Add GSSAPI IOV MIC functions

Add gss_get_mic_iov, gss_get_mic_iov_length, and gss_verify_mic_iov functions, which work similarly to the corresponding IOV wrap functions. Add a new buffer type GSS_IOV_BUFFER_TYPE_MIC_TOKEN for the destination buffer. Most of the internal code for this was already present, and just needed to be fixed up and adjusted to use the new buffer type for the MIC token. ticket: 7705 (new)
author: Greg Hudson <ghudson@mit.edu> 2013-09-07 21:13:48 -0400
committer: Greg Hudson <ghudson@mit.edu> 2013-09-18 18:22:16 -0400
commit: d750ef3130b76dd079e863ed395eb3620a37386b (patch)
tree: af9702fd08a842a14cf1caf0ac8609fda7021057 /src/lib/gssapi/mechglue
parent: 6d53a8bf53c7380598698c3df98c96ab26db63b0 (diff)
download: krb5-d750ef3130b76dd079e863ed395eb3620a37386b.tar.gz
krb5-d750ef3130b76dd079e863ed395eb3620a37386b.tar.xz
krb5-d750ef3130b76dd079e863ed395eb3620a37386b.zip
3 files changed, 103 insertions, 0 deletions
diff --git a/src/lib/gssapi/mechglue/g_unwrap_iov.c b/src/lib/gssapi/mechglue/g_unwrap_iov.c
index aad9c76958..9b95c0162c 100644
--- a/src/lib/gssapi/mechglue/g_unwrap_iov.c
+++ b/src/lib/gssapi/mechglue/g_unwrap_iov.c
@@ -111,3 +111,28 @@ int			iov_count;
 
     return (GSS_S_BAD_MECH);
 }
+
+OM_uint32 KRB5_CALLCONV
+gss_verify_mic_iov(OM_uint32 *minor_status, gss_ctx_id_t context_handle,
+		   gss_qop_t *qop_state, gss_iov_buffer_desc *iov,
+		   int iov_count)
+{
+    OM_uint32 status;
+    gss_union_ctx_id_t ctx;
+    gss_mechanism mech;
+
+    status = val_unwrap_iov_args(minor_status, context_handle, NULL,
+				 qop_state, iov, iov_count);
+    if (status != GSS_S_COMPLETE)
+	return status;
+
+    /* Select the approprate underlying mechanism routine and call it. */
+    ctx = (gss_union_ctx_id_t)context_handle;
+    mech = gssint_get_mechanism(ctx->mech_type);
+    if (mech == NULL)
+	return GSS_S_BAD_MECH;
+    if (mech->gss_verify_mic_iov == NULL)
+	return GSS_S_UNAVAILABLE;
+    return mech->gss_verify_mic_iov(minor_status, ctx->internal_ctx_id,
+				    qop_state, iov, iov_count);
+}
diff --git a/src/lib/gssapi/mechglue/g_wrap_iov.c b/src/lib/gssapi/mechglue/g_wrap_iov.c
index 9586c587e7..17a2537e0e 100644
--- a/src/lib/gssapi/mechglue/g_wrap_iov.c
+++ b/src/lib/gssapi/mechglue/g_wrap_iov.c
@@ -176,6 +176,55 @@ int			iov_count;
 }
 
