Add support for just integrity protecting. Use `gss_krb5_getsomekey'.
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@4656 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Johan Danielsson
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 1997 Kungliga Tekniska H<>gskolan
|
* Copyright (c) 1997, 1998 Kungliga Tekniska H<>gskolan
|
||||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||||
* All rights reserved.
|
* All rights reserved.
|
||||||
*
|
*
|
||||||
@@ -95,7 +95,10 @@ OM_uint32 gss_wrap
|
|||||||
memcpy (p, "\x00\x00", 2);
|
memcpy (p, "\x00\x00", 2);
|
||||||
p += 2;
|
p += 2;
|
||||||
/* SEAL_ALG */
|
/* SEAL_ALG */
|
||||||
memcpy (p, "\x00\x00", 2);
|
if(conf_req_flag)
|
||||||
|
memcpy (p, "\x00\x00", 2);
|
||||||
|
else
|
||||||
|
memcpy (p, "\xff\xff", 2);
|
||||||
p += 2;
|
p += 2;
|
||||||
/* Filler */
|
/* Filler */
|
||||||
memcpy (p, "\xff\xff", 2);
|
memcpy (p, "\xff\xff", 2);
|
||||||
@@ -118,12 +121,7 @@ OM_uint32 gss_wrap
|
|||||||
md5_finito (&md5, hash);
|
md5_finito (&md5, hash);
|
||||||
|
|
||||||
memset (&zero, 0, sizeof(zero));
|
memset (&zero, 0, sizeof(zero));
|
||||||
#if 0
|
gss_krb5_getsomekey(context_handle, &key);
|
||||||
memcpy (&key, context_handle->auth_context->key.keyvalue.data,
|
|
||||||
sizeof(key));
|
|
||||||
#endif
|
|
||||||
memcpy (&key, context_handle->auth_context->local_subkey->keyvalue.data,
|
|
||||||
sizeof(key));
|
|
||||||
des_set_key (&key, schedule);
|
des_set_key (&key, schedule);
|
||||||
des_cbc_cksum ((des_cblock *)hash,
|
des_cbc_cksum ((des_cblock *)hash,
|
||||||
(des_cblock *)hash, sizeof(hash), schedule, &zero);
|
(des_cblock *)hash, sizeof(hash), schedule, &zero);
|
||||||
@@ -154,25 +152,23 @@ OM_uint32 gss_wrap
|
|||||||
/* encrypt the data */
|
/* encrypt the data */
|
||||||
p += 16;
|
p += 16;
|
||||||
|
|
||||||
memset (&zero, 0, sizeof(zero));
|
if(conf_req_flag) {
|
||||||
#if 0
|
gss_krb5_getsomekey(context_handle, &key);
|
||||||
memcpy (&key, context_handle->auth_context->key.keyvalue.data,
|
for (i = 0; i < sizeof(key); ++i)
|
||||||
sizeof(key));
|
key[i] ^= 0xf0;
|
||||||
#endif
|
des_set_key (&key, schedule);
|
||||||
memcpy (&key, context_handle->auth_context->local_subkey->keyvalue.data,
|
memset (&zero, 0, sizeof(zero));
|
||||||
sizeof(key));
|
des_cbc_encrypt ((des_cblock *)p,
|
||||||
for (i = 0; i < sizeof(key); ++i)
|
(des_cblock *)p,
|
||||||
key[i] ^= 0xf0;
|
8 + input_message_buffer->length + padlength,
|
||||||
des_set_key (&key, schedule);
|
schedule,
|
||||||
des_cbc_encrypt ((des_cblock *)p,
|
&zero,
|
||||||
(des_cblock *)p,
|
DES_ENCRYPT);
|
||||||
8 + input_message_buffer->length + padlength,
|
|
||||||
schedule,
|
memset (key, 0, sizeof(key));
|
||||||
&zero,
|
memset (schedule, 0, sizeof(schedule));
|
||||||
DES_ENCRYPT);
|
}
|
||||||
|
if(conf_state != NULL)
|
||||||
memset (key, 0, sizeof(key));
|
*conf_state = conf_req_flag;
|
||||||
memset (schedule, 0, sizeof(schedule));
|
|
||||||
|
|
||||||
return GSS_S_COMPLETE;
|
return GSS_S_COMPLETE;
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 1997 Kungliga Tekniska H<>gskolan
|
* Copyright (c) 1997, 1998 Kungliga Tekniska H<>gskolan
|
||||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||||
* All rights reserved.
