mirror of https://github.com/tongzx/nt5src
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1287 lines
35 KiB
1287 lines
35 KiB
//+---------------------------------------------------------------------------
|
|
//
|
|
// Microsoft Windows
|
|
// Copyright (C) Microsoft Corporation, 1992 - 1995.
|
|
//
|
|
// File: pct1pckl.c
|
|
//
|
|
// Contents:
|
|
//
|
|
// Classes:
|
|
//
|
|
// Functions:
|
|
//
|
|
// History:
|
|
//
|
|
//----------------------------------------------------------------------------
|
|
|
|
#include <spbase.h>
|
|
#include <pct1msg.h>
|
|
#include <pct1prot.h>
|
|
|
|
#define PCT_OFFSET_OF(t, v) ((DWORD)(ULONG_PTR)&(((t)NULL)->v))
|
|
|
|
#define SIZEOF(pMessage) (Pct1RecordSize((PPCT1_MESSAGE_HEADER) pMessage ) )
|
|
|
|
DWORD MapCipherToExternal(CipherSpec Internal, ExtCipherSpec UNALIGNED *External)
|
|
{
|
|
*External = htonl(Internal);
|
|
return TRUE;
|
|
}
|
|
|
|
DWORD MapHashToExternal(HashSpec Internal, ExtHashSpec UNALIGNED *External)
|
|
{
|
|
*External = htons((ExtHashSpec)Internal);
|
|
return TRUE;
|
|
}
|
|
|
|
DWORD MapCertToExternal(CertSpec Internal, ExtCertSpec UNALIGNED *External)
|
|
{
|
|
*External = htons((ExtCertSpec)Internal);
|
|
return TRUE;
|
|
}
|
|
|
|
DWORD MapExchToExternal(ExchSpec Internal, ExtExchSpec UNALIGNED *External)
|
|
{
|
|
*External = htons((ExtExchSpec)Internal);
|
|
return TRUE;
|
|
}
|
|
|
|
DWORD MapSigToExternal(SigSpec Internal, ExtSigSpec UNALIGNED *External)
|
|
{
|
|
*External = htons((ExtSigSpec)Internal);
|
|
return TRUE;
|
|
}
|
|
|
|
CipherSpec MapCipherFromExternal(ExtCipherSpec External)
|
|
{
|
|
return (CipherSpec)ntohl(External);
|
|
}
|
|
|
|
HashSpec MapHashFromExternal(ExtHashSpec External)
|
|
{
|
|
return (HashSpec)ntohs(External);
|
|
}
|
|
|
|
CertSpec MapCertFromExternal(ExtCertSpec External)
|
|
{
|
|
return (CertSpec)ntohs(External);
|
|
}
|
|
|
|
ExchSpec MapExchFromExternal(ExtExchSpec External)
|
|
{
|
|
return (ExchSpec)ntohs(External);
|
|
}
|
|
|
|
SigSpec MapSigFromExternal(ExtSigSpec External)
|
|
{
|
|
return (SigSpec)ntohs(External);
|
|
}
|
|
|
|
|
|
DWORD
|
|
Pct1RecordSize(
|
|
PPCT1_MESSAGE_HEADER pHeader)
|
|
{
|
|
DWORD Size;
|
|
|
|
if (pHeader->Byte0 & 0x80)
|
|
{
|
|
Size = COMBINEBYTES(pHeader->Byte0, pHeader->Byte1) & 0x7FFF;
|
|
}
|
|
else
|
|
{
|
|
Size = COMBINEBYTES(pHeader->Byte0, pHeader->Byte1) & 0x3FFF;
|
|
}
|
|
return(Size);
|
|
}
|
|
|
|
|
|
SP_STATUS
|
|
Pct1PackClientHello(
|
|
PPct1_Client_Hello pCanonical,
|
|
PSPBuffer pCommOutput)
|
|
{
|
|
DWORD cbMessage;
|
|
PPCT1_CLIENT_HELLO pMessage;
|
|
DWORD Size;
|
|
PUCHAR pBuffer;
|
|
DWORD i, iBuff;
|
|
|
|
SP_BEGIN("Pct1PackClientHello");
|
|
|
|
if(pCanonical == NULL || pCommOutput == NULL)
|
|
{
|
|
SP_RETURN(SP_LOG_RESULT(PCT_INT_INTERNAL_ERROR));
|
|
}
|
|
|
|
pCommOutput->cbData = 0;
|
|
|
|
if(pCanonical->cbSessionID != PCT_SESSION_ID_SIZE ||
|
|
pCanonical->cbChallenge != PCT_CHALLENGE_SIZE)
|
|
{
|
|
SP_RETURN(SP_LOG_RESULT(PCT_INT_INTERNAL_ERROR));
|
|
}
|
|
|
|
|
|
pCommOutput->cbData = PCT_OFFSET_OF(PPCT1_CLIENT_HELLO, VariantData) +
|
|
pCanonical->cCipherSpecs * sizeof(ExtCipherSpec) +
|
|
pCanonical->cHashSpecs * sizeof(ExtHashSpec) +
|
|
pCanonical->cCertSpecs * sizeof(ExtCertSpec) +
|
|
pCanonical->cExchSpecs * sizeof(ExtExchSpec) +
|
|
pCanonical->cbKeyArgSize;
|
|
|
|
|
|
cbMessage = pCommOutput->cbData - sizeof(PCT1_MESSAGE_HEADER);
|
|
if (cbMessage > PCT_MAX_SHAKE_LEN)
|
|
{
|
|
SP_RETURN(SP_LOG_RESULT(PCT_INT_DATA_OVERFLOW));
|
|
}
|
|
/* are we allocating our own memory? */
|
|
if(pCommOutput->pvBuffer == NULL)
|
|
{
|
|
pCommOutput->pvBuffer = SPExternalAlloc(pCommOutput->cbData);
|
|
if (NULL == pCommOutput->pvBuffer)
|
|
{
|
|
SP_RETURN(SP_LOG_RESULT(SEC_E_INSUFFICIENT_MEMORY));
|
|
}
|
|
|
|
pCommOutput->cbBuffer = pCommOutput->cbData;
|
|
}
|
|
|
|
if(pCommOutput->cbData > pCommOutput->cbBuffer)
|
|
{
|
|
// Required size returned in pCommOutput->cbData.
