lib/libgssapi/gss_encapsulate_token.c

   1 /*-
   2  * SPDX-License-Identifier: BSD-2-Clause-FreeBSD
   3  *
   4  * Copyright (c) 2008 Doug Rabson
   5  * All rights reserved.
   6  *
   7  * Redistribution and use in source and binary forms, with or without
   8  * modification, are permitted provided that the following conditions
   9  * are met:
  10  * 1. Redistributions of source code must retain the above copyright
  11  *    notice, this list of conditions and the following disclaimer.
  12  * 2. Redistributions in binary form must reproduce the above copyright
  13  *    notice, this list of conditions and the following disclaimer in the
  14  *    documentation and/or other materials provided with the distribution.
  15  *
  16  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
  17  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  18  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  19  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
  20  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  21  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  22  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  23  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  24  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  25  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  26  * SUCH DAMAGE.
  27  *
  28  * $FreeBSD$
  29  */
  30
  31 #include <gssapi/gssapi.h>
  32 #include <stdlib.h>
  33 #include <string.h>
  34
  35 #include "utils.h"
  36
  37 OM_uint32
  38 gss_encapsulate_token(const gss_buffer_t input_token, gss_OID oid,
  39     gss_buffer_t output_token)
  40 {
  41         unsigned char *p;
  42         size_t len, inside_len;
  43         size_t a, b;
  44         int i;
  45
  46         _gss_buffer_zero(output_token);
  47
  48         /*
  49          * First time around, we calculate the size, second time, we
  50          * encode the token.
  51          */
  52         p = NULL;
  53         for (i = 0; i < 2; i++) {
  54                 len = 0;
  55
  56                 /*
  57                  * Token starts with [APPLICATION 0] SEQUENCE.
  58                  */
  59                 if (p)
  60                         *p++ = 0x60;
  61                 len++;
  62
  63                 /*
  64                  * The length embedded in the token is the space
  65                  * needed for the encapsulated oid plus the length of
  66                  * the inner token.
  67                  */
  68                 if (oid->length > 127)
  69                         return (GSS_S_DEFECTIVE_TOKEN);
  70
  71                 inside_len = 2 + oid->length + input_token->length;
  72
  73                 /*
  74                  * Figure out how to encode the length
  75                  */
  76                 if (inside_len < 128) {
  77                         if (p)
  78                                 *p++ = inside_len;
  79                         len++;
  80                 } else {
  81                         b = 1;
  82                         if (inside_len >= 0x100)
  83                                 b++;
  84                         if (inside_len >= 0x10000)
  85                                 b++;
  86                         if (inside_len >= 0x1000000)
  87                                 b++;
  88                         if (p)
  89                                 *p++ = b | 0x80;
  90                         len++;
  91                         a = inside_len << 8*(4 - b);
  92                         while (b) {
  93                                 if (p)
  94                                         *p++ = (a >> 24);
  95                                 a <<= 8;
  96                                 len++;
  97                                 b--;
  98                         }
  99                 }
 100
 101                 /*
 102                  * Encode the OID for the mechanism. Simplify life by
 103                  * assuming that the OID length is less than 128 bytes.
 104                  */
 105                 if (p)
 106                         *p++ = 0x06;
 107                 len++;
 108                 if (p)
 109                         *p++ = oid->length;
 110                 len++;
 111                 if (p) {
 112                         memcpy(p, oid->elements, oid->length);
 113                         p += oid->length;
 114                 }
 115                 len += oid->length;
 116
 117                 if (p) {
 118                         memcpy(p, input_token->value, input_token->length);
 119                         p += input_token->length;
 120                 }
 121                 len += input_token->length;
 122
 123                 if (i == 0) {
 124                         output_token->length = len;
 125                         output_token->value = malloc(len);
 126                         if (!output_token->value)
 127                                 return (GSS_S_DEFECTIVE_TOKEN);
 128                         p = output_token->value;
 129                 }
 130         }
 131
 132         return (GSS_S_COMPLETE);
 133 }