From 6cdb4003eba0074744ef452a583b368a56869ac8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Love=20H=C3=B6rnquist=20=C3=85strand?= Date: Wed, 3 Sep 2003 08:36:57 +0000 Subject: [PATCH] EC is not included in the checksum since the length might change depending on the data. From: Luke Howard git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@12746 ec53bebd-3082-4978-b11e-865c3cabbd6b --- lib/gssapi/cfx.c | 18 ++++++++++++++++-- lib/gssapi/krb5/cfx.c | 18 ++++++++++++++++-- 2 files changed, 32 insertions(+), 4 deletions(-) diff --git a/lib/gssapi/cfx.c b/lib/gssapi/cfx.c index 89c660c50..5a60bc066 100644 --- a/lib/gssapi/cfx.c +++ b/lib/gssapi/cfx.c @@ -253,9 +253,13 @@ OM_uint32 _gssapi_wrap_cfx(OM_uint32 *minor_status, * In Wrap tokens without confidentiality, the EC field is * used to encode the size (in bytes) of the trailing * checksum. + * + * This is not used in the checksum calcuation itself, + * because the checksum length could potentially vary + * depending on the data length. */ - token->EC[0] = (cksumsize >> 0) & 0xFF; - token->EC[1] = (cksumsize >> 8) & 0xFF; + token->EC[0] = 0; + token->EC[1] = 0; } token->RRC[0] = (rrc >> 0) & 0xFF; token->RRC[1] = (rrc >> 8) & 0xFF; @@ -355,6 +359,10 @@ OM_uint32 _gssapi_wrap_cfx(OM_uint32 *minor_status, free(buf); + assert(cksum.checksum.length == cksumsize); + token->EC[0] = (cksum.checksum.length >> 0) & 0xFF; + token->EC[1] = (cksum.checksum.length >> 8) & 0xFF; + p += sizeof(*token); memcpy(p, input_message_buffer->value, input_message_buffer->length); memcpy(p + input_message_buffer->length, @@ -555,6 +563,12 @@ OM_uint32 _gssapi_unwrap_cfx(OM_uint32 *minor_status, memcpy((u_char *)output_message_buffer->value + len, token, sizeof(*token)); + /* EC is not included in checksum calculation */ + token = (gss_cfx_wrap_token)((u_char *)output_message_buffer->value + + len); + token->EC[0] = 0; + token->EC[1] = 0; + ret = krb5_verify_checksum(gssapi_krb5_context, crypto, usage, output_message_buffer->value, diff --git a/lib/gssapi/krb5/cfx.c b/lib/gssapi/krb5/cfx.c index 89c660c50..5a60bc066 100644 --- a/lib/gssapi/krb5/cfx.c +++ b/lib/gssapi/krb5/cfx.c @@ -253,9 +253,13 @@ OM_uint32 _gssapi_wrap_cfx(OM_uint32 *minor_status, * In Wrap tokens without confidentiality, the EC field is * used to encode the size (in bytes) of the trailing * checksum. + * + * This is not used in the checksum calcuation itself, + * because the checksum length could potentially vary + * depending on the data length. */ - token->EC[0] = (cksumsize >> 0) & 0xFF; - token->EC[1] = (cksumsize >> 8) & 0xFF; + token->EC[0] = 0; + token->EC[1] = 0; } token->RRC[0] = (rrc >> 0) & 0xFF; token->RRC[1] = (rrc >> 8) & 0xFF; @@ -355,6 +359,10 @@ OM_uint32 _gssapi_wrap_cfx(OM_uint32 *minor_status, free(buf); + assert(cksum.checksum.length == cksumsize); + token->EC[0] = (cksum.checksum.length >> 0) & 0xFF; + token->EC[1] = (cksum.checksum.length >> 8) & 0xFF; + p += sizeof(*token); memcpy(p, input_message_buffer->value, input_message_buffer->length); memcpy(p + input_message_buffer->length, @@ -555,6 +563,12 @@ OM_uint32 _gssapi_unwrap_cfx(OM_uint32 *minor_status, memcpy((u_char *)output_message_buffer->value + len, token, sizeof(*token)); + /* EC is not included in checksum calculation */ + token = (gss_cfx_wrap_token)((u_char *)output_message_buffer->value + + len); + token->EC[0] = 0; + token->EC[1] = 0; + ret = krb5_verify_checksum(gssapi_krb5_context, crypto, usage, output_message_buffer->value,