|
|
SP_RETURN(PCT_INT_BUFF_TOO_SMALL);
|
|
}
|
|
|
|
pMessage = pCommOutput->pvBuffer;
|
|
|
|
pMessage->MessageId = PCT1_MSG_CLIENT_HELLO;
|
|
|
|
pMessage->VersionMsb = MSBOF(PCT_VERSION_1);
|
|
pMessage->VersionLsb = LSBOF(PCT_VERSION_1);
|
|
|
|
pMessage->OffsetMsb = MSBOF(PCT_CH_OFFSET_V1);
|
|
pMessage->OffsetLsb = LSBOF(PCT_CH_OFFSET_V1);
|
|
|
|
pMessage->KeyArgLenMsb = MSBOF(pCanonical->cbKeyArgSize);
|
|
pMessage->KeyArgLenLsb = LSBOF(pCanonical->cbKeyArgSize);
|
|
|
|
CopyMemory( pMessage->SessionIdData,
|
|
pCanonical->SessionID,
|
|
pCanonical->cbSessionID);
|
|
|
|
CopyMemory( pMessage->ChallengeData,
|
|
pCanonical->Challenge,
|
|
pCanonical->cbChallenge);
|
|
|
|
pBuffer = pMessage->VariantData;
|
|
|
|
iBuff = 0;
|
|
for (i = 0; i < pCanonical->cCipherSpecs ; i++ )
|
|
{
|
|
if (MapCipherToExternal(pCanonical->pCipherSpecs[i],
|
|
&((ExtCipherSpec UNALIGNED *) pBuffer)[iBuff]) )
|
|
{
|
|
iBuff++;
|
|
}
|
|
}
|
|
Size = iBuff*sizeof(ExtCipherSpec);
|
|
|
|
pMessage->CipherSpecsLenMsb = MSBOF(Size);
|
|
pMessage->CipherSpecsLenLsb = LSBOF(Size);
|
|
pBuffer += Size;
|
|
|
|
cbMessage -= (pCanonical->cCipherSpecs - iBuff)*sizeof(ExtCipherSpec);
|
|
|
|
|
|
iBuff = 0;
|
|
for (i = 0; i < pCanonical->cHashSpecs ; i++ )
|
|
{
|
|
if (MapHashToExternal(pCanonical->pHashSpecs[i],
|
|
&((ExtHashSpec UNALIGNED *) pBuffer)[iBuff]) )
|
|
{
|
|
iBuff++;
|
|
}
|
|
}
|
|
Size = iBuff*sizeof(ExtHashSpec);
|
|
pBuffer += Size;
|
|
|
|
pMessage->HashSpecsLenMsb = MSBOF(Size);
|
|
pMessage->HashSpecsLenLsb = LSBOF(Size);
|
|
cbMessage -= (pCanonical->cHashSpecs - iBuff)*sizeof(ExtHashSpec);
|
|
|
|
|
|
iBuff = 0;
|
|
for (i = 0; i < pCanonical->cCertSpecs ; i++ )
|
|
{
|
|
if (MapCertToExternal(pCanonical->pCertSpecs[i],
|
|
&((ExtCertSpec UNALIGNED *) pBuffer)[iBuff]))
|
|
{
|
|
iBuff ++;
|
|
}
|
|
}
|
|
Size = iBuff*sizeof(ExtCertSpec);
|
|
pBuffer += Size;
|
|
|
|
pMessage->CertSpecsLenMsb = MSBOF(Size);
|
|
pMessage->CertSpecsLenLsb = LSBOF(Size);
|
|
cbMessage -= (pCanonical->cCertSpecs - iBuff)*sizeof(ExtCertSpec);
|
|
|
|
|
|
iBuff = 0;
|
|
for (i = 0; i < pCanonical->cExchSpecs ; i++ )
|
|
{
|
|
if (MapExchToExternal(pCanonical->pExchSpecs[i],
|
|
&((ExtExchSpec UNALIGNED *) pBuffer)[iBuff]) )
|
|
{
|
|
iBuff++;
|
|
}
|
|
}
|
|
Size = iBuff*sizeof(ExtExchSpec);
|
|
pBuffer += Size;
|
|
|
|
|
|
pMessage->ExchSpecsLenMsb = MSBOF(Size);
|
|
pMessage->ExchSpecsLenLsb = LSBOF(Size);
|
|
cbMessage -= (pCanonical->cExchSpecs - iBuff)*sizeof(ExtExchSpec);
|
|
|
|
if(pCanonical->pKeyArg)
|
|
{
|
|
CopyMemory(pBuffer, pCanonical->pKeyArg, pCanonical->cbKeyArgSize);
|
|
pBuffer += pCanonical->cbKeyArgSize;
|
|
}
|
|
|
|
pCommOutput->cbData = cbMessage + 2;
|
|
|
|
pMessage->Header.Byte0 = MSBOF(cbMessage) | 0x80;
|
|
pMessage->Header.Byte1 = LSBOF(cbMessage);
|
|
|
|
SP_RETURN(PCT_ERR_OK);
|
|
}
|
|
|
|
SP_STATUS
|
|
Pct1UnpackClientHello(
|
|
PSPBuffer pInput,
|
|
PPct1_Client_Hello * ppClient)
|
|
{
|
|
|
|
PPCT1_CLIENT_HELLO pMessage;
|
|
|
|
DWORD ReportedSize;
|
|
DWORD CipherSpecsSize, HashSpecsSize, CertSpecsSize;
|
|
DWORD ExchSpecsSize;
|
|
DWORD cCipherSpecs, cHashSpecs, cCertSpecs, cExchSpecs;
|
|
DWORD cOffsetBytes, KeyArgSize;
|
|
PPct1_Client_Hello pCanonical;
|
|
PUCHAR pBuffer;
|
|
DWORD i;
|
|
|
|
SP_BEGIN("Pct1UnpackClientHello");
|
|
|
|
if(pInput == NULL ||
|
|
ppClient == NULL ||
|
|
pInput->pvBuffer == NULL)
|
|
{
|
|
SP_RETURN(PCT_INT_INTERNAL_ERROR);
|
|
}
|
|
|
|
pMessage = pInput->pvBuffer;
|
|
|
|
if(pInput->cbData < 2)
|
|
{
|
|
pInput->cbData = 2;
|
|
SP_RETURN(PCT_INT_INCOMPLETE_MSG);
|
|
}
|
|
|
|
ReportedSize = SIZEOF(pMessage);
|
|
|
|
if ((ReportedSize+2) > pInput->cbData)
|
|
{
|
|
pInput->cbData = ReportedSize+2;
|
|
SP_RETURN(PCT_INT_INCOMPLETE_MSG);
|
|
}
|
|
|
|
if(ReportedSize < PCT_OFFSET_OF(PPCT1_CLIENT_HELLO, VariantData))
|
|
{
|
|
SP_RETURN(SP_LOG_RESULT(PCT_ERR_ILLEGAL_MESSAGE));
|
|
}
|
|
|
|
if(ReportedSize > PCT_MAX_SHAKE_LEN)
|
|
{
|
|
SP_RETURN(SP_LOG_RESULT(PCT_ERR_ILLEGAL_MESSAGE));
|
|
}
|
|
|
|
if ((pMessage->VersionMsb & 0x80) == 0)
|
|
{
|
|
SP_RETURN (PCT_ERR_SSL_STYLE_MSG);
|
|
}
|
|
|
|
/* We don't recognize hello messages of less version than ourselves,
|
|
* those will be handled by a previous version of the code */
|
|
if ((pMessage->MessageId != PCT1_MSG_CLIENT_HELLO) ||
|
|
((pMessage->VersionMsb << 8 | pMessage->VersionLsb) < PCT_VERSION_1))
|
|
{
|
|
SP_RETURN(SP_LOG_RESULT(PCT_ERR_ILLEGAL_MESSAGE));
|
|
}
|
|
|
|
cOffsetBytes = COMBINEBYTES( pMessage->OffsetMsb,
|
|
pMessage->OffsetLsb );
|
|
|
|
if(cOffsetBytes < PCT_CH_OFFSET_V1)
|
|
{
|
|
SP_RETURN(SP_LOG_RESULT(PCT_ERR_ILLEGAL_MESSAGE));
|
|
}
|
|
|
|
*ppClient = NULL;
|
|
|
|
CipherSpecsSize = COMBINEBYTES( pMessage->CipherSpecsLenMsb,
|
|
pMessage->CipherSpecsLenLsb );
|
|
|
|
HashSpecsSize = COMBINEBYTES( pMessage->HashSpecsLenMsb,
