gss_generic_token.c 6.1 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235
  1. /*
  2. * linux/net/sunrpc/gss_generic_token.c
  3. *
  4. * Adapted from MIT Kerberos 5-1.2.1 lib/gssapi/generic/util_token.c
  5. *
  6. * Copyright (c) 2000 The Regents of the University of Michigan.
  7. * All rights reserved.
  8. *
  9. * Andy Adamson <andros@umich.edu>
  10. */
  11. /*
  12. * Copyright 1993 by OpenVision Technologies, Inc.
  13. *
  14. * Permission to use, copy, modify, distribute, and sell this software
  15. * and its documentation for any purpose is hereby granted without fee,
  16. * provided that the above copyright notice appears in all copies and
  17. * that both that copyright notice and this permission notice appear in
  18. * supporting documentation, and that the name of OpenVision not be used
  19. * in advertising or publicity pertaining to distribution of the software
  20. * without specific, written prior permission. OpenVision makes no
  21. * representations about the suitability of this software for any
  22. * purpose. It is provided "as is" without express or implied warranty.
  23. *
  24. * OPENVISION DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE,
  25. * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO
  26. * EVENT SHALL OPENVISION BE LIABLE FOR ANY SPECIAL, INDIRECT OR
  27. * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF
  28. * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR
  29. * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
  30. * PERFORMANCE OF THIS SOFTWARE.
  31. */
  32. #include <linux/types.h>
  33. #include <linux/module.h>
  34. #include <linux/string.h>
  35. #include <linux/sunrpc/sched.h>
  36. #include <linux/sunrpc/gss_asn1.h>
  37. #if IS_ENABLED(CONFIG_SUNRPC_DEBUG)
  38. # define RPCDBG_FACILITY RPCDBG_AUTH
  39. #endif
  40. /* TWRITE_STR from gssapiP_generic.h */
  41. #define TWRITE_STR(ptr, str, len) \
  42. memcpy((ptr), (char *) (str), (len)); \
  43. (ptr) += (len);
  44. /* XXXX this code currently makes the assumption that a mech oid will
  45. never be longer than 127 bytes. This assumption is not inherent in
  46. the interfaces, so the code can be fixed if the OSI namespace
  47. balloons unexpectedly. */
  48. /* Each token looks like this:
  49. 0x60 tag for APPLICATION 0, SEQUENCE
  50. (constructed, definite-length)
  51. <length> possible multiple bytes, need to parse/generate
  52. 0x06 tag for OBJECT IDENTIFIER
  53. <moid_length> compile-time constant string (assume 1 byte)
  54. <moid_bytes> compile-time constant string
  55. <inner_bytes> the ANY containing the application token
  56. bytes 0,1 are the token type
  57. bytes 2,n are the token data
  58. For the purposes of this abstraction, the token "header" consists of
  59. the sequence tag and length octets, the mech OID DER encoding, and the
  60. first two inner bytes, which indicate the token type. The token
  61. "body" consists of everything else.
