksum.length); 5757c478bd9Sstevel@tonic-gate if (sealalg != 0xffff) 5767c478bd9Sstevel@tonic-gate xfree_wrap(plain, tmsglen); 5777c478bd9Sstevel@tonic-gate 5787c478bd9Sstevel@tonic-gate if (code) { 5797c478bd9Sstevel@tonic-gate if (toktype == KG_TOK_SEAL_MSG) { 5807c478bd9Sstevel@tonic-gate xfree_wrap(token.value, token.length); 5817c478bd9Sstevel@tonic-gate /* Solaris Kerberos: just to be safe since token.value is an 5827c478bd9Sstevel@tonic-gate * output parameter. 5837c478bd9Sstevel@tonic-gate */ 5847c478bd9Sstevel@tonic-gate token.value = NULL; 5857c478bd9Sstevel@tonic-gate token.length = 0; 5867c478bd9Sstevel@tonic-gate } 5877c478bd9Sstevel@tonic-gate *minor_status = 0; 5887c478bd9Sstevel@tonic-gate KRB5_LOG0(KRB5_ERR, "kg_unseal_v1() end, error GSS_S_BAD_SIG\n"); 5897c478bd9Sstevel@tonic-gate return(GSS_S_BAD_SIG); 5907c478bd9Sstevel@tonic-gate } 5917c478bd9Sstevel@tonic-gate 5927c478bd9Sstevel@tonic-gate if (conf_state) 5937c478bd9Sstevel@tonic-gate *conf_state = (sealalg != 0xffff); 5947c478bd9Sstevel@tonic-gate 5957c478bd9Sstevel@tonic-gate if (qop_state) 5967c478bd9Sstevel@tonic-gate *qop_state = GSS_C_QOP_DEFAULT; 5977c478bd9Sstevel@tonic-gate 5987c478bd9Sstevel@tonic-gate if ((code = krb5_timeofday(context, &now))) { 5997c478bd9Sstevel@tonic-gate *minor_status = code; 6007c478bd9Sstevel@tonic-gate 6017c478bd9Sstevel@tonic-gate KRB5_LOG(KRB5_ERR, "kg_unseal_v1() end, krb5_timeofday()" 6027c478bd9Sstevel@tonic-gate "error code = %d\n", code); 6037c478bd9Sstevel@tonic-gate 6047c478bd9Sstevel@tonic-gate return(GSS_S_FAILURE); 6057c478bd9Sstevel@tonic-gate } 6067c478bd9Sstevel@tonic-gate 6077c478bd9Sstevel@tonic-gate if (now > ctx->endtime) { 6087c478bd9Sstevel@tonic-gate *minor_status = 0; 6097c478bd9Sstevel@tonic-gate 6107c478bd9Sstevel@tonic-gate KRB5_LOG1(KRB5_ERR, "kg_unseal_v1() end, error " 6117c478bd9Sstevel@tonic-gate "now %d > ctx->endtime %d\n", now, ctx->endtime); 6127c478bd9Sstevel@tonic-gate 6137c478bd9Sstevel@tonic-gate return(GSS_S_CONTEXT_EXPIRED); 6147c478bd9Sstevel@tonic-gate } 6157c478bd9Sstevel@tonic-gate 6167c478bd9Sstevel@tonic-gate /* do sequencing checks */ 6177c478bd9Sstevel@tonic-gate if ((ctx->initiate && direction != 0xff) || 6187c478bd9Sstevel@tonic-gate (!ctx->initiate && direction != 0)) { 6197c478bd9Sstevel@tonic-gate if (toktype == KG_TOK_SEAL_MSG) { 6207c478bd9Sstevel@tonic-gate xfree_wrap(token.value, token.length); 6217c478bd9Sstevel@tonic-gate /* Solaris Kerberos: just to be safe since token.value is an 6227c478bd9Sstevel@tonic-gate * output parameter. 