|
|
pMessage->HashSpecsLenLsb );
|
|
|
|
CertSpecsSize = COMBINEBYTES( pMessage->CertSpecsLenMsb,
|
|
pMessage->CertSpecsLenLsb );
|
|
|
|
ExchSpecsSize = COMBINEBYTES( pMessage->ExchSpecsLenMsb,
|
|
pMessage->ExchSpecsLenLsb );
|
|
|
|
KeyArgSize = COMBINEBYTES( pMessage->KeyArgLenMsb,
|
|
pMessage->KeyArgLenLsb );
|
|
|
|
/* check that this all fits into the message */
|
|
if (PCT_OFFSET_OF(PPCT1_CLIENT_HELLO, VariantData)
|
|
- sizeof(PCT1_MESSAGE_HEADER) /* don't count the header */
|
|
+ cOffsetBytes - PCT_CH_OFFSET_V1
|
|
+ CipherSpecsSize
|
|
+ HashSpecsSize
|
|
+ CertSpecsSize
|
|
+ ExchSpecsSize
|
|
+ KeyArgSize != ReportedSize)
|
|
{
|
|
SP_RETURN(SP_LOG_RESULT(PCT_ERR_ILLEGAL_MESSAGE));
|
|
}
|
|
|
|
cCipherSpecs = CipherSpecsSize / sizeof(ExtCipherSpec);
|
|
cHashSpecs = HashSpecsSize / sizeof(ExtHashSpec);
|
|
cExchSpecs = ExchSpecsSize / sizeof(ExtExchSpec);
|
|
cCertSpecs = CertSpecsSize / sizeof(ExtCertSpec);
|
|
|
|
if(KeyArgSize > SP_MAX_KEY_ARGS)
|
|
{
|
|
SP_RETURN(SP_LOG_RESULT(PCT_ERR_ILLEGAL_MESSAGE));
|
|
}
|
|
|
|
|
|
/* Allocate a buffer for the canonical client hello */
|
|
pCanonical = (PPct1_Client_Hello)SPExternalAlloc(
|
|
sizeof(Pct1_Client_Hello) +
|
|
cCipherSpecs * sizeof(CipherSpec) +
|
|
cHashSpecs * sizeof(HashSpec) +
|
|
cCertSpecs * sizeof(CertSpec) +
|
|
cExchSpecs * sizeof(ExchSpec) +
|
|
KeyArgSize);
|
|
|
|
if (!pCanonical)
|
|
{
|
|
SP_RETURN(SP_LOG_RESULT(SEC_E_INSUFFICIENT_MEMORY));
|
|
}
|
|
|
|
pCanonical->cbKeyArgSize = KeyArgSize;
|
|
|
|
pCanonical->pCipherSpecs = (PCipherSpec) (pCanonical + 1);
|
|
pCanonical->pHashSpecs = (PHashSpec) (pCanonical->pCipherSpecs +
|
|
cCipherSpecs);
|
|
pCanonical->pCertSpecs = (PCertSpec) (pCanonical->pHashSpecs +
|
|
cHashSpecs);
|
|
pCanonical->pExchSpecs = (PExchSpec) (pCanonical->pCertSpecs +
|
|
cCertSpecs);
|
|
|
|
pCanonical->pKeyArg = (PUCHAR)(pCanonical->pExchSpecs + cExchSpecs);
|
|
|
|
CopyMemory( pCanonical->SessionID,
|
|
pMessage->SessionIdData,
|
|
PCT_SESSION_ID_SIZE);
|
|
pCanonical->cbSessionID = PCT_SESSION_ID_SIZE;
|
|
|
|
CopyMemory( pCanonical->Challenge,
|
|
pMessage->ChallengeData,
|
|
PCT_CHALLENGE_SIZE );
|
|
pCanonical->cbChallenge = PCT_CHALLENGE_SIZE;
|
|
|
|
|
|
pBuffer = &pMessage->OffsetLsb + 1 + cOffsetBytes;
|
|
|
|
pCanonical->cCipherSpecs = cCipherSpecs;
|
|
|
|
for (i = 0 ; i < cCipherSpecs ; i++ )
|
|
{
|
|
pCanonical->pCipherSpecs[i] = MapCipherFromExternal(*(ExtCipherSpec UNALIGNED *)
|
|
pBuffer);
|
|
|
|
pBuffer += sizeof(ExtCipherSpec);
|
|
}
|
|
|
|
pCanonical->cHashSpecs = cHashSpecs;
|
|
|
|
for (i = 0 ; i < cHashSpecs ; i++ )
|
|
{
|
|
pCanonical->pHashSpecs[i] = MapHashFromExternal(*(ExtHashSpec UNALIGNED *)
|
|
pBuffer);
|
|
|
|
pBuffer += sizeof(ExtHashSpec);
|
|
}
|
|
|
|
pCanonical->cCertSpecs = cCertSpecs;
|
|
|
|
for (i = 0 ; i < cCertSpecs ; i++ )
|
|
{
|
|
pCanonical->pCertSpecs[i] = MapCertFromExternal(*(ExtCertSpec UNALIGNED *)
|
|
pBuffer);
|
|
|
|
pBuffer += sizeof(ExtCertSpec);
|
|
}
|
|
|
|
pCanonical->cExchSpecs = cExchSpecs;
|
|
|
|
for (i = 0 ; i < cExchSpecs ; i++ )
|
|
{
|
|
pCanonical->pExchSpecs[i] = MapExchFromExternal(*(ExtExchSpec UNALIGNED *)
|
|
pBuffer);
|
|
|
|
pBuffer += sizeof(ExtExchSpec);
|
|
}
|
|
|
|
|
|
CopyMemory(pCanonical->pKeyArg, pBuffer, KeyArgSize);
|
|
|
|
*ppClient = pCanonical;
|
|
pInput->cbData = ReportedSize + sizeof(PCT1_MESSAGE_HEADER);
|
|
|
|
SP_RETURN(PCT_ERR_OK);
|
|
}
|
|
|
|
SP_STATUS
|
|
Pct1PackServerHello(
|
|
PPct1_Server_Hello pCanonical,
|
|
PSPBuffer pCommOutput)
|
|
{
|
|
DWORD cbMessage;
|
|
PPCT1_SERVER_HELLO pMessage;
|
|
DWORD Size;
|
|
PUCHAR pBuffer;
|
|
DWORD i, iBuff;
|
|
|
|
|
|
SP_BEGIN("Pct1PackServerHello");
|
|
|
|
if(pCanonical == NULL || pCommOutput == NULL)
|
|
{
|
|
SP_RETURN(SP_LOG_RESULT(PCT_INT_INTERNAL_ERROR));
|
|
}
|
|
|
|
pCommOutput->cbData = 0;
|
|
if(pCanonical->cbConnectionID != PCT_SESSION_ID_SIZE)
|
|
{
|
|
SP_RETURN(SP_LOG_RESULT(PCT_INT_INTERNAL_ERROR));
|
|
}
|
|
|
|
cbMessage = pCanonical->CertificateLen +
|
|
pCanonical->cCertSpecs * sizeof(ExtCertSpec) +
|
|
pCanonical->cSigSpecs * sizeof(ExtSigSpec) +
|
|
pCanonical->ResponseLen +
|
|
PCT_OFFSET_OF(PPCT1_SERVER_HELLO, VariantData) -
|
|
sizeof(PCT1_MESSAGE_HEADER);
|
|
|
|
if (cbMessage > PCT_MAX_SHAKE_LEN)
|
|
{
|
|
SP_RETURN(SP_LOG_RESULT(PCT_INT_DATA_OVERFLOW));
|
|
}
|
|
|
|
pCommOutput->cbData = cbMessage + 2;
|
|
|
|
/* are we allocating our own memory? */
|
|
if(pCommOutput->pvBuffer == NULL)
|
|
{
|
|
pCommOutput->pvBuffer = SPExternalAlloc(pCommOutput->cbData);
|
|
if (NULL == pCommOutput->pvBuffer)
|
|
{
|
|
SP_RETURN(SP_LOG_RESULT(SEC_E_INSUFFICIENT_MEMORY));
|
|
}
|
|
|
|
pCommOutput->cbBuffer = pCommOutput->cbData;
|
|
}
|
|
|
|
if(pCommOutput->cbData > pCommOutput->cbBuffer)
|
|
{
|
|
// Required size returned in pCommOutput->cbData.
