1*7c478bd9Sstevel@tonic-gate /*
2*7c478bd9Sstevel@tonic-gate  * Copyright 2001-2002 Sun Microsystems, Inc.  All rights reserved.
3*7c478bd9Sstevel@tonic-gate  * Use is subject to license terms.
4*7c478bd9Sstevel@tonic-gate  */
5*7c478bd9Sstevel@tonic-gate 
6*7c478bd9Sstevel@tonic-gate #pragma ident	"%Z%%M%	%I%	%E% SMI"
7*7c478bd9Sstevel@tonic-gate 
8*7c478bd9Sstevel@tonic-gate /*
9*7c478bd9Sstevel@tonic-gate  * Copyright 1993 by OpenVision Technologies, Inc.
10*7c478bd9Sstevel@tonic-gate  *
11*7c478bd9Sstevel@tonic-gate  * Permission to use, copy, modify, distribute, and sell this software
12*7c478bd9Sstevel@tonic-gate  * and its documentation for any purpose is hereby granted without fee,
13*7c478bd9Sstevel@tonic-gate  * provided that the above copyright notice appears in all copies and
14*7c478bd9Sstevel@tonic-gate  * that both that copyright notice and this permission notice appear in
15*7c478bd9Sstevel@tonic-gate  * supporting documentation, and that the name of OpenVision not be used
16*7c478bd9Sstevel@tonic-gate  * in advertising or publicity pertaining to distribution of the software
17*7c478bd9Sstevel@tonic-gate  * without specific, written prior permission. OpenVision makes no
18*7c478bd9Sstevel@tonic-gate  * representations about the suitability of this software for any
19*7c478bd9Sstevel@tonic-gate  * purpose.  It is provided "as is" without express or implied warranty.
20*7c478bd9Sstevel@tonic-gate  *
21*7c478bd9Sstevel@tonic-gate  * OPENVISION DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE,
22*7c478bd9Sstevel@tonic-gate  * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO
23*7c478bd9Sstevel@tonic-gate  * EVENT SHALL OPENVISION BE LIABLE FOR ANY SPECIAL, INDIRECT OR
24*7c478bd9Sstevel@tonic-gate  * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF
25*7c478bd9Sstevel@tonic-gate  * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR
26*7c478bd9Sstevel@tonic-gate  * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
27*7c478bd9Sstevel@tonic-gate  * PERFORMANCE OF THIS SOFTWARE.
28*7c478bd9Sstevel@tonic-gate  */
29*7c478bd9Sstevel@tonic-gate 
30*7c478bd9Sstevel@tonic-gate #include <gssapiP_krb5.h>
31*7c478bd9Sstevel@tonic-gate 
32*7c478bd9Sstevel@tonic-gate /*
33*7c478bd9Sstevel@tonic-gate  * $Id: sign.c,v 1.11 1996/07/22 20:34:35 marc Exp $
34*7c478bd9Sstevel@tonic-gate  */
35*7c478bd9Sstevel@tonic-gate /*ARGSUSED*/
36*7c478bd9Sstevel@tonic-gate 
37*7c478bd9Sstevel@tonic-gate OM_uint32
38*7c478bd9Sstevel@tonic-gate krb5_gss_sign(ctx, minor_status, context_handle,
39*7c478bd9Sstevel@tonic-gate 	      qop_req, message_buffer,
40*7c478bd9Sstevel@tonic-gate 	      message_token
41*7c478bd9Sstevel@tonic-gate #ifdef	 _KERNEL
42*7c478bd9Sstevel@tonic-gate 		, gssd_ctx_verifier
43*7c478bd9Sstevel@tonic-gate #endif
44*7c478bd9Sstevel@tonic-gate 	)
45*7c478bd9Sstevel@tonic-gate      void      *ctx;
46*7c478bd9Sstevel@tonic-gate      OM_uint32 *minor_status;
47*7c478bd9Sstevel@tonic-gate      gss_ctx_id_t context_handle;
48*7c478bd9Sstevel@tonic-gate      int qop_req;
49*7c478bd9Sstevel@tonic-gate      gss_buffer_t message_buffer;
