lib/libgssapi/gss_decapsulate_token.c

178828Sdfr/*-
178828Sdfr * Copyright (c) 2008 Doug Rabson
178828Sdfr * All rights reserved.
178828Sdfr *
178828Sdfr * Redistribution and use in source and binary forms, with or without
178828Sdfr * modification, are permitted provided that the following conditions
178828Sdfr * are met:
178828Sdfr * 1. Redistributions of source code must retain the above copyright
178828Sdfr *    notice, this list of conditions and the following disclaimer.
178828Sdfr * 2. Redistributions in binary form must reproduce the above copyright
178828Sdfr *    notice, this list of conditions and the following disclaimer in the
178828Sdfr *    documentation and/or other materials provided with the distribution.
178828Sdfr *
178828Sdfr * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
178828Sdfr * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
178828Sdfr * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
178828Sdfr * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
178828Sdfr * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
178828Sdfr * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
178828Sdfr * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
178828Sdfr * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
178828Sdfr * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
178828Sdfr * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
178828Sdfr * SUCH DAMAGE.
178828Sdfr *
178828Sdfr * $FreeBSD$
178828Sdfr */
178828Sdfr
178828Sdfr#include <gssapi/gssapi.h>
178828Sdfr#include <stdlib.h>
178828Sdfr#include <string.h>
178828Sdfr
178828Sdfr#include "utils.h"
178828Sdfr
178828SdfrOM_uint32
178828Sdfrgss_decapsulate_token(const gss_buffer_t input_token, gss_OID oid,
178828Sdfr    gss_buffer_t output_token)
178828Sdfr{
178828Sdfr	unsigned char *p = input_token->value;
178828Sdfr	size_t len = input_token->length;
178828Sdfr	size_t a, b;
178828Sdfr	gss_OID_desc mech_oid;
178828Sdfr
178828Sdfr	_gss_buffer_zero(output_token);
178828Sdfr
178828Sdfr	/*
178828Sdfr	 * Token must start with [APPLICATION 0] SEQUENCE.
178828Sdfr	 */
178828Sdfr	if (len == 0 || *p != 0x60)
178828Sdfr		return (GSS_S_DEFECTIVE_TOKEN);
178828Sdfr	p++;
178828Sdfr	len--;
178828Sdfr
178828Sdfr	/*
178828Sdfr	 * Decode the length and make sure it agrees with the
178828Sdfr	 * token length.
178828Sdfr	 */
178828Sdfr	if (len == 0)
178828Sdfr		return (GSS_S_DEFECTIVE_TOKEN);
178828Sdfr	if ((*p & 0x80) == 0) {
178828Sdfr		a = *p;
178828Sdfr		p++;
178828Sdfr		len--;
178828Sdfr	} else {
178828Sdfr		b = *p & 0x7f;
178828Sdfr		p++;
178828Sdfr		len--;
178828Sdfr		if (len < b)
178828Sdfr			return (GSS_S_DEFECTIVE_TOKEN);
178828Sdfr		a = 0;
178828Sdfr		while (b) {
178828Sdfr			a = (a << 8) | *p;
178828Sdfr			p++;
178828Sdfr			len--;
178828Sdfr			b--;
178828Sdfr		}
178828Sdfr	}
178828Sdfr	if (a != len)
178828Sdfr		return (GSS_S_DEFECTIVE_TOKEN);
178828Sdfr
178828Sdfr	/*
178828Sdfr	 * Decode the OID for the mechanism. Simplify life by
178828Sdfr	 * assuming that the OID length is less than 128 bytes.
178828Sdfr	 */
178828Sdfr	if (len < 2 || *p != 0x06)
178828Sdfr		return (GSS_S_DEFECTIVE_TOKEN);
178828Sdfr	if ((p[1] & 0x80) || p[1] > (len - 2))
178828Sdfr		return (GSS_S_DEFECTIVE_TOKEN);
178828Sdfr	mech_oid.length = p[1];
178828Sdfr	p += 2;
178828Sdfr	len -= 2;
178828Sdfr	mech_oid.elements = p;
178828Sdfr
178828Sdfr	if (!gss_oid_equal(&mech_oid, oid))
178828Sdfr		return (GSS_S_FAILURE);
178828Sdfr
178828Sdfr	p += mech_oid.length;
178828Sdfr	len -= mech_oid.length;
178828Sdfr
178828Sdfr	output_token->length = len;
178828Sdfr	output_token->value = malloc(len);
178828Sdfr	if (!output_token->value)
178828Sdfr		return (GSS_S_DEFECTIVE_TOKEN);
178828Sdfr	memcpy(output_token->value, p, len);
178828Sdfr
178828Sdfr	return (GSS_S_COMPLETE);
178828Sdfr}