|
|
SP_RETURN(PCT_INT_BUFF_TOO_SMALL);
|
|
}
|
|
|
|
pMessage = pCommOutput->pvBuffer;
|
|
|
|
|
|
pMessage->MessageId = PCT1_MSG_SERVER_HELLO;
|
|
pMessage->ServerVersionMsb = MSBOF(PCT_VERSION_1);
|
|
pMessage->ServerVersionLsb = LSBOF(PCT_VERSION_1);
|
|
pMessage->RestartSessionOK = (UCHAR) pCanonical->RestartOk;
|
|
pMessage->ClientAuthReq = (UCHAR)pCanonical->ClientAuthReq;
|
|
|
|
MapCipherToExternal(pCanonical->SrvCipherSpec, &pMessage->CipherSpecData);
|
|
MapHashToExternal(pCanonical->SrvHashSpec, &pMessage->HashSpecData);
|
|
MapCertToExternal(pCanonical->SrvCertSpec, &pMessage->CertSpecData);
|
|
MapExchToExternal(pCanonical->SrvExchSpec, &pMessage->ExchSpecData);
|
|
|
|
CopyMemory(pMessage->ConnectionIdData, pCanonical->ConnectionID,
|
|
pCanonical->cbConnectionID);
|
|
|
|
pBuffer = pMessage->VariantData;
|
|
|
|
|
|
/* Pack certificate if present */
|
|
|
|
|
|
pMessage->CertificateLenMsb = MSBOF(pCanonical->CertificateLen);
|
|
pMessage->CertificateLenLsb = LSBOF(pCanonical->CertificateLen);
|
|
|
|
if (pCanonical->CertificateLen)
|
|
{
|
|
CopyMemory( pBuffer,
|
|
pCanonical->pCertificate,
|
|
pCanonical->CertificateLen);
|
|
|
|
pBuffer += pCanonical->CertificateLen ;
|
|
}
|
|
|
|
iBuff = 0;
|
|
for (i = 0; i < pCanonical->cCertSpecs ; i++ )
|
|
{
|
|
if (MapCertToExternal(pCanonical->pClientCertSpecs[i],
|
|
&((ExtCertSpec UNALIGNED *) pBuffer)[iBuff]))
|
|
{
|
|
iBuff ++;
|
|
}
|
|
}
|
|
Size = iBuff*sizeof(ExtCertSpec);
|
|
pBuffer += Size;
|
|
|
|
pMessage->CertSpecsLenMsb = MSBOF(Size);
|
|
pMessage->CertSpecsLenLsb = LSBOF(Size);
|
|
cbMessage -= (pCanonical->cCertSpecs - iBuff)*sizeof(ExtCertSpec);
|
|
|
|
iBuff = 0;
|
|
for (i = 0; i < pCanonical->cSigSpecs ; i++ )
|
|
{
|
|
if (MapSigToExternal(pCanonical->pClientSigSpecs[i],
|
|
&((ExtSigSpec UNALIGNED *) pBuffer)[iBuff]) )
|
|
{
|
|
iBuff++;
|
|
}
|
|
}
|
|
Size = iBuff*sizeof(ExtSigSpec);
|
|
pBuffer += Size;
|
|
|
|
pMessage->ClientSigSpecsLenMsb = MSBOF(Size);
|
|
pMessage->ClientSigSpecsLenLsb = LSBOF(Size);
|
|
cbMessage -= (pCanonical->cSigSpecs - iBuff)*sizeof(ExtSigSpec);
|
|
|
|
pMessage->ResponseLenMsb = MSBOF(pCanonical->ResponseLen);
|
|
pMessage->ResponseLenLsb = LSBOF(pCanonical->ResponseLen);
|
|
|
|
CopyMemory( pBuffer,
|
|
pCanonical->Response,
|
|
pCanonical->ResponseLen);
|
|
|
|
pBuffer += pCanonical->ResponseLen;
|
|
|
|
pCommOutput->cbData = cbMessage + 2;
|
|
|
|
pMessage->Header.Byte0 = MSBOF(cbMessage) | 0x80;
|
|
pMessage->Header.Byte1 = LSBOF(cbMessage);
|
|
|
|
|
|
SP_RETURN(PCT_ERR_OK);
|
|
|
|
}
|
|
|
|
SP_STATUS
|
|
Pct1UnpackServerHello(
|
|
PSPBuffer pInput,
|
|
PPct1_Server_Hello * ppServer)
|
|
{
|
|
PPct1_Server_Hello pCanonical;
|
|
PPCT1_SERVER_HELLO pMessage;
|
|
PUCHAR pBuffer;
|
|
DWORD cbCertificate, cbResponse;
|
|
DWORD cCertSpecs, cSigSpecs;
|
|
DWORD i;
|
|
DWORD ReportedSize;
|
|
|
|
SP_BEGIN("Pct1UnpackServerHello");
|
|
|
|
if(pInput == NULL ||
|
|
ppServer == NULL ||
|
|
pInput->pvBuffer == NULL)
|
|
{
|
|
SP_RETURN(PCT_INT_INTERNAL_ERROR);
|
|
}
|
|
|
|
pMessage = pInput->pvBuffer;
|
|
|
|
if(pInput->cbData < 2)
|
|
{
|
|
pInput->cbData = 2;
|
|
SP_RETURN(PCT_INT_INCOMPLETE_MSG);
|
|
}
|
|
|
|
ReportedSize = SIZEOF(pMessage);
|
|
if(ReportedSize > PCT_MAX_SHAKE_LEN)
|
|
{
|
|
SP_RETURN(SP_LOG_RESULT(PCT_ERR_ILLEGAL_MESSAGE));
|
|
}
|
|
|
|
if ((ReportedSize+2) > pInput->cbData)
|
|
{
|
|
pInput->cbData = ReportedSize+2;
|
|
SP_RETURN(PCT_INT_INCOMPLETE_MSG);
|
|
}
|
|
|
|
if(ReportedSize < PCT_OFFSET_OF(PPCT1_SERVER_HELLO, VariantData) )
|
|
{
|
|
SP_RETURN(SP_LOG_RESULT(PCT_ERR_ILLEGAL_MESSAGE));
|
|
}
|
|
|
|
/* Verify Header: */
|
|
|
|
/* we don't handle server hello messages of latter version than ourselves,
|
|
* those will be handled by latter verisions of the protocol */
|
|
if ((pMessage->MessageId != PCT1_MSG_SERVER_HELLO) ||
|
|
((pMessage->ServerVersionMsb << 8 | pMessage->ServerVersionLsb) != PCT_VERSION_1))
|
|
{
|
|
SP_RETURN(SP_LOG_RESULT(PCT_ERR_ILLEGAL_MESSAGE));
|
|
}
|
|
|
|
*ppServer = NULL;
|
|
|
|
cbCertificate = COMBINEBYTES(pMessage->CertificateLenMsb,
|
|
pMessage->CertificateLenLsb);
|
|
|
|
cCertSpecs = COMBINEBYTES(pMessage->CertSpecsLenMsb,
|
|