6237c478bd9Sstevel@tonic-gate */ 6247c478bd9Sstevel@tonic-gate token.value = NULL; 6257c478bd9Sstevel@tonic-gate token.length = 0; 6267c478bd9Sstevel@tonic-gate } 6277c478bd9Sstevel@tonic-gate *minor_status = (OM_uint32) G_BAD_DIRECTION; 6287c478bd9Sstevel@tonic-gate 6297c478bd9Sstevel@tonic-gate KRB5_LOG1(KRB5_ERR, "kg_unseal_v1() end, error GSS_S_BAD_SIG " 6307c478bd9Sstevel@tonic-gate "G_BAD_DIRECTION ctx->initiate = %d " 6317c478bd9Sstevel@tonic-gate "direction = %d\n", ctx->initiate, direction); 6327c478bd9Sstevel@tonic-gate 6337c478bd9Sstevel@tonic-gate return(GSS_S_BAD_SIG); 6347c478bd9Sstevel@tonic-gate } 6357c478bd9Sstevel@tonic-gate 6367c478bd9Sstevel@tonic-gate retval = g_order_check(&(ctx->seqstate), (gssint_uint64)seqnum); 6377c478bd9Sstevel@tonic-gate 6387c478bd9Sstevel@tonic-gate /* It got through unscathed, adjust the output message buffer. */ 6397c478bd9Sstevel@tonic-gate if (retval == 0 && toktype == KG_TOK_SEAL_MSG) 6407c478bd9Sstevel@tonic-gate *message_buffer = token; 6417c478bd9Sstevel@tonic-gate 6427c478bd9Sstevel@tonic-gate *minor_status = 0; 6437c478bd9Sstevel@tonic-gate KRB5_LOG(KRB5_INFO, "kg_unseal_v1() end, retval = %d\n", retval); 6447c478bd9Sstevel@tonic-gate return(retval); 6457c478bd9Sstevel@tonic-gate } 6467c478bd9Sstevel@tonic-gate 6477c478bd9Sstevel@tonic-gate /* message_buffer is an input if SIGN, output if SEAL, and ignored if DEL_CTX 6487c478bd9Sstevel@tonic-gate conf_state is only valid if SEAL. */ 6497c478bd9Sstevel@tonic-gate 6507c478bd9Sstevel@tonic-gate OM_uint32 651ab9b2e15Sgtb kg_unseal(minor_status, context_handle, input_token_buffer, 6527c478bd9Sstevel@tonic-gate message_buffer, conf_state, qop_state, toktype) 6537c478bd9Sstevel@tonic-gate OM_uint32 *minor_status; 6547c478bd9Sstevel@tonic-gate gss_ctx_id_t context_handle; 6557c478bd9Sstevel@tonic-gate gss_buffer_t input_token_buffer; 6567c478bd9Sstevel@tonic-gate gss_buffer_t message_buffer; 6577c478bd9Sstevel@tonic-gate int *conf_state; 6587c478bd9Sstevel@tonic-gate int *qop_state; 6597c478bd9Sstevel@tonic-gate int toktype; 6607c478bd9Sstevel@tonic-gate { 6617c478bd9Sstevel@tonic-gate krb5_gss_ctx_id_rec *ctx; 6627c478bd9Sstevel@tonic-gate unsigned char *ptr; 6637c478bd9Sstevel@tonic-gate int bodysize; 6647c478bd9Sstevel@tonic-gate int err; 6657c478bd9Sstevel@tonic-gate int toktype2; 6667c478bd9Sstevel@tonic-gate 6677c478bd9Sstevel@tonic-gate KRB5_LOG0(KRB5_INFO, "kg_unseal() start \n"); 6687c478bd9Sstevel@tonic-gate 6697c478bd9Sstevel@tonic-gate /* validate the context handle */ 6707c478bd9Sstevel@tonic-gate if (! kg_validate_ctx_id(context_handle)) { 6717c478bd9Sstevel@tonic-gate *minor_status = (OM_uint32) G_VALIDATE_FAILED; 6727c478bd9Sstevel@tonic-gate 6737c478bd9Sstevel@tonic-gate KRB5_LOG0(KRB5_ERR, "kg_unseal() end, kg_validate_ctx_id() error " 6747c478bd9Sstevel@tonic-gate "G_VALIDATE_FAILED \n"); 6757c478bd9Sstevel@tonic-gate 6767c478bd9Sstevel@tonic-gate return(GSS_S_NO_CONTEXT); 6777c478bd9Sstevel@tonic-gate } 6787c478bd9Sstevel@tonic-gate 6797c478bd9Sstevel@tonic-gate ctx = (krb5_gss_ctx_id_rec *) context_handle; 6807c478bd9Sstevel@tonic-gate 