 OM_uint32 KRB5_CALLCONV
+gss_get_mic_iov(OM_uint32 *minor_status, gss_ctx_id_t context_handle,
+		gss_qop_t qop_req, gss_iov_buffer_desc *iov, int iov_count)
+{
+    OM_uint32 status;
+    gss_union_ctx_id_t ctx;
+    gss_mechanism mech;
+
+    status = val_wrap_iov_args(minor_status, context_handle, 0, qop_req, NULL,
+			       iov, iov_count);
+    if (status != GSS_S_COMPLETE)
+	return status;
+
+    /* Select the approprate underlying mechanism routine and call it. */
+    ctx = (gss_union_ctx_id_t)context_handle;
+    mech = gssint_get_mechanism(ctx->mech_type);
+    if (mech == NULL)
+	return GSS_S_BAD_MECH;
+    if (mech->gss_get_mic_iov == NULL)
+	return GSS_S_UNAVAILABLE;
+    return mech->gss_get_mic_iov(minor_status, ctx->internal_ctx_id, qop_req,
+				 iov, iov_count);
+}
+
+OM_uint32 KRB5_CALLCONV
+gss_get_mic_iov_length(OM_uint32 *minor_status, gss_ctx_id_t context_handle,
+		       gss_qop_t qop_req, gss_iov_buffer_desc *iov,
+		       int iov_count)
+{
+    OM_uint32 status;
+    gss_union_ctx_id_t ctx;
+    gss_mechanism mech;
+
+    status = val_wrap_iov_args(minor_status, context_handle, 0, qop_req, NULL,
+			       iov, iov_count);
+    if (status != GSS_S_COMPLETE)
+	return status;
+
+    /* Select the approprate underlying mechanism routine and call it. */
+    ctx = (gss_union_ctx_id_t)context_handle;
+    mech = gssint_get_mechanism(ctx->mech_type);
+    if (mech == NULL)
+	return GSS_S_BAD_MECH;
+    if (mech->gss_get_mic_iov_length == NULL)
+	return GSS_S_UNAVAILABLE;
+    return mech->gss_get_mic_iov_length(minor_status, ctx->internal_ctx_id,
+					qop_req, iov, iov_count);
+}
+
+OM_uint32 KRB5_CALLCONV
 gss_release_iov_buffer (minor_status,
 			iov,
 			iov_count)
diff --git a/src/lib/gssapi/mechglue/mglueP.h b/src/lib/gssapi/mechglue/mglueP.h
index 9e02474a82..e56b9c1a58 100644
--- a/src/lib/gssapi/mechglue/mglueP.h
+++ b/src/lib/gssapi/mechglue/mglueP.h
@@ -674,6 +674,35 @@ typedef struct gss_config {
 	    gss_cred_id_t *		/* cred_handle */
 	/* */);
 
+	/* get_mic_iov extensions, added in 1.12 */
+
+	OM_uint32	(KRB5_CALLCONV *gss_get_mic_iov)
+	(
+	    OM_uint32 *,		/* minor_status */
+	    gss_ctx_id_t,		/* context_handle */
+	    gss_qop_t,			/* qop_req */
+	    gss_iov_buffer_desc *,	/* iov */
+	    int				/* iov_count */
+	);
+
+	OM_uint32	(KRB5_CALLCONV *gss_verify_mic_iov)
+	(
+	    OM_uint32 *,		/* minor_status */
+	    gss_ctx_id_t,		/* context_handle */
+	    gss_qop_t *,		/* qop_state */
+	    gss_iov_buffer_desc *,	/* iov */
+	    int				/* iov_count */
+	);
+
+	OM_uint32	(KRB5_CALLCONV *gss_get_mic_iov_length)
+	(
+	    OM_uint32 *,		/* minor_status */
+	    gss_ctx_id_t,		/* context_handle */
+	    gss_qop_t,			/* qop_req */
+	    gss_iov_buffer_desc *,	/* iov */
+	    int				/* iov_count */
+	);
+
 } *gss_mechanism;
 
 /*
author	Greg Hudson <ghudson@mit.edu>	2013-09-07 21:13:48 -0400
committer	Greg Hudson <ghudson@mit.edu>	2013-09-18 18:22:16 -0400
commit	d750ef3130b76dd079e863ed395eb3620a37386b (patch)
tree	af9702fd08a842a14cf1caf0ac8609fda7021057 /src/lib/gssapi/mechglue
parent	6d53a8bf53c7380598698c3df98c96ab26db63b0 (diff)
download	krb5-d750ef3130b76dd079e863ed395eb3620a37386b.tar.gz krb5-d750ef3130b76dd079e863ed395eb3620a37386b.tar.xz krb5-d750ef3130b76dd079e863ed395eb3620a37386b.zip