pMessage->CertSpecsLenLsb);
|
|
|
|
cCertSpecs /= sizeof(ExtCertSpec);
|
|
|
|
|
|
cSigSpecs = COMBINEBYTES(pMessage->ClientSigSpecsLenMsb,
|
|
pMessage->ClientSigSpecsLenLsb);
|
|
|
|
cSigSpecs /= sizeof(ExtSigSpec);
|
|
|
|
cbResponse = COMBINEBYTES(pMessage->ResponseLenMsb,
|
|
pMessage->ResponseLenLsb);
|
|
|
|
if(cbResponse > PCT1_RESPONSE_SIZE)
|
|
{
|
|
SP_RETURN(SP_LOG_RESULT(PCT_ERR_ILLEGAL_MESSAGE));
|
|
}
|
|
|
|
/* check that this all fits into the message */
|
|
if (PCT_OFFSET_OF(PPCT1_SERVER_HELLO, VariantData)
|
|
- sizeof(PCT1_MESSAGE_HEADER) /* don't count the header */
|
|
+ cbCertificate
|
|
+ cCertSpecs*sizeof(ExtCertSpec)
|
|
+ cSigSpecs*sizeof(ExtSigSpec)
|
|
+ cbResponse != ReportedSize)
|
|
{
|
|
SP_RETURN(SP_LOG_RESULT(PCT_ERR_ILLEGAL_MESSAGE));
|
|
}
|
|
|
|
pCanonical = (PPct1_Server_Hello)SPExternalAlloc(
|
|
sizeof(Pct1_Server_Hello) +
|
|
cCertSpecs * sizeof(CertSpec) +
|
|
cSigSpecs * sizeof(SigSpec) +
|
|
cbCertificate);
|
|
|
|
if (!pCanonical)
|
|
{
|
|
SP_RETURN(SP_LOG_RESULT(SEC_E_INSUFFICIENT_MEMORY));
|
|
}
|
|
|
|
|
|
/* Set up pointers to be in this memory allocation. */
|
|
|
|
|
|
pCanonical->pClientCertSpecs = (PCertSpec) (pCanonical + 1);
|
|
pCanonical->pClientSigSpecs = (PSigSpec)(pCanonical->pClientCertSpecs +
|
|
cCertSpecs);
|
|
|
|
pCanonical->pCertificate = (PUCHAR) (pCanonical->pClientSigSpecs +
|
|
cSigSpecs);
|
|
|
|
/* Expand out: */
|
|
|
|
pCanonical->RestartOk = (DWORD) pMessage->RestartSessionOK;
|
|
pCanonical->ClientAuthReq = (DWORD)pMessage->ClientAuthReq;
|
|
pCanonical->SrvCertSpec = MapCertFromExternal(pMessage->CertSpecData);
|
|
pCanonical->SrvCipherSpec =MapCipherFromExternal(pMessage->CipherSpecData);
|
|
pCanonical->SrvHashSpec = MapHashFromExternal(pMessage->HashSpecData);
|
|
pCanonical->SrvExchSpec = MapExchFromExternal(pMessage->ExchSpecData);
|
|
pCanonical->CertificateLen = cbCertificate;
|
|
pCanonical->ResponseLen = cbResponse;
|
|
pCanonical->cCertSpecs = cCertSpecs;
|
|
pCanonical->cSigSpecs = cSigSpecs;
|
|
|
|
CopyMemory(pCanonical->ConnectionID,
|
|
pMessage->ConnectionIdData,
|
|
PCT_SESSION_ID_SIZE);
|
|
|
|
pCanonical->cbConnectionID= PCT_SESSION_ID_SIZE;
|
|
|
|
pBuffer = pMessage->VariantData;
|
|
|
|
CopyMemory(pCanonical->pCertificate, pBuffer, cbCertificate);
|
|
pBuffer += cbCertificate;
|
|
|
|
for (i = 0 ; i < cCertSpecs ; i++ )
|
|
{
|
|
pCanonical->pClientCertSpecs[i] = MapCertFromExternal(
|
|
*(ExtCertSpec UNALIGNED *)pBuffer);
|
|
pBuffer += sizeof(ExtCertSpec);
|
|
}
|
|
|
|
for (i = 0 ; i < cSigSpecs ; i++ )
|
|
{
|
|
pCanonical->pClientSigSpecs[i] = MapSigFromExternal(
|
|
*(ExtSigSpec UNALIGNED *)pBuffer);
|
|
pBuffer += sizeof(ExtSigSpec);
|
|
}
|
|
|
|
CopyMemory(pCanonical->Response, pBuffer, cbResponse);
|
|
|
|
|
|
*ppServer = pCanonical;
|
|
pInput->cbData = ReportedSize + sizeof(PCT1_MESSAGE_HEADER);
|
|
|
|
SP_RETURN(PCT_ERR_OK);
|
|
|
|
}
|
|
|
|
SP_STATUS
|
|
Pct1PackClientMasterKey(
|
|
PPct1_Client_Master_Key pCanonical,
|
|
PSPBuffer pCommOutput)
|
|
{
|
|
DWORD cbMessage;
|
|
PPCT1_CLIENT_MASTER_KEY pMessage;
|
|
PUCHAR pBuffer;
|
|
|
|
SP_BEGIN("Pct1PackClientMasterKey");
|
|
|
|
if(pCanonical == NULL || pCommOutput == NULL)
|
|
{
|
|
SP_RETURN(SP_LOG_RESULT(PCT_INT_INTERNAL_ERROR));
|
|
}
|
|
|
|
pCommOutput->cbData = 0;
|
|
|
|
cbMessage = pCanonical->ClearKeyLen +
|
|
pCanonical->EncryptedKeyLen +
|
|
pCanonical->KeyArgLen +
|
|
pCanonical->VerifyPreludeLen +
|
|
pCanonical->ClientCertLen +
|
|
pCanonical->ResponseLen +
|
|
PCT_OFFSET_OF(PPCT1_CLIENT_MASTER_KEY, VariantData) -
|
|
sizeof(PCT1_MESSAGE_HEADER);
|
|
|
|
if (cbMessage > PCT_MAX_SHAKE_LEN)
|
|
{
|
|
SP_RETURN(SP_LOG_RESULT(PCT_INT_DATA_OVERFLOW));
|
|
}
|
|
|
|
pCommOutput->cbData = cbMessage + 2;
|
|
|
|
/* are we allocating our own memory? */
|
|
if(pCommOutput->pvBuffer == NULL)
|
|
{
|
|
pCommOutput->pvBuffer = SPExternalAlloc(pCommOutput->cbData);
|
|
if (NULL == pCommOutput->pvBuffer)
|
|
{
|
|
SP_RETURN(SP_LOG_RESULT(SEC_E_INSUFFICIENT_MEMORY));
|
|
}
|
|
|
|
pCommOutput->cbBuffer = pCommOutput->cbData;
|
|
}
|
|
|
|
|
|
if(pCommOutput->cbData > pCommOutput->cbBuffer)
|
|
{
|
|
// Required size returned in pCommOutput->cbData.