6817c478bd9Sstevel@tonic-gate if (! ctx->established) { 6827c478bd9Sstevel@tonic-gate *minor_status = KG_CTX_INCOMPLETE; 6837c478bd9Sstevel@tonic-gate KRB5_LOG0(KRB5_ERR, "kg_unseal() end, error ! ctx->established \n"); 6847c478bd9Sstevel@tonic-gate return(GSS_S_NO_CONTEXT); 6857c478bd9Sstevel@tonic-gate } 6867c478bd9Sstevel@tonic-gate 6877c478bd9Sstevel@tonic-gate /* parse the token, leave the data in message_buffer, setting conf_state */ 6887c478bd9Sstevel@tonic-gate 6897c478bd9Sstevel@tonic-gate /* verify the header */ 6907c478bd9Sstevel@tonic-gate ptr = (unsigned char *) input_token_buffer->value; 6917c478bd9Sstevel@tonic-gate if (ctx->proto) 6927c478bd9Sstevel@tonic-gate switch (toktype) { 6937c478bd9Sstevel@tonic-gate case KG_TOK_SIGN_MSG: 694159d09a2SMark Phalan toktype2 = 0x0404; 695159d09a2SMark Phalan break; 6967c478bd9Sstevel@tonic-gate case KG_TOK_SEAL_MSG: 697159d09a2SMark Phalan toktype2 = 0x0504; 698159d09a2SMark Phalan break; 6997c478bd9Sstevel@tonic-gate case KG_TOK_DEL_CTX: 700159d09a2SMark Phalan toktype2 = 0x0405; 701159d09a2SMark Phalan break; 7027c478bd9Sstevel@tonic-gate default: 703159d09a2SMark Phalan toktype2 = toktype; 704159d09a2SMark Phalan break; 7057c478bd9Sstevel@tonic-gate } 7067c478bd9Sstevel@tonic-gate else 707159d09a2SMark Phalan toktype2 = toktype; 708ab9b2e15Sgtb err = g_verify_token_header(ctx->mech_used, 7097c478bd9Sstevel@tonic-gate (uint32_t *)&bodysize, &ptr, toktype2, 7107c478bd9Sstevel@tonic-gate input_token_buffer->length, 7117c478bd9Sstevel@tonic-gate !ctx->proto); 7127c478bd9Sstevel@tonic-gate if (err) { 7137c478bd9Sstevel@tonic-gate *minor_status = err; 7147c478bd9Sstevel@tonic-gate return GSS_S_DEFECTIVE_TOKEN; 7157c478bd9Sstevel@tonic-gate } 7167c478bd9Sstevel@tonic-gate 7177c478bd9Sstevel@tonic-gate if (ctx->proto == 0) { 718ab9b2e15Sgtb err = kg_unseal_v1(ctx->k5_context, minor_status, ctx, ptr, bodysize, 7197c478bd9Sstevel@tonic-gate message_buffer, conf_state, qop_state, 7207c478bd9Sstevel@tonic-gate toktype); 7217c478bd9Sstevel@tonic-gate 7227c478bd9Sstevel@tonic-gate } else { 723159d09a2SMark Phalan err = gss_krb5int_unseal_token_v3(&ctx->k5_context, minor_status, ctx, 7247c478bd9Sstevel@tonic-gate ptr, bodysize, message_buffer, 7257c478bd9Sstevel@tonic-gate conf_state, qop_state, toktype); 7267c478bd9Sstevel@tonic-gate } 7277c478bd9Sstevel@tonic-gate 7287c478bd9Sstevel@tonic-gate *minor_status = err; 7297c478bd9Sstevel@tonic-gate 7305e01956fSGlenn Barry #ifndef _KERNEL 7315e01956fSGlenn Barry if (err != 0) 7325e01956fSGlenn Barry save_error_info (*minor_status, ctx->k5_context); 7335e01956fSGlenn Barry #endif 7345e01956fSGlenn Barry 7357c478bd9Sstevel@tonic-gate KRB5_LOG(KRB5_INFO, "kg_unseal() end, err = %d", err); 7367c478bd9Sstevel@tonic-gate 7377c478bd9Sstevel@tonic-gate return(err); 7387c478bd9Sstevel@tonic-gate } 739