50*7c478bd9Sstevel@tonic-gate      gss_buffer_t message_token;
51*7c478bd9Sstevel@tonic-gate #ifdef	 _KERNEL
52*7c478bd9Sstevel@tonic-gate 	OM_uint32 gssd_ctx_verifier;
53*7c478bd9Sstevel@tonic-gate #endif
54*7c478bd9Sstevel@tonic-gate {
55*7c478bd9Sstevel@tonic-gate    krb5_context context;
56*7c478bd9Sstevel@tonic-gate    OM_uint32	status;
57*7c478bd9Sstevel@tonic-gate 
58*7c478bd9Sstevel@tonic-gate    /* Solaris Kerberos:  for MT safety, we avoid the use of a default
59*7c478bd9Sstevel@tonic-gate     * context via kg_get_context() */
60*7c478bd9Sstevel@tonic-gate #if 0
61*7c478bd9Sstevel@tonic-gate    if (GSS_ERROR(kg_get_context(minor_status, &context)))
62*7c478bd9Sstevel@tonic-gate       return(GSS_S_FAILURE);
63*7c478bd9Sstevel@tonic-gate #endif
64*7c478bd9Sstevel@tonic-gate 
65*7c478bd9Sstevel@tonic-gate    mutex_lock(&krb5_mutex);
66*7c478bd9Sstevel@tonic-gate 
67*7c478bd9Sstevel@tonic-gate    context = ctx;
68*7c478bd9Sstevel@tonic-gate    status = kg_seal(context, minor_status, context_handle, 0,
69*7c478bd9Sstevel@tonic-gate 		  qop_req, message_buffer, NULL,
70*7c478bd9Sstevel@tonic-gate 		  message_token, KG_TOK_SIGN_MSG);
71*7c478bd9Sstevel@tonic-gate    mutex_unlock(&krb5_mutex);
72*7c478bd9Sstevel@tonic-gate    return(status);
73*7c478bd9Sstevel@tonic-gate }
74*7c478bd9Sstevel@tonic-gate 
75*7c478bd9Sstevel@tonic-gate /* V2 interface */
76*7c478bd9Sstevel@tonic-gate OM_uint32
77*7c478bd9Sstevel@tonic-gate krb5_gss_get_mic(ctx, minor_status, context_handle, qop_req,
78*7c478bd9Sstevel@tonic-gate 		 message_buffer, message_token)
79*7c478bd9Sstevel@tonic-gate     void                *ctx;
80*7c478bd9Sstevel@tonic-gate     OM_uint32		*minor_status;
81*7c478bd9Sstevel@tonic-gate     gss_ctx_id_t	context_handle;
82*7c478bd9Sstevel@tonic-gate     gss_qop_t		qop_req;
83*7c478bd9Sstevel@tonic-gate     gss_buffer_t	message_buffer;
84*7c478bd9Sstevel@tonic-gate     gss_buffer_t	message_token;
85*7c478bd9Sstevel@tonic-gate {
86*7c478bd9Sstevel@tonic-gate    krb5_context context;
87*7c478bd9Sstevel@tonic-gate    OM_uint32	status;
88*7c478bd9Sstevel@tonic-gate 
89*7c478bd9Sstevel@tonic-gate    /* Solaris Kerberos:  for MT safety, we avoid the use of a default
90*7c478bd9Sstevel@tonic-gate     * context via kg_get_context() */
91*7c478bd9Sstevel@tonic-gate #if 0
92*7c478bd9Sstevel@tonic-gate    if (GSS_ERROR(kg_get_context(minor_status, &context)))
93*7c478bd9Sstevel@tonic-gate       return(GSS_S_FAILURE);
94*7c478bd9Sstevel@tonic-gate #endif
95*7c478bd9Sstevel@tonic-gate 
96*7c478bd9Sstevel@tonic-gate    mutex_lock(&krb5_mutex);
97*7c478bd9Sstevel@tonic-gate 
98*7c478bd9Sstevel@tonic-gate    context = ctx;
99*7c478bd9Sstevel@tonic-gate 
100*7c478bd9Sstevel@tonic-gate    status = kg_seal(context, minor_status, context_handle, 0,
101*7c478bd9Sstevel@tonic-gate 		   (int) qop_req, message_buffer, NULL,
102*7c478bd9Sstevel@tonic-gate 		   message_token, KG_TOK_MIC_MSG);
103*7c478bd9Sstevel@tonic-gate    mutex_unlock(&krb5_mutex);
104*7c478bd9Sstevel@tonic-gate    return(status);
105*7c478bd9Sstevel@tonic-gate }
106