|
|
SP_RETURN(PCT_INT_BUFF_TOO_SMALL);
|
|
}
|
|
|
|
pMessage = pCommOutput->pvBuffer;
|
|
|
|
|
|
|
|
|
|
pBuffer = pMessage->VariantData;
|
|
|
|
pMessage->Header.Byte0 = MSBOF(cbMessage) | 0x80;
|
|
pMessage->Header.Byte1 = LSBOF(cbMessage);
|
|
|
|
pMessage->MessageId = PCT1_MSG_CLIENT_MASTER_KEY;
|
|
|
|
pMessage->ClearKeyLenMsb = MSBOF(pCanonical->ClearKeyLen);
|
|
pMessage->ClearKeyLenLsb = LSBOF(pCanonical->ClearKeyLen);
|
|
|
|
MapSigToExternal(pCanonical->ClientSigSpec, &pMessage->ClientSigSpecData);
|
|
MapCertToExternal(pCanonical->ClientCertSpec, &pMessage->ClientCertSpecData);
|
|
|
|
CopyMemory(pBuffer, pCanonical->ClearKey, pCanonical->ClearKeyLen);
|
|
|
|
pBuffer += pCanonical->ClearKeyLen;
|
|
|
|
pMessage->EncryptedKeyLenMsb = MSBOF(pCanonical->EncryptedKeyLen);
|
|
pMessage->EncryptedKeyLenLsb = LSBOF(pCanonical->EncryptedKeyLen);
|
|
|
|
CopyMemory(pBuffer, pCanonical->pbEncryptedKey, pCanonical->EncryptedKeyLen);
|
|
pBuffer += pCanonical->EncryptedKeyLen;
|
|
|
|
pMessage->KeyArgLenMsb = MSBOF(pCanonical->KeyArgLen);
|
|
pMessage->KeyArgLenLsb = LSBOF(pCanonical->KeyArgLen);
|
|
|
|
CopyMemory(pBuffer, pCanonical->KeyArg, pCanonical->KeyArgLen);
|
|
pBuffer += pCanonical->KeyArgLen;
|
|
|
|
pMessage->VerifyPreludeLenMsb = MSBOF(pCanonical->VerifyPreludeLen);
|
|
pMessage->VerifyPreludeLenLsb = LSBOF(pCanonical->VerifyPreludeLen);
|
|
|
|
CopyMemory(pBuffer, pCanonical->VerifyPrelude,
|
|
pCanonical->VerifyPreludeLen);
|
|
pBuffer += pCanonical->VerifyPreludeLen;
|
|
|
|
pMessage->ClientCertLenMsb = MSBOF(pCanonical->ClientCertLen);
|
|
pMessage->ClientCertLenLsb = LSBOF(pCanonical->ClientCertLen);
|
|
|
|
CopyMemory(pBuffer, pCanonical->pClientCert, pCanonical->ClientCertLen);
|
|
pBuffer += pCanonical->ClientCertLen;
|
|
|
|
pMessage->ResponseLenMsb = MSBOF(pCanonical->ResponseLen);
|
|
pMessage->ResponseLenLsb = LSBOF(pCanonical->ResponseLen);
|
|
|
|
CopyMemory(pBuffer, pCanonical->pbResponse, pCanonical->ResponseLen);
|
|
|
|
|
|
SP_RETURN(PCT_ERR_OK);
|
|
|
|
}
|
|
|
|
SP_STATUS
|
|
Pct1UnpackClientMasterKey(
|
|
PSPBuffer pInput,
|
|
PPct1_Client_Master_Key * ppClient)
|
|
{
|
|
PPct1_Client_Master_Key pCanonical;
|
|
|
|
PUCHAR pBuffer;
|
|
DWORD ReportedSize;
|
|
PPCT1_CLIENT_MASTER_KEY pMessage;
|
|
DWORD cbClearKey, cbEncryptedKey, cbKeyArg, cbVerifyPrelude, cbClientCert, cbResponse;
|
|
|
|
SP_BEGIN("Pct1UnpackClientMasterKey");
|
|
|
|
if(pInput == NULL ||
|
|
ppClient == NULL ||
|
|
pInput->pvBuffer == NULL)
|
|
{
|
|
SP_RETURN(PCT_INT_INTERNAL_ERROR);
|
|
}
|
|
|
|
pMessage = pInput->pvBuffer;
|
|
|
|
if(pInput->cbData < 2)
|
|
{
|
|
pInput->cbData = 2;
|
|
SP_RETURN(PCT_INT_INCOMPLETE_MSG);
|
|
}
|
|
|
|
ReportedSize = SIZEOF(pMessage);
|
|
if(ReportedSize > PCT_MAX_SHAKE_LEN)
|
|
{
|
|
SP_RETURN(SP_LOG_RESULT(PCT_ERR_ILLEGAL_MESSAGE));
|
|
}
|
|
|
|
if ((ReportedSize+2) > pInput->cbData)
|
|
{
|
|
pInput->cbData = ReportedSize+2;
|
|
SP_RETURN(PCT_INT_INCOMPLETE_MSG);
|
|
}
|
|
|
|
if(ReportedSize < PCT_OFFSET_OF(PPCT1_CLIENT_MASTER_KEY, VariantData))
|
|
{
|
|
SP_RETURN(SP_LOG_RESULT(PCT_ERR_ILLEGAL_MESSAGE));
|
|
}
|
|
|
|
/* Verify Header: */
|
|
|
|
|
|
if (pMessage->MessageId != PCT1_MSG_CLIENT_MASTER_KEY )
|
|
{
|
|
SP_RETURN(SP_LOG_RESULT(PCT_ERR_ILLEGAL_MESSAGE));
|
|
}
|
|
cbClearKey = COMBINEBYTES( pMessage->ClearKeyLenMsb,
|
|
pMessage->ClearKeyLenLsb );
|
|
|
|
cbEncryptedKey = COMBINEBYTES( pMessage->EncryptedKeyLenMsb,
|
|
pMessage->EncryptedKeyLenLsb );
|
|
|
|
cbKeyArg = COMBINEBYTES( pMessage->KeyArgLenMsb,
|
|
pMessage->KeyArgLenLsb );
|
|
|
|
cbVerifyPrelude = COMBINEBYTES( pMessage->VerifyPreludeLenMsb,
|
|
pMessage->VerifyPreludeLenLsb );
|
|
|
|
cbClientCert = COMBINEBYTES( pMessage->ClientCertLenMsb,
