crypto/external/bsd/heimdal/dist/lib/gssapi/krb5/encapsulate.c

   1 /*      $NetBSD: encapsulate.c,v 1.1.1.2 2014/04/24 12:45:29 pettai Exp $       */
   2
   3 /*
   4  * Copyright (c) 1997 - 2003 Kungliga Tekniska Högskolan
   5  * (Royal Institute of Technology, Stockholm, Sweden).
   6  * All rights reserved.
   7  *
   8  * Redistribution and use in source and binary forms, with or without
   9  * modification, are permitted provided that the following conditions
  10  * are met:
  11  *
  12  * 1. Redistributions of source code must retain the above copyright
  13  *    notice, this list of conditions and the following disclaimer.
  14  *
  15  * 2. Redistributions in binary form must reproduce the above copyright
  16  *    notice, this list of conditions and the following disclaimer in the
  17  *    documentation and/or other materials provided with the distribution.
  18  *
  19  * 3. Neither the name of the Institute nor the names of its contributors
  20  *    may be used to endorse or promote products derived from this software
  21  *    without specific prior written permission.
  22  *
  23  * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
  24  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  25  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  26  * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
  27  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  28  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  29  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  30  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  31  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  32  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  33  * SUCH DAMAGE.
  34  */
  35
  36 #include "gsskrb5_locl.h"
  37
  38 void
  39 _gssapi_encap_length (size_t data_len,
  40                       size_t *len,
  41                       size_t *total_len,
  42                       const gss_OID mech)
  43 {
  44     size_t len_len;
  45
  46     *len = 1 + 1 + mech->length + data_len;
  47
  48     len_len = der_length_len(*len);
  49
  50     *total_len = 1 + len_len + *len;
  51 }
  52
  53 void
  54 _gsskrb5_encap_length (size_t data_len,
  55                           size_t *len,
  56                           size_t *total_len,
  57                           const gss_OID mech)
  58 {
  59     _gssapi_encap_length(data_len + 2, len, total_len, mech);
  60 }
  61
  62 void *
  63 _gsskrb5_make_header (void *ptr,
  64                          size_t len,
  65                          const void *type,
  66                          const gss_OID mech)
  67 {
  68     u_char *p = ptr;
  69     p = _gssapi_make_mech_header(p, len, mech);
  70     memcpy (p, type, 2);
  71     p += 2;
  72     return p;
  73 }
  74
  75 void *
  76 _gssapi_make_mech_header(void *ptr,
  77                          size_t len,
  78                          const gss_OID mech)
  79 {
  80     u_char *p = ptr;
  81     int e;
  82     size_t len_len, foo;
  83
  84     *p++ = 0x60;
  85     len_len = der_length_len(len);
  86     e = der_put_length (p + len_len - 1, len_len, len, &foo);
  87     if(e || foo != len_len)
  88         abort ();
  89     p += len_len;
  90     *p++ = 0x06;
  91     *p++ = mech->length;
  92     memcpy (p, mech->elements, mech->length);
  93     p += mech->length;
  94     return p;
  95 }
  96
  97 /*
  98  * Give it a krb5_data and it will encapsulate with extra GSS-API wrappings.
  99  */
 100
 101 OM_uint32
 102 _gssapi_encapsulate(
 103     OM_uint32 *minor_status,
 104     const krb5_data *in_data,
 105     gss_buffer_t output_token,
 106     const gss_OID mech
 107 )
 108 {
 109     size_t len, outer_len;
 110     void *p;
 111
 112     _gssapi_encap_length (in_data->length, &len, &outer_len, mech);
 113
 114     output_token->length = outer_len;
 115     output_token->value  = malloc (outer_len);
 116     if (output_token->value == NULL) {
 117         *minor_status = ENOMEM;
 118         return GSS_S_FAILURE;
 119     }
 120
 121     p = _gssapi_make_mech_header (output_token->value, len, mech);
 122     memcpy (p, in_data->data, in_data->length);
 123     return GSS_S_COMPLETE;
 124 }
 125
 126 /*
 127  * Give it a krb5_data and it will encapsulate with extra GSS-API krb5
 128  * wrappings.
 129  */
 130
 131 OM_uint32
 132 _gsskrb5_encapsulate(
 133                         OM_uint32 *minor_status,
 134                         const krb5_data *in_data,
 135                         gss_buffer_t output_token,
 136                         const void *type,
 137                         const gss_OID mech
 138 )
 139 {
 140     size_t len, outer_len;
 141     u_char *p;
 142
 143     _gsskrb5_encap_length (in_data->length, &len, &outer_len, mech);
 144
 145     output_token->length = outer_len;
 146     output_token->value  = malloc (outer_len);
 147     if (output_token->value == NULL) {
 148         *minor_status = ENOMEM;
 149         return GSS_S_FAILURE;
 150     }
 151
 152     p = _gsskrb5_make_header (output_token->value, len, type, mech);
 153     memcpy (p, in_data->data, in_data->length);
 154     return GSS_S_COMPLETE;
 155 }