oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

gsskrb5: add support for DCE_STYLE and des and des3 keys

Browse Source 
Only the des keys are tested as windows doesn't support des3

metze

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
This commit is contained in:
Stefan Metzmacher
2008-08-25 09:24:04 +02:00
committed by Love Hornquist Astrand
parent 013fb45a7f
commit 0297d047a4
2 changed files with 64 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

52
lib/gssapi/krb5/unwrap.c
View File

@@ -57,10 +57,17 @@ unwrap_des
OM_uint32 ret;
int cstate;
int cmp;
int token_len;
if (IS_DCE_STYLE(context_handle)) {
token_len = 22 + 8 + 15; /* 45 */
} else {
token_len = input_message_buffer->length;
}
p = input_message_buffer->value;
ret = _gsskrb5_verify_header (&p,
input_message_buffer->length,
token_len,
"\x02\x01",
GSS_KRB5_MECHANISM);
if (ret)
@@ -103,12 +110,17 @@ unwrap_des
memset (deskey, 0, sizeof(deskey));
memset (&schedule, 0, sizeof(schedule));
}
/* check pad */
ret = _gssapi_verify_pad(input_message_buffer,
input_message_buffer->length - len,
&padlength);
if (ret)
return ret;
if (IS_DCE_STYLE(context_handle)) {
padlength = 0;
} else {
/* check pad */
ret = _gssapi_verify_pad(input_message_buffer,
input_message_buffer->length - len,
&padlength);
if (ret)
return ret;
}
MD5_Init (&md5);
MD5_Update (&md5, p - 24, 8);
@@ -193,10 +205,17 @@ unwrap_des3
krb5_crypto crypto;
Checksum csum;
int cmp;
int token_len;
if (IS_DCE_STYLE(context_handle)) {
token_len = 34 + 8 + 15; /* 57 */
} else {
token_len = input_message_buffer->length;
}
p = input_message_buffer->value;
ret = _gsskrb5_verify_header (&p,
input_message_buffer->length,
token_len,
"\x02\x01",
GSS_KRB5_MECHANISM);
if (ret)
@@ -243,12 +262,17 @@ unwrap_des3
memcpy (p, tmp.data, tmp.length);
krb5_data_free(&tmp);
}
/* check pad */
ret = _gssapi_verify_pad(input_message_buffer,
input_message_buffer->length - len,
&padlength);
if (ret)
return ret;
if (IS_DCE_STYLE(context_handle)) {
padlength = 0;
} else {
/* check pad */
ret = _gssapi_verify_pad(input_message_buffer,
input_message_buffer->length - len,
&padlength);
if (ret)
return ret;
}
/* verify sequence number */

34
lib/gssapi/krb5/wrap.c
View File

@@ -211,10 +211,19 @@ wrap_des
int32_t seq_number;
size_t len, total_len, padlength, datalen;
padlength = 8 - (input_message_buffer->length % 8);
datalen = input_message_buffer->length + padlength + 8;
len = datalen + 22;
_gsskrb5_encap_length (len, &len, &total_len, GSS_KRB5_MECHANISM);
if (IS_DCE_STYLE(ctx)) {
padlength = 0;
datalen = input_message_buffer->length;
len = 22 + 8;
_gsskrb5_encap_length (len, &len, &total_len, GSS_KRB5_MECHANISM);
total_len += datalen;
datalen += 8;
} else {
padlength = 8 - (input_message_buffer->length % 8);
datalen = input_message_buffer->length + padlength + 8;
len = datalen + 22;
_gsskrb5_encap_length (len, &len, &total_len, GSS_KRB5_MECHANISM);
}
output_message_buffer->length = total_len;
output_message_buffer->value = malloc (total_len);
@@ -337,10 +346,19 @@ wrap_des3
Checksum cksum;
krb5_data encdata;
padlength = 8 - (input_message_buffer->length % 8);
datalen = input_message_buffer->length + padlength + 8;
len = datalen + 34;
_gsskrb5_encap_length (len, &len, &total_len, GSS_KRB5_MECHANISM);
if (IS_DCE_STYLE(ctx)) {
padlength = 0;
datalen = input_message_buffer->length;
len = 34 + 8;
_gsskrb5_encap_length (len, &len, &total_len, GSS_KRB5_MECHANISM);
total_len += datalen;
datalen += 8;
} else {
padlength = 8 - (input_message_buffer->length % 8);
datalen = input_message_buffer->length + padlength + 8;
len = datalen + 34;
_gsskrb5_encap_length (len, &len, &total_len, GSS_KRB5_MECHANISM);
}
output_message_buffer->length = total_len;
output_message_buffer->value = malloc (total_len);