|
|
pMessage->ClientCertLenLsb );
|
|
|
|
cbResponse = COMBINEBYTES( pMessage->ResponseLenMsb,
|
|
pMessage->ResponseLenLsb );
|
|
|
|
/* defensive checks..... */
|
|
|
|
if ((cbClearKey > SP_MAX_MASTER_KEY) ||
|
|
(cbKeyArg > PCT1_MAX_KEY_ARGS) ||
|
|
(cbVerifyPrelude > RESPONSE_SIZE))
|
|
{
|
|
SP_RETURN(SP_LOG_RESULT(PCT_ERR_ILLEGAL_MESSAGE));
|
|
}
|
|
|
|
|
|
if ((PCT_OFFSET_OF(PPCT1_CLIENT_MASTER_KEY, VariantData) -
|
|
sizeof(PCT1_MESSAGE_HEADER) +
|
|
cbClearKey +
|
|
cbEncryptedKey +
|
|
cbKeyArg +
|
|
cbVerifyPrelude +
|
|
cbClientCert +
|
|
cbResponse) !=
|
|
ReportedSize)
|
|
{
|
|
SP_RETURN(SP_LOG_RESULT(PCT_ERR_ILLEGAL_MESSAGE));
|
|
}
|
|
|
|
|
|
*ppClient = NULL;
|
|
|
|
|
|
pCanonical = (PPct1_Client_Master_Key)SPExternalAlloc(
|
|
sizeof(Pct1_Client_Master_Key) +
|
|
cbClientCert +
|
|
cbEncryptedKey +
|
|
cbResponse);
|
|
|
|
if (!pCanonical)
|
|
{
|
|
SP_RETURN(SP_LOG_RESULT(SEC_E_INSUFFICIENT_MEMORY));
|
|
|
|
}
|
|
|
|
pCanonical->ClearKeyLen = cbClearKey;
|
|
|
|
pCanonical->EncryptedKeyLen = cbEncryptedKey;
|
|
|
|
pCanonical->KeyArgLen = cbKeyArg;
|
|
|
|
pCanonical->VerifyPreludeLen = cbVerifyPrelude;
|
|
pCanonical->ClientCertLen = cbClientCert;
|
|
|
|
pCanonical->ResponseLen = cbResponse;
|
|
/* defensive checks..... */
|
|
|
|
|
|
pCanonical->ClientCertSpec = MapCertFromExternal(pMessage->ClientCertSpecData);
|
|
|
|
pCanonical->pClientCert = (PUCHAR)(pCanonical+1);
|
|
|
|
pCanonical->ClientSigSpec = MapSigFromExternal(pMessage->ClientSigSpecData);
|
|
/* ok, we're pretty sure we aren't going to fault. */
|
|
|
|
pBuffer = pMessage->VariantData;
|
|
|
|
CopyMemory(pCanonical->ClearKey, pBuffer, pCanonical->ClearKeyLen );
|
|
|
|
pBuffer += pCanonical->ClearKeyLen;
|
|
|
|
pCanonical->pbEncryptedKey = pCanonical->pClientCert + cbClientCert;
|
|
CopyMemory(pCanonical->pbEncryptedKey, pBuffer, pCanonical->EncryptedKeyLen);
|
|
|
|
pBuffer += pCanonical->EncryptedKeyLen;
|
|
|
|
CopyMemory( pCanonical->KeyArg, pBuffer, pCanonical->KeyArgLen );
|
|
|
|
pBuffer += pCanonical->KeyArgLen;
|
|
|
|
CopyMemory( pCanonical->VerifyPrelude, pBuffer,
|
|
pCanonical->VerifyPreludeLen );
|
|
|
|
pBuffer += pCanonical->VerifyPreludeLen;
|
|
|
|
CopyMemory( pCanonical->pClientCert, pBuffer, pCanonical->ClientCertLen );
|
|
|
|
pBuffer += pCanonical->ClientCertLen;
|
|
|
|
pCanonical->pbResponse = pCanonical->pbEncryptedKey + cbEncryptedKey;
|
|
CopyMemory( pCanonical->pbResponse, pBuffer, pCanonical->ResponseLen );
|
|
|
|
*ppClient = pCanonical;
|
|
pInput->cbData = ReportedSize + sizeof(PCT1_MESSAGE_HEADER);
|
|
SP_RETURN( PCT_ERR_OK );
|
|
}
|
|
|
|
|
|
SP_STATUS
|
|
Pct1PackServerVerify(
|
|
PPct1_Server_Verify pCanonical,
|
|
PSPBuffer pCommOutput)
|
|
{
|
|
DWORD cbMessage;
|
|
PPCT1_SERVER_VERIFY pMessage;
|
|
PUCHAR pBuffer;
|
|
|
|
|
|
SP_BEGIN("Pct1PackServerVerify");
|
|
|
|
if(pCanonical == NULL || pCommOutput == NULL)
|
|
{
|
|
SP_RETURN(SP_LOG_RESULT(PCT_INT_INTERNAL_ERROR));
|
|
}
|
|
|
|
pCommOutput->cbData = 0;
|
|
|
|
cbMessage = pCanonical->ResponseLen +
|
|
PCT_OFFSET_OF(PPCT1_SERVER_VERIFY, VariantData) -
|
|
sizeof(PCT1_MESSAGE_HEADER);
|
|
|
|
if (cbMessage > PCT_MAX_SHAKE_LEN)
|
|
{
|
|
SP_RETURN(PCT_INT_DATA_OVERFLOW);
|
|
}
|
|
|
|
pCommOutput->cbData = cbMessage + 2;
|
|
|
|
/* are we allocating our own memory? */
|
|
if(pCommOutput->pvBuffer == NULL)
|
|
{
|
|
pCommOutput->pvBuffer = SPExternalAlloc(pCommOutput->cbData);
|
|
if (NULL == pCommOutput->pvBuffer)
|
|
{
|
|
SP_RETURN(SP_LOG_RESULT(SEC_E_INSUFFICIENT_MEMORY));
|
|
}
|
|
pCommOutput->cbBuffer = pCommOutput->cbData;
|
|
}
|
|
|
|
|
|
if(pCommOutput->cbData > pCommOutput->cbBuffer)
|
|
{
|
|
// Required size returned in pCommOutput->cbData.