|
* All rights reserved.
|
||||||
*
|
*
|
||||||
@@ -95,7 +95,10 @@ OM_uint32 gss_wrap
|
|||||||
memcpy (p, "\x00\x00", 2);
|
memcpy (p, "\x00\x00", 2);
|
||||||
p += 2;
|
p += 2;
|
||||||
/* SEAL_ALG */
|
/* SEAL_ALG */
|
||||||
memcpy (p, "\x00\x00", 2);
|
if(conf_req_flag)
|
||||||
|
memcpy (p, "\x00\x00", 2);
|
||||||
|
else
|
||||||
|
memcpy (p, "\xff\xff", 2);
|
||||||
p += 2;
|
p += 2;
|
||||||
/* Filler */
|
/* Filler */
|
||||||
memcpy (p, "\xff\xff", 2);
|
memcpy (p, "\xff\xff", 2);
|
||||||
@@ -118,12 +121,7 @@ OM_uint32 gss_wrap
|
|||||||
md5_finito (&md5, hash);
|
md5_finito (&md5, hash);
|
||||||
|
|
||||||
memset (&zero, 0, sizeof(zero));
|
memset (&zero, 0, sizeof(zero));
|
||||||
#if 0
|
gss_krb5_getsomekey(context_handle, &key);
|
||||||
memcpy (&key, context_handle->auth_context->key.keyvalue.data,
|
|
||||||
sizeof(key));
|
|
||||||
#endif
|
|
||||||
memcpy (&key, context_handle->auth_context->local_subkey->keyvalue.data,
|
|
||||||
sizeof(key));
|
|
||||||
des_set_key (&key, schedule);
|
des_set_key (&key, schedule);
|
||||||
des_cbc_cksum ((des_cblock *)hash,
|
des_cbc_cksum ((des_cblock *)hash,
|
||||||
(des_cblock *)hash, sizeof(hash), schedule, &zero);
|
(des_cblock *)hash, sizeof(hash), schedule, &zero);
|
||||||
@@ -154,25 +152,23 @@ OM_uint32 gss_wrap
|
|||||||
/* encrypt the data */
|
/* encrypt the data */
|
||||||
p += 16;
|
p += 16;
|
||||||
|
|
||||||
memset (&zero, 0, sizeof(zero));
|
if(conf_req_flag) {
|
||||||
#if 0
|
gss_krb5_getsomekey(context_handle, &key);
|
||||||
memcpy (&key, context_handle->auth_context->key.keyvalue.data,
|
for (i = 0; i < sizeof(key); ++i)
|
||||||
sizeof(key));
|
key[i] ^= 0xf0;
|
||||||
#endif
|
des_set_key (&key, schedule);
|
||||||
memcpy (&key, context_handle->auth_context->local_subkey->keyvalue.data,
|
memset (&zero, 0, sizeof(zero));
|
||||||
sizeof(key));
|
des_cbc_encrypt ((des_cblock *)p,
|
||||||
for (i = 0; i < sizeof(key); ++i)
|
(des_cblock *)p,
|
||||||
key[i] ^= 0xf0;
|
8 + input_message_buffer->length + padlength,
|
||||||
des_set_key (&key, schedule);
|
schedule,
|
||||||
des_cbc_encrypt ((des_cblock *)p,
|
&zero,
|
||||||
(des_cblock *)p,
|
DES_ENCRYPT);
|
||||||
8 + input_message_buffer->length + padlength,
|
|
||||||
schedule,
|
memset (key, 0, sizeof(key));
|
||||||
&zero,
|
memset (schedule, 0, sizeof(schedule));
|
||||||
DES_ENCRYPT);
|
}
|
||||||
|
if(conf_state != NULL)
|
||||||
memset (key, 0, sizeof(key));
|
*conf_state = conf_req_flag;
|
||||||
memset (schedule, 0, sizeof(schedule));
|
|
||||||
|
|
||||||
return GSS_S_COMPLETE;
|
return GSS_S_COMPLETE;
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user