  62. */
  63. static int
  64. der_length_size( int length)
  65. {
  66. if (length < (1<<7))
  67. return 1;
  68. else if (length < (1<<8))
  69. return 2;
  70. #if (SIZEOF_INT == 2)
  71. else
  72. return 3;
  73. #else
  74. else if (length < (1<<16))
  75. return 3;
  76. else if (length < (1<<24))
  77. return 4;
  78. else
  79. return 5;
  80. #endif
  81. }
  82. static void
  83. der_write_length(unsigned char **buf, int length)
  84. {
  85. if (length < (1<<7)) {
  86. *(*buf)++ = (unsigned char) length;
  87. } else {
  88. *(*buf)++ = (unsigned char) (der_length_size(length)+127);
  89. #if (SIZEOF_INT > 2)
  90. if (length >= (1<<24))
  91. *(*buf)++ = (unsigned char) (length>>24);
  92. if (length >= (1<<16))
  93. *(*buf)++ = (unsigned char) ((length>>16)&0xff);
  94. #endif
  95. if (length >= (1<<8))
  96. *(*buf)++ = (unsigned char) ((length>>8)&0xff);
  97. *(*buf)++ = (unsigned char) (length&0xff);
  98. }
  99. }
  100. /* returns decoded length, or < 0 on failure. Advances buf and
  101. decrements bufsize */
  102. static int
  103. der_read_length(unsigned char **buf, int *bufsize)
  104. {
  105. unsigned char sf;
  106. int ret;
  107. if (*bufsize < 1)
  108. return -1;
  109. sf = *(*buf)++;
  110. (*bufsize)--;
  111. if (sf & 0x80) {
  112. if ((sf &= 0x7f) > ((*bufsize)-1))
  113. return -1;
  114. if (sf > SIZEOF_INT)
  115. return -1;
  116. ret = 0;
  117. for (; sf; sf--) {
  118. ret = (ret<<8) + (*(*buf)++);
  119. (*bufsize)--;
  120. }
  121. } else {
  122. ret = sf;
  123. }
  124. return ret;
  125. }
  126. /* returns the length of a token, given the mech oid and the body size */
  127. int
  128. g_token_size(struct xdr_netobj *mech, unsigned int body_size)
  129. {
  130. /* set body_size to sequence contents size */
  131. body_size += 2 + (int) mech->len; /* NEED overflow check */
  132. return 1 + der_length_size(body_size) + body_size;
  133. }
  134. EXPORT_SYMBOL_GPL(g_token_size);
  135. /* fills in a buffer with the token header. The buffer is assumed to
  136. be the right size. buf is advanced past the token header */
  137. void
  138. g_make_token_header(struct xdr_netobj *mech, int body_size, unsigned char **buf)
  139. {
  140. *(*buf)++ = 0x60;
  141. der_write_length(buf, 2 + mech->len + body_size);
  142. *(*buf)++ = 0x06;
  143. *(*buf)++ = (unsigned char) mech->len;
  144. TWRITE_STR(*buf, mech->data, ((int) mech->len));
  145. }
  146. EXPORT_SYMBOL_GPL(g_make_token_header);
  147. /*
  148. * Given a buffer containing a token, reads and verifies the token,
  149. * leaving buf advanced past the token header, and setting body_size
  150. * to the number of remaining bytes. Returns 0 on success,
  151. * G_BAD_TOK_HEADER for a variety of errors, and G_WRONG_MECH if the
  152. * mechanism in the token does not match the mech argument. buf and
  153. * *body_size are left unmodified on error.
  154. */
  155. u32
  156. g_verify_token_header(struct xdr_netobj *mech, int *body_size,
  157. unsigned char **buf_in, int toksize)
  158. {
  159. unsigned char *buf = *buf_in;
  160. int seqsize;
  161. struct xdr_netobj toid;
  162. int ret = 0;
  163. if ((toksize-=1) < 0)
  164. return G_BAD_TOK_HEADER;
  165. if (*buf++ != 0x60)
  166. return G_BAD_TOK_HEADER;
  167. if ((seqsize = der_read_length(&buf, &toksize)) < 0)
  168. return G_BAD_TOK_HEADER;
  169. if (seqsize != toksize)
  170. return G_BAD_TOK_HEADER;
  171. if ((toksize-=1) < 0)
  172. return G_BAD_TOK_HEADER;
  173. if (*buf++ != 0x06)
  174. return G_BAD_TOK_HEADER;
  175. if ((toksize-=1) < 0)
  176. return G_BAD_TOK_HEADER;
  177. toid.len = *buf++;
  178. if ((toksize-=toid.len) < 0)
  179. return G_BAD_TOK_HEADER;
  180. toid.data = buf;
  181. buf+=toid.len;
  182. if (! g_OID_equal(&toid, mech))
  183. ret = G_WRONG_MECH;
  184. /* G_WRONG_MECH is not returned immediately because it's more important
  185. to return G_BAD_TOK_HEADER if the token header is in fact bad */
  186. if ((toksize-=2) < 0)
  187. return G_BAD_TOK_HEADER;
  188. if (ret)
  189. return ret;
  190. if (!ret) {
  191. *buf_in = buf;
  192. *body_size = toksize;
  193. }
  194. return ret;
  195. }
  196. EXPORT_SYMBOL_GPL(g_verify_token_header);