|
|
SP_RETURN(PCT_INT_BUFF_TOO_SMALL);
|
|
}
|
|
|
|
pMessage = pCommOutput->pvBuffer;
|
|
|
|
pMessage->MessageId = PCT1_MSG_SERVER_VERIFY;
|
|
|
|
pMessage->Header.Byte0 = MSBOF(cbMessage) | 0x80;
|
|
pMessage->Header.Byte1 = LSBOF(cbMessage);
|
|
|
|
CopyMemory(pMessage->SessionIdData, pCanonical->SessionIdData,
|
|
PCT_SESSION_ID_SIZE);
|
|
|
|
pBuffer = pMessage->VariantData;
|
|
|
|
|
|
/* Pack certificate if present */
|
|
|
|
|
|
pMessage->ResponseLenMsb = MSBOF(pCanonical->ResponseLen);
|
|
pMessage->ResponseLenLsb = LSBOF(pCanonical->ResponseLen);
|
|
|
|
if (pCanonical->ResponseLen)
|
|
{
|
|
CopyMemory( pBuffer,
|
|
pCanonical->Response,
|
|
pCanonical->ResponseLen);
|
|
}
|
|
|
|
SP_RETURN( PCT_ERR_OK );
|
|
|
|
}
|
|
|
|
SP_STATUS
|
|
Pct1UnpackServerVerify(
|
|
PSPBuffer pInput,
|
|
PPct1_Server_Verify * ppServer)
|
|
{
|
|
PPct1_Server_Verify pCanonical;
|
|
PPCT1_SERVER_VERIFY pMessage;
|
|
PUCHAR pBuffer;
|
|
DWORD cbResponse;
|
|
DWORD ReportedSize;
|
|
|
|
SP_BEGIN("Pct1UnpackServerVerify");
|
|
|
|
if(pInput == NULL ||
|
|
ppServer == NULL ||
|
|
pInput->pvBuffer == NULL)
|
|
{
|
|
SP_RETURN(PCT_INT_INTERNAL_ERROR);
|
|
}
|
|
|
|
pMessage = pInput->pvBuffer;
|
|
|
|
if(pInput->cbData < 2)
|
|
{
|
|
pInput->cbData = 2;
|
|
SP_RETURN(PCT_INT_INCOMPLETE_MSG);
|
|
}
|
|
|
|
ReportedSize = SIZEOF(pMessage);
|
|
if(ReportedSize > PCT_MAX_SHAKE_LEN)
|
|
{
|
|
SP_RETURN(SP_LOG_RESULT(PCT_ERR_ILLEGAL_MESSAGE));
|
|
}
|
|
|
|
if ((ReportedSize+2) > pInput->cbData)
|
|
{
|
|
pInput->cbData = ReportedSize+2;
|
|
SP_RETURN(PCT_INT_INCOMPLETE_MSG);
|
|
}
|
|
|
|
if(ReportedSize < PCT_OFFSET_OF(PPCT1_SERVER_VERIFY, VariantData))
|
|
{
|
|
SP_RETURN(SP_LOG_RESULT(PCT_ERR_ILLEGAL_MESSAGE));
|
|
}
|
|
|
|
/* Verify Header: */
|
|
|
|
|
|
if (pMessage->MessageId != PCT1_MSG_SERVER_VERIFY )
|
|
{
|
|
SP_RETURN(SP_LOG_RESULT(PCT_ERR_ILLEGAL_MESSAGE));
|
|
}
|
|
|
|
|
|
*ppServer = NULL;
|
|
|
|
/* Verify Header: */
|
|
|
|
|
|
cbResponse = COMBINEBYTES(pMessage->ResponseLenMsb,
|
|
pMessage->ResponseLenLsb);
|
|
|
|
if (cbResponse > PCT_SESSION_ID_SIZE)
|
|
{
|
|
SP_RETURN(SP_LOG_RESULT(PCT_ERR_ILLEGAL_MESSAGE));
|
|
}
|
|
|
|
if ((PCT_OFFSET_OF(PPCT1_SERVER_VERIFY, VariantData) -
|
|
sizeof(PCT1_MESSAGE_HEADER) +
|
|
cbResponse ) !=
|
|
ReportedSize)
|
|
{
|
|
SP_RETURN(SP_LOG_RESULT(PCT_ERR_ILLEGAL_MESSAGE));
|
|
}
|
|
|
|
pCanonical = (PPct1_Server_Verify)SPExternalAlloc( sizeof(Pct1_Server_Verify));
|
|
|
|
if (!pCanonical)
|
|
{
|
|
SP_RETURN(SP_LOG_RESULT(SEC_E_INSUFFICIENT_MEMORY));
|
|
}
|
|
|
|
|
|
/* Expand out: */
|
|
|
|
|
|
pCanonical->ResponseLen = cbResponse;
|
|
|
|
CopyMemory((PUCHAR)pCanonical->SessionIdData, pMessage->SessionIdData,
|
|
PCT_SESSION_ID_SIZE);
|
|
|
|
pBuffer = pMessage->VariantData;
|
|
|
|
CopyMemory(pCanonical->Response, pBuffer, cbResponse);
|
|
|
|
*ppServer = pCanonical;
|
|
pInput->cbData = ReportedSize + sizeof(PCT1_MESSAGE_HEADER);
|
|
SP_RETURN(PCT_ERR_OK);
|
|
}
|
|
|
|
|
|
SP_STATUS
|
|
Pct1PackError(
|
|
PPct1_Error pCanonical,
|
|
PSPBuffer pCommOutput)
|
|
{
|
|
DWORD cbMessage;
|
|
PPCT1_ERROR pMessage;
|
|
|
|
|
|
SP_BEGIN("Pct1PackError");
|
|
|
|
if(pCanonical == NULL || pCommOutput == NULL)
|
|
{
|
|
SP_RETURN(SP_LOG_RESULT(PCT_INT_INTERNAL_ERROR));
|
|
}
|
|
pCommOutput->cbData = 0;
|
|
|
|
cbMessage = pCanonical->ErrInfoLen +
|
|
PCT_OFFSET_OF(PPCT1_ERROR, VariantData) -
|
|
sizeof(PCT1_MESSAGE_HEADER);
|
|
|
|
if (cbMessage > PCT_MAX_SHAKE_LEN)
|
|
{
|
|
SP_RETURN(SP_LOG_RESULT(PCT_INT_DATA_OVERFLOW));
|
|
}
|
|
|
|
pCommOutput->cbData = cbMessage+2;
|
|
|
|
/* are we allocating our own memory? */
|
|
if(pCommOutput->pvBuffer == NULL)
|
|
{
|
|
pCommOutput->pvBuffer = SPExternalAlloc(pCommOutput->cbData);
|
|
if (NULL == pCommOutput->pvBuffer)
|
|
{
|
|
SP_RETURN(SP_LOG_RESULT(SEC_E_INSUFFICIENT_MEMORY));
|
|
}
|
|
pCommOutput->cbBuffer = pCommOutput->cbData;
|
|
}
|
|
|
|
|
|
if(pCommOutput->cbData > pCommOutput->cbBuffer)
|
|
{
|
|
// Required size returned in pCommOutput->cbData.
|
|
SP_RETURN(PCT_INT_BUFF_TOO_SMALL);
|
|
}
|
|
|
|
pMessage = pCommOutput->pvBuffer;
|
|
|
|
pMessage->Header.Byte0 = MSBOF(cbMessage) | 0x80;
|
|
pMessage->Header.Byte1 = LSBOF(cbMessage);
|
|
|
|
pMessage->MessageId = PCT1_MSG_ERROR;
|
|
|
|
pMessage->ErrorMsb = MSBOF(pCanonical->Error);
|
|
pMessage->ErrorLsb = LSBOF(pCanonical->Error);
|
|
|
|
pMessage->ErrorInfoMsb = MSBOF(pCanonical->ErrInfoLen);
|
|
pMessage->ErrorInfoLsb = LSBOF(pCanonical->ErrInfoLen);
|
|
|
|
if(pCanonical->ErrInfoLen) {
|
|
CopyMemory(pMessage->VariantData, pCanonical->ErrInfo, pCanonical->ErrInfoLen);
|
|
}
|
|
|
|
SP_RETURN( PCT_ERR_OK );
|
|
}
|